Our Blog

CEHv11

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee click on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario?

March 17, 2021 Posted by gayatriv 0
session ID
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID link the target employee to Boney ‘s account page without disclosing any information to the victim. When the target employee click on the link, all
Tags: , , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob’s boss is very worried because of regulations that protect those data. Which of the following regulations is mostly violated?

March 16, 2021 Posted by gayatriv 0
medical
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob’s boss is very worried because of regulations that protect those data. Which of the following regulations is mostly violated? Option 1: ISO 2002 Option 2 : HIPPA/PHI Option 3 : PII Option 4
Tags: , , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

What piece of hardware on a computer’s motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

March 16, 2021 Posted by gayatriv 0
hardware
What piece of hardware on a computer’s motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible? Option 1: CPU Option 2 : UEFI Option 3: GPU Option 4 : TPM 1. CPU The pc’s central process unit (CPU) is that the portion of a computer that retrieves and executes instructions. … The cpu is usually simply mentioned as
Tags: , , , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web application. Which of the following SQLi types leverages a database server’s ability to make DNS requests to pass data to an attacker?

March 16, 2021 Posted by gayatriv 0
SQL
SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web application. Which of the following SQLi types leverages a database server’s ability to make DNS requests to pass data to an attacker? Option 1 : Union-based SQLi Option 2 : In-band SQLi Option 3 : Out-of-band SQLi Option 4 : Time-based blind SQLi 1. Union-based SQLi Union
Tags: , , , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson’s machine. What is the social engineering technique Steve employed in the above scenario?

March 15, 2021 Posted by gayatriv 1
contact
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and
Tags: , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary in the above scenario.

March 15, 2021 Posted by gayatriv 0
domains
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary in the above scenario. Option 1 : Use of DNS tunneling Option 2 : Unspecified proxy activities Option 3 : Use of command-line interface Option 4 : Data staging 1. Use of DNS tunneling DNS tunneling enables these cyber criminals to insert malware or
Tags: , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe?

March 13, 2021 Posted by gayatriv 0
web-server
In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe? Option 1 : Banner grabbing Option 2 : Brute forcing Option 3 : WHOIS lookup Option 4 : Dictionary attack 1. Banner grabbing Banner grabbing is a technique wont to
Tags: , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols founds on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevent tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

March 13, 2021 Posted by gayatriv 0
vulnerability assessment
An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols founds on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevent tests. What is the type of vulnerability assessment solution
Tags: , , , , , , , , , , , , , , , , , , , ,
Read More
CEHv11

Wilson, a professional hacker, targets an organization for financial benefits and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to track the emails of the target and extracts information such as sender identities, mail servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API. Which of the following tools is used by Wilson in the above scenario?

March 11, 2021 Posted by gayatriv 0
Wilson, a professional hacker, targets an organization for financial benefits and plans to compromise its systems by sending malicious email. For this purpose, he uses a tool to track the email of the target and extracts information such as sender identities, email servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API. Which of the following tools is used by Wilson
Tags: , , , , , , , , , , , ,
Read More
CEHv11

Gerard, a did gruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attack and bring down its reputation in the market . To launch the attack process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attack. What is the tool employed by Gerard in the above scenario?

March 11, 2021 Posted by gayatriv 0
domain
Gerard, a did gruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attack and bring down its reputation in the market . To launch the attack process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network
Tags: , , , , , , , , , , , , , , , , , , , ,
Read More

Leave a Comment