CEH V12 PRACTICE EXAM QUESTIONS AND ANSWERS UPDATED (2024/2025) (VERIFIED ANSWERS)
4 views 0 purchase
Course
CEH - Certified Ethical Hacker
Institution
CEH - Certified Ethical Hacker
CEH V12 PRACTICE EXAM QUESTIONS AND ANSWERS UPDATED (2024/2025) (VERIFIED ANSWERS)CEH V12 PRACTICE EXAM QUESTIONS AND ANSWERS UPDATED (2024/2025) (VERIFIED ANSWERS)CEH V12 PRACTICE EXAM QUESTIONS AND ANSWERS UPDATED (2024/2025) (VERIFIED ANSWERS)CEH V12 PRACTICE EXAM QUESTIONS AND ANSWERS UPDATED (...
CEH V12 PRACTICE EXAM QUESTIONS
AND ANSWERS UPDATED (2024/2025)
(VERIFIED ANSWERS)
Alex, a cybersecurity specialist, received a task from the head to scan open
ports. One of the main conditions was to use the most reliable type of TCP
scanning. Which of the following types of scanning would Alex use?
A) NULL Scan
B) Half-open Scan
C) TCP Connect/Full Open Scan
D) Xmas Scan - ANS ✓TCP Connect/Full Open Scan
Which of the following Nmap options will you use if you want to scan fewer
ports than the default?
A) -p
B) -sP
C) -T
D) -F - ANS ✓-F
You conduct an investigation and finds out that the browser of one of your
employees sent malicious request that the employee knew nothing about.
Identify the web page vulnerability that the attacker used to attack your
employee?
A) Cross-Site Request Forgery (CSRF)
B) Command Injection Attacks
CEH V12
, 2
CEH
C) File Inclusion Attack
D) Hidden Field Manipulation Attack - ANS ✓Cross-Site Request Forgery
(CSRF)
Which of the following program attack both the boot sector and executable
files?
A) Stealth virus
B) Polymorphic virus
C) Macro virus
D) Multipartite virus - ANS ✓Multipartite virus
Which of the following is the type of violation when an unauthorized
individual enters a building following an employee through the employee
entrance?
A) Reverse Social Engineering
B) Tailgating
C) Pretexting
D) Announced - ANS ✓Tailgating
Maria conducted a successful attack and gained access to a linux server. She
wants to avoid that NIDS will not catch the succeeding outgoing traffic from
this server in the future. Which of the following is the best way to avoid
detection of NIDS?
A) Protocol Isolation
B) Out of band signaling
C) Encryption
D) Alternate Data Streams - ANS ✓Encryption
CEH V12
, 3
CEH
The company "Usual company" asked a cybersecurity specialist to check
their perimeter email gateway security. To do this, the specialist creates a
specially formatted email message:
From: employee76@usualcompany.com
To: employee34@usualcompany.com
Subject: Test message
Date: 5/8/2021 11:22
He sends this message over the Internet, and a "Usual company " employee
receives it. This means that the gateway of this company doesn't prevent
_____.
A) Email phishing
B) Email harvesting
C) Email spoofing
D) Email masquerading - ANS ✓Email Spoofing
How works the mechanism of a Boot Sector Virus?
A) Moves the MBR to another location on the Random-access memory and
copies itself to the original location of the MBR
B) Overwrites the original MBR and only executes the new virus code
C) Modifies directory table entries to point to the virus code instead of the
actual MBR
D) Moves the MBR to another location on the hard disk and copies itself to
the original location of the MBR - ANS ✓Moves the MBR to another location on
the hard disk and copies itself to the original location of the MBR
Which of the options presented below is not a Bluetooth attack?
A) Bluesnarfing
B) Bluesmacking
CEH V12
, 4
CEH
C) Bluejacking
D) Bluedriving - ANS ✓Bluedriving
Determine the type of SQL injection:
SELECT * FROM user WHERE name='x' AND userid IS NULL; --';
A) UNION SQL Injection
B) End of Line Comment
C) Illegal/Logically Incorrect Query
D) Tautology - ANS ✓End of Line Comment
Viktor, a white hat hacker, received an order to perform a penetration test
from the company "Test us". He starts collecting information and finds the
email of an employee of this company in free access. Viktor decides to send
a letter to this email, "boss@testus.com". He asks the employee to
immediately open the "link with the report" and check it. An employee of
the company "Test us" opens this link and infects his computer. Thanks to
these manipulations, Viktor gained access to the corporate network and
successfully conducted a pentest. What type of attack did Viktor use?
A) Eavesdropping
B) Piggybacking
C) Tailgating
D) Social engineering - ANS ✓Social Engineering
Michael works as a system administrator. He receives a message that
several sites are no longer available. Michael tried to go to the sites by URL,
but it didn't work. Then he tried to ping the sites and enter IP addresses in
the browser and it worked. What problem could Michael identify?
A) Traffic is blocked on UDP port 69
B) Traffic is blocked on UDP port 88
CEH V12
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller DoctorKen. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
