CEH V12 Exam Questions
with Answers
Which of the ICMP messages are for ping replies? - Answer-Type 8
Nmap Command for TCP Window Port scan - Answer--sW
Simple Mail Transfer Protocol (SMTP) Port - Answer-25
nslookup method to discover the authoritative DNS Server? - Answer-Zone Transfer
Which record will disclose details about a domain's mail server? - Answer-MX
Microsoft RPC endport Port - Answer-153 TCP
Sends FIN and lack of response means the port is open. - Answer-FIN Scan
Nmap Command for UDP port scan - Answer--sU
Global Catalog Service port - Answer-3286
identifying a system by looking at what ports are open and how the system responds. -
Answer-Banner Grabbing
Which OS fingerprint tools functions by passively listening on the network interface for
traffic and then matching it. - Answer-p0f
An attacker goes though pwn machines to alter IP destination address. - Answer-Proxy
Chain
Nmap Command for TCP ACK port scan - Answer--sA
Nmap Port scan to disable host discovery - Answer--Pn
Nmap Port scan for TCP SYN - Answer--PS
Nmap Port scan for TCP ACK - Answer--PA
Nmap Port scan for TCP UDP - Answer--PU
Nmap Port scan for ARP - Answer--PR
, A utility is a network packet generator and analyzer that can be run from command line.
- Answer-Hping3
Scan that uses ACK,RST,SYN,IRG,PSH and FIN to look for open ports. - Answer-
XMAS Scan
Nmap Port scan for avoiding DNS resolution - Answer--n
Technique that allows user to get around network and application security - Answer-
HTTP Tunneling
Nmap to scan specific port - Answer--p #
Technique that helps define the firewall's access control list or determine what is allow
to pass. - Answer-Firewalking
Banner Grabbing is an example of what kind of fingerprinting? - Answer-Passive OS
Fingerprinting
What are the three types of scanning? - Answer-Port, network, and vulnerability
NetBIOS Port - Answer-TCP and UDP 137
What is the phases of the Cyber Kill Chain - Answer-Recon, Weaponization, Delivery,
Exploitation, Install, CNC & Action
Which of the ICMP messages are used by most traceroute programs to determine the
IP addresses of intermediate routers? - Answer-Type 11
What is the goal of enumeration? - Answer-To gather as much information about the
network as possible
The type of scan that is when the source address is spoofed to the target but requires a
zombie. - Answer-Idle Scan
Scan that goes through IP address ranges provided by user - Answer-Listing Scan
Unique scan that only works on UNIX and Linux where no is a sign of an open port. -
Answer-NULL Scan
Which information may be gathered using nslookup? - Answer-Hostnames and IP
addresses
Adversary behavior Powershell - Answer-Automation tool to transfer data
with Answers
Which of the ICMP messages are for ping replies? - Answer-Type 8
Nmap Command for TCP Window Port scan - Answer--sW
Simple Mail Transfer Protocol (SMTP) Port - Answer-25
nslookup method to discover the authoritative DNS Server? - Answer-Zone Transfer
Which record will disclose details about a domain's mail server? - Answer-MX
Microsoft RPC endport Port - Answer-153 TCP
Sends FIN and lack of response means the port is open. - Answer-FIN Scan
Nmap Command for UDP port scan - Answer--sU
Global Catalog Service port - Answer-3286
identifying a system by looking at what ports are open and how the system responds. -
Answer-Banner Grabbing
Which OS fingerprint tools functions by passively listening on the network interface for
traffic and then matching it. - Answer-p0f
An attacker goes though pwn machines to alter IP destination address. - Answer-Proxy
Chain
Nmap Command for TCP ACK port scan - Answer--sA
Nmap Port scan to disable host discovery - Answer--Pn
Nmap Port scan for TCP SYN - Answer--PS
Nmap Port scan for TCP ACK - Answer--PA
Nmap Port scan for TCP UDP - Answer--PU
Nmap Port scan for ARP - Answer--PR
, A utility is a network packet generator and analyzer that can be run from command line.
- Answer-Hping3
Scan that uses ACK,RST,SYN,IRG,PSH and FIN to look for open ports. - Answer-
XMAS Scan
Nmap Port scan for avoiding DNS resolution - Answer--n
Technique that allows user to get around network and application security - Answer-
HTTP Tunneling
Nmap to scan specific port - Answer--p #
Technique that helps define the firewall's access control list or determine what is allow
to pass. - Answer-Firewalking
Banner Grabbing is an example of what kind of fingerprinting? - Answer-Passive OS
Fingerprinting
What are the three types of scanning? - Answer-Port, network, and vulnerability
NetBIOS Port - Answer-TCP and UDP 137
What is the phases of the Cyber Kill Chain - Answer-Recon, Weaponization, Delivery,
Exploitation, Install, CNC & Action
Which of the ICMP messages are used by most traceroute programs to determine the
IP addresses of intermediate routers? - Answer-Type 11
What is the goal of enumeration? - Answer-To gather as much information about the
network as possible
The type of scan that is when the source address is spoofed to the target but requires a
zombie. - Answer-Idle Scan
Scan that goes through IP address ranges provided by user - Answer-Listing Scan
Unique scan that only works on UNIX and Linux where no is a sign of an open port. -
Answer-NULL Scan
Which information may be gathered using nslookup? - Answer-Hostnames and IP
addresses
Adversary behavior Powershell - Answer-Automation tool to transfer data
