CEH Exam practice questions module 1 ALL SOLUTION 2023/24 LATEST UPDATE GUARANTEED GRADE A+

A security team is implementing various security controls across the organization. After several configurations and applications, a final agreed-on set of security controls are put into place; However, not all risks are mitigated by the controls. of the following, which is the next best step?: Continue applying controls until all risk is eliminated, Ignore any remaining risk as "best effort controlled," Ensure that any remaining risk is residual or low and accept the risk. Remove all controls. Ensure that any remaining risk is residual or low and accept the risk. A Certified Ethical Hacker (CEH) follows a specific methodology for testing a system. Which step comes after footprinting in the CEH methodology? Scanning, Enumeration, Reconnaissance, Application attack. Reconnaissance Which of the following best describes a newly discovered flaw in a software application? Zero-day Which type of security control is met by encryption? Preventative You've been hired as part of pen test team. During the brief, you learn the client wants the pen test attack to simulate a normal user who finds ways to elevate privileges and create attacks. Which test type does the client want? A gray Box Which of the following is defined as ensuring the enforcement of organizational security policy does not rely on voluntary user compliance by assigning sensitivity labels on information and comparing this to the level of security a user is operating at? Mandatory Access Control You begin your first pen test assignment by checking out IP address ranges owned by the target as well as details of their domain name registration. Additionally, you visit job boards and financial websites to gather any technical information online. What activity are you performing? Passive footprinting Of the following choices, which best defines a formal written document defining what employees are allowed to use organization systems for, what is not allowed, and what the repercussions are for breaking the rules? Information security policy (ISP) An ethical hacker is given no prior knowledge of the network and has a specific framework in which to work. The agreement specifies boundaries, nondisclosure agreements, and a completion date definition. Which of the following is true? A white hat is attempting a black-box test Which of the following is a detective control? Audit trail As part of a pen test on a U.S. government system, you discover files containing Social Security numbers and other sensitive personally identifiable information (PII) information. You are asked about controls placed on the dissemination of this information. Which of the following acts should you check? Privacy Act Joe is performing an audit to validate the effectiveness of the organization's security policies. During his tests, he discovers that a user has a dial-out modem installed on a PC. Which security policy should be checked to see whether modems are allowed? Remote access policy A hacker is attempting to gain access to target inside a business. After trying several methods, he gets frustrated and starts a denial-of-service attack against a server attached to the target. Which security control is the hacker affecting? Availability In which phase of the ethical hacking methodology would a hacker discover available targets on a network? Scanning and Enumeration Which of the following are potential drawbacks to a black-box test? The client does not get a focused picture of an internal attacker dedicated on their systems. This test takes the longest amount of time to complete. Which of the following best defines a logical or technical control? Security Tokens Which of the following would not be considered passive reconnaissance? Ping Sweeping a range of IP addresses found through a DNS lookup. As part of the preparation phase for a pen test you are participating in, the client relays their intent to discover security flaws and possible remediation. They seem particularly concerned about external threats and do not mention internal threats at all. When defining scope, the threat of internal users is not added as part of the test. Which test is this client ignoring? gray box In which phase of the attack would a hacker set up and configure "zombie" machines? Maintaining Access Which of the following best describes an ethical hacker? An ethical Hacker never proceeds with an audit or test without written permission. Which of the following describes activities taken in the conclusion phase of a penetration test? Reports are prepared detailing security deficiencies. Which of the following should a security professional use as a possible means to verify the integrity of a data message from sender to receiver? Hash Algorithm You are examining security logs snapshotted during a prior attack against the target. The target's IP address is 135.17.22.15, and the attack originated from 216.88.76.5. Which of the following correctly characterizes this attack? Outside attack A machine in your environment uses an open X-server to allow remote access. The X-Server access control is disabled, allowing connections from almost anywhere and with little to no authentication measures. Which of the following are true statements regarding this situation? An external threat can take advantage of the misconfigured X-Server vulnerability. An internal threat can take advantage of the misconfigured X-Server vulnerability. While performing a pen test, you find success in exploiting a machine. Your attack vector took advantage of a common mistake-the Windows 7 installer script used to load the machine left the administrative account with a default password. Which attack did you successfully execute? Operating system A pen test team member sends an email to an address that she knows is not valid inside an organization. Which of the following is the best explanation for why she took this action? To possibly gather information about internal hosts used in the organization's email system. From the partial e-mail header provided, which of the following represents the true originator of the email message? Return-path: Delivery-date: Wed, 13 Apr 2011 00:31:13 +0200 Received: from mail running ExIM with esmtp id xxxxxx-xxxxxx-xxx; Wed, 13 Apr 2011 01:39:23 +0200 217.88.53.154 You are looking for file with the terms CEH and V8 in their titles. Which Google hack is the appropriate one? allintitle:CEH V7 You've just kicked off a penetration test against a target organization and have decided to perform a little passive foot printing. One of the first sites you visit is a a job board, where the company has listed various openings. What is the primary useful foot printing information to be gained through this particular search? Insight into the operating systems, hardware, and applications in use Which of the following activities is not considered passive foot printing Calling the company's help desk line Examine the following command sequence C: nslookup Default Server: Address: 188.87.99.6 set type=HINFO someserver Server: Address: 188.87.100.5 S CPU=Intel Quad Chip OS=Linux 2.8 The operator is enumerating a system named some server You are foot printing information for a pen test. Social engineering is part of your reconnaissance efforts, and some of it will be active in nature. You take steps to ensure that is the social engineering efforts are discovered at this early stage, any trace efforts point to another organization. Which of the following terms best describes what you are participating in? Pseudonymous footprinting You are setting up DNS for your enterprise. Server A is both a web server and an FTP server. You want to advertise both services for this machine as name references your customers can use. Which DNS record type would you use to accomplish this? CNAME A company has a publicly facing web application. Its internal intranet-facing servers are separated and protected by a firewall. Which of the following choices would be helpful in protecting against unwanted enumeration? Ensuring there are no A records for internal hosts on the public facing name server. Within the DNS system a primary server (SOA) holds and maintains all records for the zone. Secondary servers will periodically ask the primary if there have been any updates, and if updates have occurred, they will ask for a zone transfer CONTINUED..