CEH Exam Examples with Correct Answers
WEP is used on 802.11 networks, what was it designed for? - Answer-to provide strong encryption to a wireless local area network (WLAN) with a
lever of integrity and privacy adequate for sensible but unclassified information
In the context of Trojans, w...
CEH Exam Examples with
Correct Answers
WEP is used on 802.11 networks, what was it designed for? - Answer-to provide strong
encryption to a wireless local area network (WLAN) with a
lever of integrity and privacy adequate for sensible but unclassified information
In the context of Trojans, what is the definition of a Wrapper? - Answer-to bind the
Trojan with legitimate file.
One of the better features of NetWare is the use of packet signature that includes
cryptographic
signatures. The packet signature mechanism has four levels from 0 to 3.
In the list below which of the choices represent the level that forces NetWare to sign all
packets? - Answer-3
What is the goal of a Denial of Service Attack? - Answer-Render a network or computer
incapable of providing normal service.
What is Form Scalpel used for? - Answer-Dissecting HTML Forms
What is a primary advantage a hacker gains by using encryption or programs such as
Loki? - Answer-IDS systems are unable to decrypt it
What is Hunt used for? - Answer-to intercept traffic i.e. man-in-the-middle traffic
________ is an automated vulnerability assessment tool. - Answer-Nessus
What is the disadvantage of an automated vulnerability assessment tool? - Answer-
Noisy
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming
through
the firewall if your network is comprised of Windows NT, 2000, and XP? - Answer-135,
139 and 445
What does black box examing mean? - Answer-You have no knowledge of the
environment
What does white box examing mean? - Answer-You have full knowledge of the
environment
,Under what conditions does a secondary name server request a zone transfer from a
primary
name server? - Answer-When a primary SOA is higher that a secondary SOA
Pandora is used to attack __________ network operating systems. - Answer-Netware
____________ will let you assume a users identity at a dynamically generated web
page or site. - Answer-Cross site scripting
Why would an ethical hacker use the technique of firewalsheets? - Answer-It is a
technique used to discover the nature of rules configured on a gateway.
What makes web application vulnerabilities so aggravating? - Answer-They can be
launched through an authorized port and A firewall will not stop them.
You wish to determine the operating system and type of web server being used. At the
same time
you wish to arouse no suspicion within the target organization.
While some of the methods listed below work, which holds the least risk of detection? -
Answer-Telnet to the web server and issue commands to illicit a response.
While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type
13 for all
the pings sent out.
What is the most likely cause behind this response? - Answer-The firewall is dropping
the packets.
What is the name of the software tool used to crack a single account on Netware
Servers using a
dictionary attack? - Answer-NWPCrack
Bart is loosheets for a Windows NT/2000/XP command-line tool that can be used to
assign,
display, or modify ACL's (access control lists) to files or folders and also one that can be
used
within batch files. Which of the following tools can be used for that purpose? - Answer-
CACLS.exe
How can you determine if an LM hash you extracted contains a password that is less
than 8
characters long? - Answer-The right most portion of the hash is always the same
Several of your co-workers are having a discussion over the etc/passwd file. They are at
odds
over what types of encryption are used to secure Linux passwords.(Choose all that
apply). - Answer-Linux passwords can be encrypted with MD5
,Linux passwords can be encrypted with DES
Linux passwords can be encrypted with Blowfish
What are the two basic types of attacks? - Answer-Passive and Sniffing
Sniffing is considered an active attack. - Answer-False
When discussing passwords, what is considered a brute force attack? - Answer-You
attempt every single possibility until you exhaust all possible combinations or discover
the
password
Which of the following are well know password-cracsheets programs? - Answer-
L0phtcrack
John the Ripper
Password cracsheets programs reverse the hashing process to recover passwords.( -
Answer-False
What does the following command achieve?
Telnet <IP Address> <Port 80>
HEAD /HTTP/1.0
<Return>
<Return> - Answer-returns the banner of the website specified by IP address
Your lab partner is trying to find out more information about a competitors web site. The
site has a .com extension. She has decided to use some online whois tools and look in
one of the regional
Internet registrys.
Which one would you suggest she looks in first? - Answer-ARIN
Which of the following tools are used for footprinting?( - Answer-Sam Spade,
NSLookup, Traceroute, Neotrace
According to the CEH methodology, what is the next step to be performed after
footprinting? - Answer-Scanning
NSLookup is a good tool to use to gain additional information about a target network.
What does
the following command accomplish?
nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com> - Answer-Performs a zone transfer
, While footprinting a network, what port/service should you look for to attempt a zone
transfer? - Answer-53 TCP
Which of the following statements about a zone transfer correct? - Answer-is
accomplished with the DNS, passes all zone information that a DNS server maintains
and can be prevented by blocsheets all inbound TCP port 53 connections
What did the following commands determine?
C: user2sid \earth guest
S-1-5-21-343818398-789336058-1343024091-501
C:sid2user 5 21 343818398 789336058 1343024091 500
Name is Joe
Domain is EARTH - Answer-That the true administrator is Joe
Which of the following are used for enumeration? - Answer-USER2SID, SID2USER,
DumpSec
When worsheets with Windows systems, what is the RID of the true administrator
account? - Answer-500
Why would you consider sending an email to an address that you know does not exist
within the
company you are performing a Penetration Exam for? - Answer-To illicit a response
back that will reveal information about email servers and how they treat
undeliverable mail
The follows is an email header. What address is that of the true originator of the
message?
Return-Path: <bgates@microsoft.com>
Received: from smtp.com (fw.emumail.com [215.52.220.122].
by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807
for <mikeg@thesolutionfirm.com>; Sat, 9 Aug 2003 18:18:50 -0500
Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000
Received: from ([19.25.19.10].
by smtp.com with SMTP
Received: from unknown (HELO CHRISLAPTOP. (168.150.84.123.
by localhost with SMTP; 8 Aug 2003 23:25:01 -0000
From: "Bill Gates" <bgates@microsoft.com>
To: "mikeg" <mikeg@thesolutionfirm.com>
Subject: We need your help!
Date: Fri, 8 Aug 2003 19:12:28 -0400
Message-ID: <51.32.123.21@CHRISLAPTOP>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0052_01C35DE1.03202950"
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
