What would be the purpose of running "wget 192.168.0.15 -q -S" against a web server?
Correct Answer: B
The command in question: wget 192.168.0.15 -q -S wget is a command-line utility used to retrieve files via HTTP, HTTPS, or FTP. -q (quiet mode): Suppresses output, except for errors. -S: Displays the server response headers (even in quiet mode). In this case, wget is being used to connect to the specified web server (192.168.0.15) and retrieve the HTTP response headers - such as the Server field (e.g., Apache, Nginx), HTTP status codes, and other metadata. This is a classic example of banner grabbing - the process of capturing metadata (often from headers) to identify the software, version, or configuration of a service. Incorrect Options: A). Content enumeration would require directory brute-forcing tools like DirBuster or Gobuster. C). DoS attacks require high volumes of traffic or specially crafted packets; wget with a single request does not perform flooding. D). Downloading full site contents would involve options like -r (recursive) or --mirror, which are not used in this command. Reference - CEH v13 Official Courseware: Module 03: Scanning Networks Section: "Banner Grabbing" Tool Reference: wget, netcat, telnet, curl for banner enumeration
312-50v13 Exam Question 57
Which of the following is a passive wireless packet analyzer that works on Linux-based systems?
Correct Answer: D
In CEH v13 Module 11: Hacking Wireless Networks, Kismet is introduced as a passive wireless sniffer and network detector used primarily on Linux systems. Kismet passively listens for wireless beacons and data frames. Can detect hidden SSIDs, rogue APs, and even wireless client behaviors. Does not transmit any packets, making it stealthy and ideal for wireless reconnaissance. Option Analysis: A). Burp Suite: Used for web application testing, not wireless. B). OpenVAS: Vulnerability scanner, not a packet sniffer. C). tshark: CLI version of Wireshark, can analyze wired and wireless packets, but not wireless-specific or passive by default. D). Kismet: Correct wireless packet analyzer for Linux. Reference: Module 11 - Wireless Tools for Reconnaissance CEH iLabs: Wireless Packet Capturing Using Kismet
312-50v13 Exam Question 58
Geena, a cloud architect, uses a master component in the Kubernetes cluster architecture that scans newly generated pods and allocates a node to them. This component can also assign nodes based on factors such as the overall resource requirement, data locality, software/hardware/policy restrictions, and internal workload interventions. Which of the following master components is explained in the above scenario?
Correct Answer: B
In CEH v13 Module 16: Cloud Computing and Container Security, Kubernetes components are explained for understanding container orchestration risks. Kube-scheduler is the master node component responsible for: Assigning newly created pods to available nodes. Evaluating each pod's resource requirements. Considering node affinity/anti-affinity, data locality, hardware restrictions, etc. Ensuring workload balancing across nodes. Other Options: A). Kube-controller-manager: Manages control loops for replication and status. C). Kube-apiserver: Acts as the entry point for all REST commands. D). Etcd: A key-value store used to save configuration data. Reference: Module 16 - Kubernetes Architecture and Security Risks CEH eBook: Kubernetes Scheduler Role in Pod Lifecycle
312-50v13 Exam Question 59
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
Correct Answer: C
Hashing algorithms are specifically designed to ensure data integrity. A hash function takes an input and returns a fixed-length string, called a hash or message digest. Even a small change in the input results in a completely different hash, making it useful for detecting tampering. Common hashing algorithms include: MD5 (now obsolete for secure uses) SHA-1, SHA-2, SHA-3 HMAC (Hashed Message Authentication Code) From CEH v13 Courseware: Module 20: Cryptography Topic: Hash Functions and Data Integrity CEH v13 Study Guide states: "Hashing algorithms provide integrity by generating a unique digital fingerprint of data. Any alteration in the message content will result in a different hash value, indicating that the integrity has been compromised." Incorrect Options: A: Symmetric algorithms provide confidentiality. B: Asymmetric algorithms provide confidentiality and authentication. D: "Integrity algorithms" is not a formal cryptographic term. Reference:CEH v13 Study Guide - Module 20: Cryptographic Hash FunctionsNIST FIPS 180-4 - Secure Hash Standard (SHS)
312-50v13 Exam Question 60
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this process, he used a short-range communication protocol based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer data infrequently at a low rate in a restricted area, within a range of 10-100 m. What is the short-range wireless communication technology George employed in the above scenario?
Correct Answer: C
Zigbee could be a wireless technology developed as associate open international normal to deal with the unique desires of affordable, low-power wireless IoT networks. The Zigbee normal operates on the IEEE 802.15.4 physical radio specification and operates in unauthorised bands as well as a pair of.4 GHz, 900 MHz and 868 MHz. The 802.15.4 specification upon that the Zigbee stack operates gained confirmation by the Institute of Electrical and physical science Engineers (IEEE) in 2003. The specification could be a packet-based radio protocol supposed for affordable, battery-operated devices. The protocol permits devices to speak in an exceedingly kind of network topologies and may have battery life lasting many years. The Zigbee three.0 Protocol The Zigbee protocol has been created and ratified by member corporations of the Zigbee Alliance.Over three hundred leading semiconductor makers, technology corporations, OEMs and repair corporations comprise the Zigbee Alliance membership. The Zigbee protocol was designed to supply associate easy-to-use wireless information answer characterised by secure, reliable wireless network architectures. THE ZIGBEE ADVANTAGE The Zigbee 3.0 protocol is intended to speak information through rip-roaring RF environments that area unit common in business and industrial applications. Version 3.0 builds on the prevailing Zigbee normal however unifies the market-specific application profiles to permit all devices to be wirelessly connected within the same network, no matter their market designation and performance. what is more, a Zigbee 3.0 certification theme ensures the ability of product from completely different makers. Connecting Zigbee three.0 networks to the information science domain unveil observance and management from devices like smartphones and tablets on a local area network or WAN, as well as the web, and brings verity net of Things to fruition. Zigbee protocol options include: Support for multiple network topologies like point-to-point, point-to-multipoint and mesh networks Low duty cycle - provides long battery life Low latency Direct Sequence unfold Spectrum (DSSS) Up to 65,000 nodes per network 128-bit AES encryption for secure information connections Collision avoidance, retries and acknowledgements This is another short-range communication protocol based on the IEEE 203.15.4 standard. Zig-Bee is used in devices that transfer data infrequently at a low rate in a restricted area and within a range of 10-100 m.
