100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CEH V12 Questions with Correct Answers R260,41   Add to cart

Exam (elaborations)

CEH V12 Questions with Correct Answers

 8 views  0 purchase
  • Course
  • CEH V12
  • Institution
  • CEH V12

CEH V12 Questions with Correct Answers The attacker needs to collect information about his victim - Maria. She is an extrovert who often posts a large amount of private information, photos, and location tags of recently visited places on social networks. Which automated tool should an attacker use...

[Show more]

Preview 2 out of 8  pages

  • August 12, 2024
  • 8
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CEH V12
  • CEH V12
avatar-seller
CEH V12 Questions with Correct
Answers
The attacker needs to collect information about his victim - Maria. She is an extrovert
who often posts a large amount of private information, photos, and location tags of
recently visited places on social networks. Which automated tool should an attacker use
to gather information to perform other sophisticated attacks? - Answer-Hoot Suite

You need to protect the company's network from imminent threats. To complete this
task, you will enter information about threats into the security devices in a digital format
to block and identify inbound and outbound malicious traffic entering the company's
network. Which of the following types of threat intelligence will you use? - Answer-
Technical Threat Intelligence

Which antenna is commonly used in communications for a frequency band of 10 MHz to
VHF and UHF? - Answer-Yagi antenna

This attack exploits a vulnerability that provides additional routing information in the
SOAP header to support asynchronous communication. Also, it further allows the
transmission of web-service requests and response messages using different TCP
connections.
Which of the following attacks matches the description above? - Answer-WS-address
spoofing

Which of the following is a tool that passively maps and visually displays an ICS/SCADA
network topology while safely conducting device discovery, accounting, and reporting
on these critical cyber-physical systems? - Answer-GRASSMARLIN

There is a powerful tool written in Go that will allow an attacker to carry out a Man in the
middle (MITM) attack using, for example, ordinary arp spoofing. What kind of tool are
we talking about? - Answer-BetterCAP

Enabling SSI directives allows developers to add dynamic code snippets to static HTML
pages without using full-fledged client or server languages. However, suppose the
server is incorrectly configured (for example, allowing the exec directive) or the data is
not strictly verified. In that case, an attacker can change or enter directives to perform
malicious actions.
What kind of known attack are we talking about? - Answer-Server-side includes
injection

Which of the following is a cloud malware designed to exploit misconfigured kubelets in
a - Answer-Hildeguard

, You need to increase the security of keys used for encryption and authentication. For
these purposes, you decide to use a technique to enter an initial key to an algorithm that
generates an enhanced key resistant to brute-force attacks. Which of the following
techniques will you use? - Answer-Key stretching

Jonathan, the evil hacker, wants to capture all the data transmitted over a network and
perform expert analysis of each part of the target network. Which of the following tools
will help him execute this attack? - Answer-OmniPeek

WPS is a rather troubled wireless network security standard. While it can make your life
easier, it is also vulnerable to attacks. An attacker within radio range can brute-force the
WPS PIN for a vulnerable access point, obtain WEP or WPA passwords, and likely gain
access to the Wi-Fi network. However, first, the attacker needs to find a vulnerable
point.
Which of the following tools is capable of determining WPS-enabled access points? -
Answer-Wash

USB tools using to copy files from USB devices silently - Answer-USB Dumper

Attacker uses various IDS evasion techniques to bypass intrusion detection
mechanisms. At the same time, IDS is configured to detect possible violations of the
security policy, including unauthorized access and misuse. Which of the following
evasion method depend on the Time-to-Live (TTL) fields of a TCP/IP ? - Answer-
Insertion Attack

Which of the following is an encryption technique where data is encrypted by a
sequence of photons that have a spinning trait while traveling from one end to another?
- Answer-Quantum cryptography

Determine the attack by the description:
Determine the attack by the description: The known-plaintext attack used against DES.
This attack causes that encrypting plaintext with one DES key followed by encrypting it
with a second DES key is no more secure than using a single key.
- - Answer-Meet in the middle Attack

The evil hacker Antonio is trying to attack the IoT device. He will use several fake
identities to create a strong illusion of traffic congestion, affecting communication
between neighboring nodes and networks. What kind of attack does Antonio perform? -
Answer-Sybil Attack

Determine the attack according to the following scenario:
Benjamin performs a cloud attack during the translation of the SOAP message in the
TLS layer. He duplicates the body of the message and sends it to the server as a
legitimate user. As a result of these actions, Benjamin managed to access the server
resources to unauthorized access. - Answer-Wrapping

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for R260,41. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy summaries for 14 years now

Start selling
R260,41
  • (0)
  Buy now