CEH v11 Test Questions with Correct Answers
What are patch management techniques? - Answer-an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) in an administered computer system.
What is the Metasploit Framework? - Answer-a penetration-...
CEH v11 Test Questions with Correct
Answers
What are patch management techniques? - Answer-an area of systems management
that involves acquiring, testing, and installing multiple patches (code changes) in an
administered computer system.
What is the Metasploit Framework? - Answer-a penetration-testing toolkit, exploit
development platform, and research tool that includes hundreds of working remote
exploits for various platforms.
What is Google hacking? - Answer-an attacker can create complex search engine
queries to filter large amounts of search results to obtain information related to
computer security
How does email tracking work? - Answer-Email tracking tools allow an attacker to track
an email and extract information such as sender identity, mail server, sender's IP
address, location, and so on.
How does web spiders work? - Answer-a program or automated script that browses
websites in a methodical manner to collect specific information such as employee
names and email addresses; also known as web crawler or web robot
What is network scanning? - Answer-the process of gathering additional detailed
information about the target using highly complex and aggressive reconnaissance
technique; refers to a set of procedures used for identifying hosts, ports, and services in
a network.
What is port scanning? - Answer-techniques attackers use to identify open ports and
running services on a host with the intent of compromising the network.
What are ping sweep techniques? - Answer-ping an entire range of network IP
addresses to identify the live systems. The following are ping sweep tools that enable
one to determine live hosts on the target network by sending multiple ICMP ECHO
requests to various hosts on the network at a time.
What is a SQL injection? - Answer-used to take advantage of non-validated input
vulnerabilities to pass SQL commands through a web application for execution by a
backend database
What is WEP? - Answer-utilizes an encryption mechanism at the data link layer for
minimizing unauthorized access to the WLAN; accomplished by encrypting data with the
symmetric Rivest Cipher 4 (RC4) encryption algorithm.
, What is WPA? - Answer-using the Temporal Key Integrity Protocol (TKIP), which utilizes
the RC4 stream cipher encryption with 128-bit keys and 64-bit MIC to provide strong
encryption and authentication.
What is a SSID? - Answer-A service set identifier (SSID) is a case-sensitive, human-
readable unique identifier of a WLAN that is 32 alphanumeric characters in length.
What is MAC spoofing? - Answer-refers to spoofing a MAC address with the MAC
address of a legitimate user on the network; duplicating attack involves sniffing a
network for MAC addresses of legitimate clients connected to the network.
What is a rouge access point? - Answer-Unauthorized (or rogue) APs can allow anyone
with an 802.11-equipped device to connect to a corporate network. An unauthorized AP
can give an attacker access to the network.
What are the wireless hacking attacks? - Answer-Key Reinstallation Attack (KRACK),
Jamming Signal Attack, aLTEr Attack, Sinkhole Attack, Evil Twin, Bluejacking,
Bluesmacking, Bluesnarfing, Bluebugging
What is the difference between a virus and a worm? - Answer-A computer virus is a
self-replicating program that produces its code by attaching copies of itself to other
executable code and operates without the knowledge or consent of the user; However,
viruses can infect external machines only with the assistance of computer users.
Computer worms are standalone malicious programs that replicate, execute, and
spread across network connections independently without human intervention;
However, some worms also carry a payload to damage the host system.
What are the different types of viruses? - Answer-Boot sector Virus, File Virus, Macro
Virus, Polymorphic Virus, Metamorphic Virus, Cavity Virus, Logic Bomb Virus, Armored
Virus
How does a virus spread and infect systems? - Answer-To infect a system, first, a virus
has to enter it. Once the user downloads and installs the virus from any source and in
any form, it replicates itself to other programs. Then, the virus can infect the computer in
various ways, some of which are listed below:
How does antivirus evasion techniques work? - Answer-Break the Trojan file into
multiple pieces and zip them as a single file, Always write your Trojan and embed it into
an application (an antivirus program fails to recognize new Trojans, as its database
does not contain the proper signatures), Change the Trojan's syntax (i.e. Convert an
EXE to VB script), Change the checksum and encrypt the file.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.