CEH V10 System Hacking Exam
Questions with Answers
Defend Against Spyware - Answer-Never adjust your Internet security setting level too
low because it provides many chances for spyware to install on your computer. So,
always set your Internet browser security setting to either high or medium for protecting
your computer from spyware.
Don't open suspicious emails and file attachments received from unknown senders.
There is a great likelihood that you will get a virus, freeware, or spyware on the
computer. Don't open unknown websites present in spam mail messages, retrieved by
search engines, or displayed in pop-up windows because they may mislead you to
download spyware.
Enable a Firewall to enhance the security level of your computer
Rootkits - Answer-software programs aimed to gain access to a computer without
detection.
Programs that hide their presence & activity while giving attacker FULL access to svr or
host. Access is persistent (survives reboot).
Types of Rootkits - Answer-Hypervisor- loads host OS as virtual machine
HW/Firmware- binary injection (not inspected)
Kernel- replace OS kernel or device driver codes
Boot Loader- replaced
Application- replaced binary with Trojan
Library- replaced system calls
Keyloggers for Windows - Answer-All In One keylogger an invisible keylogger
surveillance software that allows you to record keystrokes and monitors each activity of
the computer user.
-It allows you to secretly track all such activities and automatically receive logs sent to
the email/FTP/LAN account of your choice.
Spyrix Personal monitor
SoftActivity
Elite Keylogger
Micro Keylogger
,Keyloggers for Mac - Answer-Amac -application that allows users who want to spy on
users of Macintosh computers and secretly record all information, including passwords,
keystrokes, chat conversations, websites visited and screenshots captured. It also
sends all reports to the attacker by email, or uploads everything to attacker's website
Elite
Aobo (OS X)
KidLogger for Mac
Perfect Keylogger for Mac
Spyware - Answer-Is stealthy computer monitoring software that allows you to secretly
record all the user activities on the target computer.
Spyware Propagation -the installation of spyware is done without user knowledge or
consent, and can be accomplished by "piggybacking" the spyware onto other
applications.
Spytech- monitors everything on the computer
Power Spy- monitors and records
pg 188
GPS spyware - Answer-is a device or software application that uses the Global
Positioning System (GPS) to determine the location of a vehicle, person, or other
attached or installed asset. An attacker can use this software to track the target perso
Types of Spyware - Answer-Desktop spyware.
USB Spyware
Audio Spyware
Video Spyware
Cellphone/telephone Spyware
GPS Spyware
Email spyware
Desktop Spyware - Answer-Software that allows an attacker to gain information about a
user's activity or gather personal information about the user and send it via the Internet
to third parties without the user's knowledge or consent. It provides information
regarding what network users did on their desktops, how, and when.
Desktop spyware allows attackers to perform the following:
• Live recording of remote desktops
• Recording and monitoring Internet activities
• Recording software usage and timings
• Recording activity log and storing at one centralized location
• Logging users' keystrokes
,Spyware Tools - Answer-Spytech SpyAgent -provides a large array of essential
computer monitoring features, as well as website, application, and chat client blocking,
logging scheduling, and remote delivery of logs via email or FTP.
Power Spy - Screen recording, keyloggers, Instant message and chat recording, Email
recording, Website URl recording, Application, document and clipboard text recording
Email Spyware - Answer-A program that monitors, records, and forwards all incoming
and outgoing email.
This works in a stealth mode; users will not be aware of the presence of email spyware
on their computer.
Defend Against Keyloggers - Answer--Use pop-up blockers and avoid opening junk
emails
-Install anti-spyware/antivirus programs and keep the signatures up to date
-Install professional firewall software and anti-keylogging software
-Recognize phishing emails and delete them
-Update and patch system software regularly to defend against keyloggers
-Do not click on links in unwanted or doubtful emails that may point to malicious sites
-Use keystroke interference software, which inserts randomized characters into every
keystroke.
Anti-Keyloggers - Answer-Also called anti-keystroke loggers, detect and disable
keystroke logger software. Anti-keylogger's special design helps them to detect software
keyloggers.
Zemana AntiLogger i - s a software application that blocks hackers. It detects any
attempts to modify your computer's settings, record your activities, hook to your PC's
sensitive processes, or inject malicious code in your system
GuardedID
KeyScrambler
SpyShelter Free Anti-Keylogger
DefenseWall HIPS
Elite Anti Keylogger
Footprinting - Answer-The process of accumulating data regarding a specific network
environment.
In the this phase, the attacker creates a profile of the target organization, obtaining
information such as its IP address range, namespace, and employees.
This eases the process of system hacking by revealing its vulnerabilities. For example,
the organization's website may provide employee bios or a personnel directory, which
the hacker can use it for social engineering purposes. Conducting a Whois query on the
, web can provide information about the associated networks and domain names related
to a specific organization.
Scanning - Answer-The procedure for identifying active hosts, open ports, and
unnecessary services enabled on particular hosts.
Attackers use different types of scanning, such as port scanning, network scanning, and
vulnerability scanning of target networks or systems, which help in identifying possible
vulnerabilities.
Scanning procedures such as port scanning and ping sweep return information about
the services offered by the live hosts that are active on the Internet, and their IP
addresses.
Enumeration - Answer-This is a method of intrusive probing, through which attackers
gather information such as network user lists, routing tables, security flaws, and Simple
Network Management Protocol (SNMP) data.
This is significant, because the attacker ranges over the target territory to glean
information about the network, and shared users, groups, applications, and banners.
This involves making active connections to the target system or subjecting it to direct
queries. Normally, an alert and secure system will log such attempts.
Often, the information gathered is publicly available anyway, such as a DNS address;
however, it is possible that the attacker might stumble upon a remote IPC share, such
as IPC$ in Windows, that can be probed with a null session, thus allowing shares and
accounts to be enumerated
Escalate privileges in the Windows operating system - Answer-The Windows operating
system uses Windows application compatibility framework called Shim to provide
compatibility between the older and newer versions of Windows. An attacker can use
these shims to perform different attacks such as disabling Windows defender, privilege
escalation, installing backdoors, and so on.
Discretionary Access Control (DAC) - Answer-This access controls determine the
access controls taken by any possessor of an object in order to decide the access
controls of the subjects on those objects.
The other name for this is a need-to-know access model. It permits the user, who is
granted access to information, to decide how to protect the information and the level of
sharing desired. Access to files is restricted to users and groups based upon their
identity and the groups to which the users belong.
System Hacking Goals - Answer-Gain Access- Once attackers succeed in gaining
access to the system, they are free to perform malicious activities such as stealing