CEH v10 Practice Exam | Questions And Answers Latest {2024- 2025} A+ Graded | 100%
Verified
Your organization is planning to add wireless nodes to an existing LAN that has a potential throughput of
54 Mbps. Which of the following will your organization use? - Answer D is correct.
Your organization will use 802.11a, as it has a 54 Mbps potential throughput. 802.11a provides
specifications for wireless ATM systems and is used in accessing hubs.
Answer C is incorrect. The 802.11b standard for WLANs (Wireless Local Area Networks), often called Wi-
Fi, is a part of the 802.11 series of WLAN standards from the IEEE.
Answer B is incorrect. WPA (Wi-Fi Protected Access) uses TKIP (Temporal Key Integrity Protocol). In
2004, IEEE approved the next upgrade to wireless security, which was WPA2. It is officially known as
802.11i.
Answer A is incorrect. 802.11n is a specification for WLAN communications. It increases WLAN speed,
improves reliability, and extends the range of wireless transmissions.
How would an attacker increase the amount of traffic in a packet capture?
A. Using TCP over UDP
B. Allowing name resolution
C. Setting promiscuous mode
D. Increasing the buffer - Answer B is correct.
Allowing for name resolution means a DNS request for a lot of packets as they come in because each IP
address will get resolved to a hostname. This can dramatically increase the amount of traffic being
collected.
Answers A, D, and C are incorrect. Using TCP over UDP, increasing the buffer, and setting promiscuous
mode would not increase the amount of traffic in a packet capture.
One of your colleagues asks you about the programming language written in the following code:
while complete == 0:
complete = scan_system(i)
i = i+1
What will you tell your colleague?
A. bash
,B. JavaScript
C. Python
D. Ruby - Answer C is correct.
You will tell your colleague that the Python programming language is used in the given code, as the use
of a colon at the end of the while statement is an indicator that the code is written in Python.
Juan, a penetration tester, is attempting to ping a target that exists but receives no response or a
response that states the destination is unreachable, ICMP may be disabled, and the network may be
using TCP. Which of the following tools will Juan use to get a response from the target?
A. MegaPing
B. Zenmap
C. Nmap
D. hping - Answer D is correct.
Juan will use the hping tool to get a response from the network. He can use hping by calling it with the -
1 parameter, meaning he is using ICMP mode. hping is primarily a packet crafting program, allowing him
to initiate connections using different protocols with the header settings he wants, the default mode
may not work very well for him.
Answer C is incorrect. Nmap can be used for more than just identifying open ports. It can also be used to
identify application versions by grabbing banners.
Answer B is incorrect. Zenmap is a program that calls nmap based on a command specified, but it also
parses the results, providing them to you in different ways.
Answer A is incorrect. MegaPing has a number of capabilities, including the ability to run port scans.
our organization uses PGP instead of a certificate authority. Which of the following is responsible for
this?
A. Central trust authority
B. X.509 certificate
C. Buffer overflow
D. Decentralized approach - Answer D is correct.
Certificate authorities use a centralized approach to verification, while PGP uses a decentralized
approach, relying on individual users to verify the authenticity of a user and that user's key.
Answer C is incorrect. A buffer overflow sends more data than space has been allocated for into the
application.
, Answer B is incorrect. Both PGP and certificate authorities use X.509 certificates.
Answer A is incorrect. No such option as central trust authority exists.
Alicia, a forensic analyst, wants to ingest large amounts of organization's web log server data from
multiple resources. Which of the following will he use?
A. ElasticStack
B. Prewikka
C. Snorby
D. Snort - Answer A is correct.
Alicia will use ElasticStack as it is a good platform to ingest large amounts of data from multiple sources.
This can include log data as well as packet data.
Answer B is incorrect. Prewikka can be used along with an intrusion detection system as a dashboard.
Answer C is incorrect. Snorby is an auxiliary program used with Snort.
Answer D is incorrect. Snort is an intrusion detection program.
You have observed that the penetration testing life cycle is almost identical to the ethical hacking
methodology. Which of the following is the key difference will you suggest between these
methodologies?
A. Maintaining access
B. Reporting
C. Gaining access
D. Reconnaissance - Answer B is correct.
The only difference between the penetration testing life cycle and ethical hacking methodology is the
focus on the documentation of the penetration test. A detailed report of the tests performed and
everything that was discovered is important to a penetration test.
Answers D, A, and C are incorrect. Reconnaissance, maintaining access, and gaining access are all steps
in both methodologies.
A white-hat hacker gains control over a user account and attempts to acquire access to another
account's confidential information. Which of the following will help the hacker to achieve this?
A. Privilege escalation
B. Account escalation
Verified
Your organization is planning to add wireless nodes to an existing LAN that has a potential throughput of
54 Mbps. Which of the following will your organization use? - Answer D is correct.
Your organization will use 802.11a, as it has a 54 Mbps potential throughput. 802.11a provides
specifications for wireless ATM systems and is used in accessing hubs.
Answer C is incorrect. The 802.11b standard for WLANs (Wireless Local Area Networks), often called Wi-
Fi, is a part of the 802.11 series of WLAN standards from the IEEE.
Answer B is incorrect. WPA (Wi-Fi Protected Access) uses TKIP (Temporal Key Integrity Protocol). In
2004, IEEE approved the next upgrade to wireless security, which was WPA2. It is officially known as
802.11i.
Answer A is incorrect. 802.11n is a specification for WLAN communications. It increases WLAN speed,
improves reliability, and extends the range of wireless transmissions.
How would an attacker increase the amount of traffic in a packet capture?
A. Using TCP over UDP
B. Allowing name resolution
C. Setting promiscuous mode
D. Increasing the buffer - Answer B is correct.
Allowing for name resolution means a DNS request for a lot of packets as they come in because each IP
address will get resolved to a hostname. This can dramatically increase the amount of traffic being
collected.
Answers A, D, and C are incorrect. Using TCP over UDP, increasing the buffer, and setting promiscuous
mode would not increase the amount of traffic in a packet capture.
One of your colleagues asks you about the programming language written in the following code:
while complete == 0:
complete = scan_system(i)
i = i+1
What will you tell your colleague?
A. bash
,B. JavaScript
C. Python
D. Ruby - Answer C is correct.
You will tell your colleague that the Python programming language is used in the given code, as the use
of a colon at the end of the while statement is an indicator that the code is written in Python.
Juan, a penetration tester, is attempting to ping a target that exists but receives no response or a
response that states the destination is unreachable, ICMP may be disabled, and the network may be
using TCP. Which of the following tools will Juan use to get a response from the target?
A. MegaPing
B. Zenmap
C. Nmap
D. hping - Answer D is correct.
Juan will use the hping tool to get a response from the network. He can use hping by calling it with the -
1 parameter, meaning he is using ICMP mode. hping is primarily a packet crafting program, allowing him
to initiate connections using different protocols with the header settings he wants, the default mode
may not work very well for him.
Answer C is incorrect. Nmap can be used for more than just identifying open ports. It can also be used to
identify application versions by grabbing banners.
Answer B is incorrect. Zenmap is a program that calls nmap based on a command specified, but it also
parses the results, providing them to you in different ways.
Answer A is incorrect. MegaPing has a number of capabilities, including the ability to run port scans.
our organization uses PGP instead of a certificate authority. Which of the following is responsible for
this?
A. Central trust authority
B. X.509 certificate
C. Buffer overflow
D. Decentralized approach - Answer D is correct.
Certificate authorities use a centralized approach to verification, while PGP uses a decentralized
approach, relying on individual users to verify the authenticity of a user and that user's key.
Answer C is incorrect. A buffer overflow sends more data than space has been allocated for into the
application.
, Answer B is incorrect. Both PGP and certificate authorities use X.509 certificates.
Answer A is incorrect. No such option as central trust authority exists.
Alicia, a forensic analyst, wants to ingest large amounts of organization's web log server data from
multiple resources. Which of the following will he use?
A. ElasticStack
B. Prewikka
C. Snorby
D. Snort - Answer A is correct.
Alicia will use ElasticStack as it is a good platform to ingest large amounts of data from multiple sources.
This can include log data as well as packet data.
Answer B is incorrect. Prewikka can be used along with an intrusion detection system as a dashboard.
Answer C is incorrect. Snorby is an auxiliary program used with Snort.
Answer D is incorrect. Snort is an intrusion detection program.
You have observed that the penetration testing life cycle is almost identical to the ethical hacking
methodology. Which of the following is the key difference will you suggest between these
methodologies?
A. Maintaining access
B. Reporting
C. Gaining access
D. Reconnaissance - Answer B is correct.
The only difference between the penetration testing life cycle and ethical hacking methodology is the
focus on the documentation of the penetration test. A detailed report of the tests performed and
everything that was discovered is important to a penetration test.
Answers D, A, and C are incorrect. Reconnaissance, maintaining access, and gaining access are all steps
in both methodologies.
A white-hat hacker gains control over a user account and attempts to acquire access to another
account's confidential information. Which of the following will help the hacker to achieve this?
A. Privilege escalation
B. Account escalation
