100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CEH Exam Study Questions with Correct Answers £10.55
Add to cart

Exam (elaborations)

CEH Exam Study Questions with Correct Answers

 11 views  0 purchase
  • Module
  • CEH
  • Institution
  • CEH

CEH Exam Study Questions with Correct Answers WPA2 uses AES for wireless data encryption at which of the following encryption levels? - Answer-128 bit and CCMP What is the best description of SQL Injection? - Answer-It is an attack used to gain unauthorized access to a database. The tester...

[Show more]

Preview 3 out of 24  pages

  • August 11, 2024
  • 24
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CEH
  • CEH
avatar-seller
CEH Exam Study Questions with
Correct Answers
WPA2 uses AES for wireless data encryption at which of the following encryption
levels? - Answer-128 bit and CCMP

What is the best description of SQL Injection? - Answer-It is an attack used to gain
unauthorized access to a database.

The tester has been hired to do a web application security test. But after notices that the
site is dynamic and
must make use of a backend database. In order for the tester to see if SQL injection as
possible, what is the
first character that the tester should use to attempt to breaking a valid SQL request? -
Answer-Single quote

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit
charitable organization
focused on improving the security of software. What item is the primary concern on
OWASP's Top Ten Project
Most Critical Web Application Security Risks? - Answer-Injection

You are attempting to man-in-the-middle a session. Which protocol will allow you to
guess a sequence
number? - Answer-TCP

Which mode of IPSec should you use to assure security and confidentiality of data
within the same LAN? - Answer-ESP transport mode

Which protocol is used for setting up secured channels between two devices, typically in
VPNs ? - Answer-IPSEC

Which of the following is a low-tech way of gaining unauthorized access to system? -
Answer-Social engineering

You are tasked to perform a penetration test. While you are performing information
gathering, you find an
employee list in Google. You find the receptionist's email, and you send her an email
changing the source
email to her boss's email (boss@company). In this email, you ask for a pdf with
information. She reads your
email and sends back a pdf with links. You exchange the pdf links with your malicious
links (these links contain

,malware) and send back the modified pdf, saying that the links don't work. She reads
your email, opens the
links, and her machine gets infected. You now have access to the company network.
What testing method did you use? - Answer-Social engineering

Jimmy is standing outside a secure entrance to a facility. He is pretending to having
tense conversation on his
cell phone as an authorized employee badges. Jimmy, while still on the phone, grabs
the door as it begins to
close.
What just happened? - Answer-Piggybacking

Scenario:
1. Victim opens the attacker's web site
2. Attacker sets of the web site which contains interesting and attractive content like "Do
you want to make
$1000 in a day?".
3. They can clicks to the interesting and attractive content url
4. Attacker creates a transparent 'iframe' in front of the URL which victim attempts to
click, so victim thinks that
he/she clicks the " do you want to make $1000 in a day?" URL but actually he/she clicks
to the content or URL
that exist in a transparent 'iframe' which is set up by the attacker.
What is the name of the attack which is mentioned in the scenario? - Answer-
ClickJacking attack

Jimmy is standing outside a secure entrance to a facility. He is pretending to having a
tense conversation on
his cell phone as an authorized employee badges in. Jimmy, while still on the phone,
grabs the door as it
begins to close. What just happened? - Answer-Tailgating

An attacker has installed a RAT on a host. The attacker wants to ensure that when a
user attempts to go to
"www.MyPersonalBank.com", that the user is directed to a phishing site.
Which file does the attacker need to modify? - Answer-Hosts

Which of the following is the BEST way to defend against network sniffing? - Answer-
Using encryption protocols to secure network communications

You are a Network Security Officer. You have two machines. The first machine
(192.168.0.99) has snort
installed, and the second machine (192.168.0.150) has kiwi syslog installed. You
performed a syn scan in your
network, and you noticed that kiwi syslog is not receiving the alert message from snort.
You decide to run

, wireshark in the snort machine to check if the message are going to the kiwi syslog
machine.
What wireshark filter will show the connections from the snort machine to kiwi syslog
machine? - Answer-tcp.dstport==514 && ip.dst == 192.168.0.150

Which of the following tools is used to analyze the files produced by several packet-
capture programs such as
tcpdump, WindDump, Wireshark, and EtherPeek? - Answer-tcptrace

How does the Address Resolution Protocol (ARP) work? - Answer-It sends a request
packet to all the network elements, asking for the MAC address from a specific IP.

Which of the following statements is TRUE?
A. Sniffers operate on Layer 3 of the OSI model.
B. Sniffers operate on the Layer 1 of the OSI model.
C. Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
D. Sniffers operate on Layer 2 of the OSI model. - Answer-Sniffers operate on both
Layer 2 & Layer 3 of the OSI model.

An intrusion detection system, IDS, has alerted the network administrator to a possible
malicious sequence of
packets sent to a web server in the network's external DMZ. The packet traffic was
captured by the IDS and
saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely
malicious or simply a false
positive? - Answer-Protocol analyzer

The configuration allows a wired or wireless network interface controller to pass all
traffic it receives to the
central processing unit (CPU), rather than passing only the frames that the controller is
intended to receive.
Which of the following is being described? - Answer-promiscuous mode

Which of the following tools can be used for passive OS fingerprinting? - Answer-
tcpdump

___________ Is a set of extensions to DNS that provide to DNS clients (resolvers)
origin authentication of DNS
data to reduce the threat of DNS poisoning, spoofing, and similar attacks types. -
Answer-DNSSEC


The "gray box testing" methodology enforces what kind of restriction? - Answer-The
internal operation of a system is only partly accessible to the tester

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £10.55. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

56326 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£10.55
  • (0)
Add to cart
Added