Exam (elaborations)
CEH V12 Questions and Answers 2024
- Course
- Institution
CEH V12 Questions and Answers
[Show more]
Content preview
CEH V12 Questions and AnswersAttacker uses various IDS evasion techniques to bypass intrusion detection
mechanisms. At the same time, IDS is configured to detect possible violations of the
security policy, including unauthorized access and misuse. Which of the following
evasion method depend on the Time-to-Live (TTL) fields of a TCP/IP ? - Answer -
Insertion Attack
Which of the following is an encryption technique where data is encrypted by a
sequence of photons that have a spinning trait while traveling from one end to another?
- Answer -Quantum cryptography
Determine the attack by the description:
Determine the attack by the description: The known-plaintext attack used against DES.
This attack causes that encrypting plaintext with one DES key followed by encrypting it
with a second DES key is no more secure than using a single key.
- - Answer -Meet in the middle Attack
The evil hacker Antonio is trying to attack the IoT device. He will use several fake
identities to create a strong illusion of traffic congestion, affecting communication
between neighboring nodes and networks. What kind of attack does Antonio perform? -
Answer -Sybil Attack
Determine the attack according to the following scenario:
Benjamin performs a cloud attack during the translation of the SOAP message in the
TLS layer. He duplicates the body of the message and sends it to the server as a
legitimate user. As a result of these actions, Benjamin managed to access the server
resources to unauthorized access. - Answer -Wrapping
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate
network. For this, he connects his router to the network and redirects traffic to intercept
packets. What can the administrator do to mitigate the attack? - Answer -Add message
authentication to the routing table
Which of the following option is a security feature on switches leverages the DHCP
snooping database to help prevent man-in-the-middle attacks? - Answer -DAI
All the industrial control systems of your organization are connected to the Internet.
Your management wants to empower the manufacturing process, ensure the reliability
of industrial networks, and reduce downtime and service disruption. You have been
, assigned to find and install an OT security tool that further protects against security
incidents such as cyber espionage, zero-day attacks, and malware.
Which of the following tools will you use to accomplish this task? - Answer -Flowmon
Ivan, the evil hacker, decided to attack the cloud services of the target organization.
First of all, he decided to infiltrate the target's MSP provider by sending phishing emails
that distributed specially created malware. This program compromised users'
credentials, and Ivan managed to gain remote access to the cloud service. Further, he
accessed the target customer profiles with his MSP account, compressed the customer
data, and stored them in the MSP. After this, he used this information to launch further
attacks on the target organization.
Which of the following cloud attacks did Ivan perform? - Answer -Cloude hopper
Percival, the evil hacker, found the contact number of cybersecuritycompany.org on the
internet and dialled the number, claiming himself to represent a technical support team
from a vendor. He informed an employee of cybersecuritycompany that a specific server
would be compromised and requested the employee to follow the provided instructions.
Consequently, he prompted the victim to execute unusual commands and install
malicious files, which were then used to collect and pass critical information to his
machine.
Which of the following social engineering techniques did Percival use? - Answer -Quid
pro quo
Identify wireless security protocol by description:
This wireless security protocol allows 192-bit minimum-strength security protocols and
cryptographic tools to protect sensitive data, such as 256-bit Galois/Counter Mode
Protocol (GCMP-256), 84-bit Hashed Message Authentication Mode with Secure Hash
Algorithm (HMAC-SHA384), and Elliptic Curve Digital Signature Algorithm (ECDSA)
using a 384-bit elliptic curve. - Answer -WPA3- Enterprise
Jennys wants to send a digitally signed message to Molly.
What key will Jennys use to sign the message, and how will Molly verify it? - Answer -
Jenny with sign with her private Key & Molly will verify with Jenny's public key
The attacker plans to compromise the systems of organizations by sending malicious
emails. He decides to use the tool to track the target's emails and collect information
such as senders' identities, mail servers, sender IP addresses, and sender locations
from different public sources. It also checks email addresses for leaks using
haveibeenpwned.com API.
Which of the following tools is used by the attacker? - Answer -Infoga
You must choose a tool for monitoring your organization's website, analyzing the
website's traffic, and tracking the geographical location of the users visiting the
organization's website.
Which of the following tools will you use for these purposes? - Answer -Web-stat
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller millyphilip. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73091 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now