CEH Final Exam Review Test.
1. You are reviewing source code for any buffer overflow Change
extractedDataL-
vulnerabilities. The following C++ source code handles ength >
65536
data extracted from a compressed file:
if (extractedDataLength < 65536) {//Break
down data into multiple chunks}else {//Handle
data in one large chunk}
The data should be broken down into multiple
chunks only when the buffer of 65,536
characters is reached or exceeded. How should
you modify the condition in the first line of the
code?
2. You have recently discovered that an attacker used the Firewa
evasion
tcp-over-dns tool on your company's
network. What is this tool meant to
accomplish in an attack?
3. You need to exchange confidential 5. You need to
information with a trusted partner. The create a NOP
partner indicates to you that he will issue slide using
certificates. These certificates are signed by the the
same entity that verifies the certificate's Metasploit
identity. Which term is used for the type of Framework.
certificate issued by the partner? Which
module
4. What item is contained in the digital should you
certificate that enables the receiver of the use?
certificate to send an en- crypted email to
the sender?
1/
5
, CEH Final Exam Review Test.
Self-signed certificates
Public key
x86/opty2
6. You have decided to implement both client and server Man-in-the-
middle at-
PKI certificates to be used by all systems when
authen- tacks ticating to the corporate web site.
What type of attack can this help prevent?
2/
5
1. You are reviewing source code for any buffer overflow Change
extractedDataL-
vulnerabilities. The following C++ source code handles ength >
65536
data extracted from a compressed file:
if (extractedDataLength < 65536) {//Break
down data into multiple chunks}else {//Handle
data in one large chunk}
The data should be broken down into multiple
chunks only when the buffer of 65,536
characters is reached or exceeded. How should
you modify the condition in the first line of the
code?
2. You have recently discovered that an attacker used the Firewa
evasion
tcp-over-dns tool on your company's
network. What is this tool meant to
accomplish in an attack?
3. You need to exchange confidential 5. You need to
information with a trusted partner. The create a NOP
partner indicates to you that he will issue slide using
certificates. These certificates are signed by the the
same entity that verifies the certificate's Metasploit
identity. Which term is used for the type of Framework.
certificate issued by the partner? Which
module
4. What item is contained in the digital should you
certificate that enables the receiver of the use?
certificate to send an en- crypted email to
the sender?
1/
5
, CEH Final Exam Review Test.
Self-signed certificates
Public key
x86/opty2
6. You have decided to implement both client and server Man-in-the-
middle at-
PKI certificates to be used by all systems when
authen- tacks ticating to the corporate web site.
What type of attack can this help prevent?
2/
5
