CEH

xxxvi Answers to Assessment Test

Answers to Assessment Test

1. A. A vulnerability assessment is focused on uncovering vulnerabilities or weaknesses in an
   environment but by definition does not exploit those vulnerabilities.


2. D. Mantraps are phonebooth-sized devices designed to prevent activities such as piggy-
   backing and tailgating.


3. A. Public-key infrastructure (PKI) is a system designed to control the distribution of keys
   and management of digital certificates.


4. B. Wi-Fi Protected Access (WPA) is designed to protect wireless transmissions.


5. A. White-box testing is done with full knowledge of the target environment. Black-box
   testing is done with very little or no information. Gray Box is performed with limited infor-
   mation somewhere between Black and White.


6. B. Layer 2 Tunneling Protocol (L2TP) is a VPN technology used to establish secure connec-
   tions over an insecure medium such as the Internet.


7. A. Demilitarized zone (DMZ) structures act as a buffer zone between the Internet and an
   intranet, establishing a protected barrier. DMZs also allow for the placement of publicly
   accessible resources such as web servers in a semi-secure area.


8. D. The escrow key is a key held by a third party used to perform cryptographic operations.


9. D. Syn floods are a form of denial of service (DoS). Attacks of this type are designed to
   overwhelm a resource for a period of time.


10. B. Sensors can be placed in different locations around a network with the intention of col-
    lecting information and returning it to a central location for analysis and viewing.


11. A. Hardening is designed to remove nonessential services, applications, and other items
    from a system with the intent of making it fit a specific role as well as reducing its attack
    surface.


12. A. Integrity ensures that information is kept reliable and accurate as well as allowing a
    party to examine the information to be able to detect a change.


13. D. The Online Certificate Status Protocol (OCSP) is a protocol used to allow immediate
    verification of certificates’ validity as opposed to the older certificate revocation list (CRL)
    method, which allows for lags in detection.


14. B. A switch allows for the creation of VLANs.


15. A. The file itself is a Microsoft Word file and as such can have VBA macros embedded into
    it that can be used to deliver macro viruses.


16. B. A network intrusion prevention system (NIPS) is similar to an intrusion detection sys-
    tem, but it adds the ability to react to attacks that it detects.

flast.indd 36 22-07-2014 11:36:27