CEH V12 Questions with Correct Answers
The attacker needs to collect information about his victim - Maria. She is an extrovert who often posts a large amount of private information, photos, and location tags of recently visited places on social networks. Which automated tool should an attacker use...
CEH V12 Questions with Correct
Answers
The attacker needs to collect information about his victim - Maria. She is an extrovert
who often posts a large amount of private information, photos, and location tags of
recently visited places on social networks. Which automated tool should an attacker use
to gather information to perform other sophisticated attacks? - Answer-Hoot Suite
You need to protect the company's network from imminent threats. To complete this
task, you will enter information about threats into the security devices in a digital format
to block and identify inbound and outbound malicious traffic entering the company's
network. Which of the following types of threat intelligence will you use? - Answer-
Technical Threat Intelligence
Which antenna is commonly used in communications for a frequency band of 10 MHz to
VHF and UHF? - Answer-Yagi antenna
This attack exploits a vulnerability that provides additional routing information in the
SOAP header to support asynchronous communication. Also, it further allows the
transmission of web-service requests and response messages using different TCP
connections.
Which of the following attacks matches the description above? - Answer-WS-address
spoofing
Which of the following is a tool that passively maps and visually displays an ICS/SCADA
network topology while safely conducting device discovery, accounting, and reporting
on these critical cyber-physical systems? - Answer-GRASSMARLIN
There is a powerful tool written in Go that will allow an attacker to carry out a Man in the
middle (MITM) attack using, for example, ordinary arp spoofing. What kind of tool are
we talking about? - Answer-BetterCAP
Enabling SSI directives allows developers to add dynamic code snippets to static HTML
pages without using full-fledged client or server languages. However, suppose the
server is incorrectly configured (for example, allowing the exec directive) or the data is
not strictly verified. In that case, an attacker can change or enter directives to perform
malicious actions.
What kind of known attack are we talking about? - Answer-Server-side includes
injection
Which of the following is a cloud malware designed to exploit misconfigured kubelets in
a - Answer-Hildeguard
, You need to increase the security of keys used for encryption and authentication. For
these purposes, you decide to use a technique to enter an initial key to an algorithm that
generates an enhanced key resistant to brute-force attacks. Which of the following
techniques will you use? - Answer-Key stretching
Jonathan, the evil hacker, wants to capture all the data transmitted over a network and
perform expert analysis of each part of the target network. Which of the following tools
will help him execute this attack? - Answer-OmniPeek
WPS is a rather troubled wireless network security standard. While it can make your life
easier, it is also vulnerable to attacks. An attacker within radio range can brute-force the
WPS PIN for a vulnerable access point, obtain WEP or WPA passwords, and likely gain
access to the Wi-Fi network. However, first, the attacker needs to find a vulnerable
point.
Which of the following tools is capable of determining WPS-enabled access points? -
Answer-Wash
USB tools using to copy files from USB devices silently - Answer-USB Dumper
Attacker uses various IDS evasion techniques to bypass intrusion detection
mechanisms. At the same time, IDS is configured to detect possible violations of the
security policy, including unauthorized access and misuse. Which of the following
evasion method depend on the Time-to-Live (TTL) fields of a TCP/IP ? - Answer-
Insertion Attack
Which of the following is an encryption technique where data is encrypted by a
sequence of photons that have a spinning trait while traveling from one end to another?
- Answer-Quantum cryptography
Determine the attack by the description:
Determine the attack by the description: The known-plaintext attack used against DES.
This attack causes that encrypting plaintext with one DES key followed by encrypting it
with a second DES key is no more secure than using a single key.
- - Answer-Meet in the middle Attack
The evil hacker Antonio is trying to attack the IoT device. He will use several fake
identities to create a strong illusion of traffic congestion, affecting communication
between neighboring nodes and networks. What kind of attack does Antonio perform? -
Answer-Sybil Attack
Determine the attack according to the following scenario:
Benjamin performs a cloud attack during the translation of the SOAP message in the
TLS layer. He duplicates the body of the message and sends it to the server as a
legitimate user. As a result of these actions, Benjamin managed to access the server
resources to unauthorized access. - Answer-Wrapping
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
