CEH Practice Exam Questions with Correct Answers
Which of the following is a low-tech way of gaining unauthorized access to systems?
A. Scanning
B. Sniffing
C. Social Engineering
D. Enumeration - Answer-C. Social Engineering
When tuning security alerts, what is the best approach?
A. Tu...
Which of the following is a low-tech way of gaining unauthorized access to systems?
A. Scanning
B. Sniffing
C. Social Engineering
D. Enumeration - Answer-C. Social Engineering
When tuning security alerts, what is the best approach?
A. Tune to avoid False positives and False Negatives
B. Rise False positives Rise False Negatives
C. Decrease the false positives
D. Decrease False negatives - Answer-A. Tune to avoid False positives and False
Negatives
In an internal security audit, the white hat hacker gains control over a user account and
attempts to acquire
access to another account's confidential files and information. How can he achieve this?
A. Privilege Escalation
B. Shoulder-Surfing
C. Hacking Active Directory
D. Port Scanning - Answer-A. Privilege Escalation
Which regulation defines security and privacy controls for Federal information systems
and organizations?
A. HIPAA
B. EU Safe Harbor
C. PCI-DSS
D. NIST-800-53 - Answer-D. NIST-800-53
Your company performs penetration tests and security assessments for small and
medium-sized business in
the local area. During a routine security assessment, you discover information that
suggests your client is
involved with human trafficking.
,What should you do?
A. Confront the client in a respectful manner and ask her about the data.
B. Copy the data to removable media and keep it in case you need it.
C. Ignore the data and continue the assessment until completed as agreed.
D. Immediately stop work and contact the proper legal authorities. - Answer-D.
Immediately stop work and contact the proper legal authorities.
You are a security officer of a company. You had an alert from IDS that indicates that
one PC on your Intranet
is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address
was blacklisted just before
the alert. You are staring an investigation to roughly analyze the severity of the
situation. Which of the following
is appropriate to analyze?
A. Event logs on the PC
B. Internet Firewall/Proxy log
C. IDS log
D. Event logs on domain controller - Answer-B. Internet Firewall/Proxy log
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of
communication?
A. 123
B. 161
C. 69
D. 113 - Answer-A. 123
It has been reported to you that someone has caused an information spillage on their
computer. You go to the
computer, disconnect it from the network, remove the keyboard and mouse, and power
it down. What step in
incident handling did you just complete? - Answer-C. Containment
An Unauthorized individual enters a building following an employee through the
employee entrance after the lunch rush. What type of breach has the individual just
performed? - Answer-Tailgating
Which of the following is the best countermeasure to encrypting ransomwares?
A. Use multiple antivirus softwares
B. Keep some generation of off-line backup
C. Analyze the ransomware to get decryption key of encrypted data
D. Pay a ransom - Answer-B. Pay a ransom
,If an attacker uses the command SELECT*FROM user WHERE name = 'x' AND IS
NULL;'; which type of SQL injection attack is the attacker performing? - Answer-End of
Line Comment
Sophia travels a lot and worries that her laptop containing confidential documents might
be stolen. What is the best protection that will work for her? - Answer-Full Disk
encryption
An attacker has installed a RAT on a host. The attacker wants to ensure that when a
user attempts to go to "www.MyPersonalBank.com", that the user is directed to a
phishing site.
Which File does the attacker need to modify? - Answer-Hosts
Which of the following options represents a conceptual characteristic of an anomaly-
based IDS over a signature-based IDS?
A. Produces less false positives
B. Can identify unknown attacks
C. Requires vendor updates for a new threat
D. Cannot deal with encrypted network traffic - Answer-B. Can identify unknown attacks
You are logged in as a local admin on a Windows 7 system and you need to launch the
Computer Management Console from command line
Which command do you use? - Answer-c:\compmgmt.msc
Which of the following act requires employer's standard national numbers to identify
them on standard transactions? - Answer-HIPAA
In Wireshark, the packet bytes panes show the data ofWhich of the following act
requires employer's standard national numbers to identify them on standard
transactions? the current packet in which format? - Answer-Hexadecimal
_______ is a set of extensions to DNS that provide to DNS clients (resolvers) the origin
authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar
types of attacks, - Answer-DNSSEC
PGP, SSL, and IKE are all examples of which type of cryptography? - Answer-Public
Key
Which of the following is considered as one of the most reliable forms of TCP scanning?
- Answer-TCP Connect/Full Open Scan
Which of the following scanning method splits the TCP header into several packets and
makes it difficult for packet filters to detect the purpose of the packet? - Answer-
SYN/FIN scanning using IP fragments
, Which of the following is the BEST way to defend against network sniffing?
A. Restrict Physical Access to Server Rooms hosting Critical Servers
B. Use Static IP Address
C. Using encryption protocols to secure network communications
D. Register all machines MAC Adress in a Centralized Database - Answer-C. Using
encryption protocols to secure network communications
You have successfully gained access to a Linux server and would like to ensure that the
succeeding outgoing traffic from this server will not be caught by Network-Based
Intrusion Detection Systems (NIDS)
What is the best way to evade the NIDS? - Answer-Encryption
What is the purpose of a demilitarized zone on a network? - Answer-To only provide
direct access to the nodes within the DMZ and protect the network behind it
You need to deploy a new web-based software package for your organization. The
package requires three separate servers and needs to be available on the Internet.
What is the recommended architecture in terms of server placement? - Answer-A web
server facing the Internet, an application server on the internal network, a database
server on the internal network
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2
and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of
the network and deny all other traffic. After he applied his ACL configuration in the
router, nobody can access to the ftp, and the permitted hosts cannot access the
Internet. According to the next configuration, what is happening in the network?
access-list 102 deny tcp any any
access-list 104 permit udp host 10.0.0.3 any
access-list 110 permit tcp host 10.0.0.2 eq www any
access-list 108 permit tcp any eq ftp any - Answer-The first ACL is denying all TCP
traffic and the other ACLs are being ignored by the router
When conducting a penetration test, it is crucial to use all means to get all available
information about the target network. One of the ways to do that is by sniffing the
network. Which of the following cannot be performed by the passive network sniffing?
A. Identifying operating systems, services, protocols and devices
B. Modifying and replaying captured network traffic
C. Collecting unencrypted information about usernames and passwords
D. Capturing a network traffic for further analysis - Answer-B. Modifying and replaying
captured network traffic
A company's Web development team has become aware of a certain type of security
vulnerability in their their Web software. To mitigate the possibility of this vulnerability
being exploited, the team wants to modify the software requirements to disallow users
from entering HTML as input into their Web application.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
