CEH v10 Questions with Correct Answers
Which of the following information is collected using enumeration?
A: Network resources, network shares, and machine names.
B: Open ports and services.
C: Email Recipient's system IP address and geolocation.
D: Operating systems, location of web se...
CEH v10 Questions with Correct
Answers
Which of the following information is collected using enumeration?
A: Network resources, network shares, and machine names.
B: Open ports and services.
C: Email Recipient's system IP address and geolocation.
D: Operating systems, location of web servers, users and passwords. - Answer-A:
Network resources, network shares, and machine names.
Which of the following protocols uses TCP or UDP as its transport protocol over port
389?
A: LDAP
B: SNMP
C: SMTP
D: SIP - Answer-A: LDAP
Which command lets a tester enumerate live systems in a class C network via ICMP
using native Windows tools?
A: ping 192.168.2.
B: ping 192.168.2.255
C: for %V in (1 1 255) do PING 192.168.2.%V
D: for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I "Reply" - Answer-B: ping
192.168.2.255
Which of the following cryptanalysis methods is applicable to symmetric key algorithms?
A: Linear cryptanalysis
B: Differential cryptanalysis
C: Integral cryptanalysis
D: Frequency Cryptanalysis - Answer-B: Differential cryptanalysis
,Which of the following cryptography attack methods is usually performed without the
use of a computer?
A: Ciphertext-only attack
Which of the following algorithms provides better protection against brute force attacks
by using a 160-bit message digest?
A: MD5
B: SHA-1
C: RC4
D: MD4 - Answer-B: SHA-1
Which of the PKI components is responsible for issuing and verifying digital certificate?
A: Validation authority (VA)
B: Certificate authority (CA)
C: Registration authority (RA)
D: End user - Answer-B: Certificate authority (CA)
Which of the following processes of PKI (public key infrastructure) ensures that a trust
relationship exists and that a certificate is still valid for specific operations?
A: Certificate issuance
To send a PGP-encrypted message, which piece of information from the recipient must
the sender have before encrypting the message?
A: Recipient's public key
B: Recipient's private key
C: Master encryption key
,D: Sender's public key - Answer-A: Recipient's public key
A network security administrator is worried about potential man-in-the-middle attacks
when users access a corporate website from their workstations. Which of the following
is the best remediation against this type of attack?
A: Implementing server-side PKI certificates for all connections
B: Mandating only client-side PKI certificates for all connections
C: Requiring client and server PKI certificates for all connections
D: Requiring strong authentication for all DNS queries - Answer-C: Requiring client and
server PKI certificates for all connections
Which of the following iOS applications allow you to find, lock, or erase a lost or stolen
device?
A: X-ray
B: Find my device
C: Find my Iphone
D: Faceniff - Answer-C: Find my Iphone
Which of the following processes allows Android users to attain privileged control within
Android's subsystem?
A: Jailbreaking
B: Wardriving
C: Rooting
D: Warchalking - Answer-C: Rooting
Which of the following browser applications encrypts your Internet traffic and then hides
it by bouncing through a series of computers around the world?
A: Google Chrome
B: UC Browser
C: Mozilla FireFox
D: ORBOT - Answer-D: ORBOT
, Hacker is a person who illegally breaks into a system or network without any
authorization to destroy, steal sensitive data or to perform any malicious attacks.
Black Hat hackers are:
a. Individuals professing hacker skills and using them for defensive purposes and are
also known as security analysts
b. Individuals with extraordinary skills, resorting to malicious or destructive activities and
are also known as crackers.
c. Individual to aim to bring down critical infrastructure for a "cause" and are not worried
about facing 30 years in jail for their actions.
d. Individuals who work both offensively and defensively at various times. - Answer-b.
Individuals with extraordinary skills, resorting to malicious or destructive activities and
are also known as crackers.
In order to compromise or to hack a system or network the hacker go through various
phases of hacking.What is the first hacking phase that hackers perform to gather
information about a target prior to launching an attack?
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining Access
e. Clearing tracks - Answer-a. Reconnaissance
Defense-in-depth is a security strategy in which several protection layers are placed
throughout an information system. It helps to prevent direct attacks against an
information system and data because a break in one layer only leads the attacker to the
next layers.
a. True
b. False - Answer-a. True
Penetration testing is a method of actively evaluating the security of an information
system f network by simulation an attack from a malicious source.Which of the following
techniques is used to simulate an attack from someone who is unfamiliar with the
system?
a. White box pen testing
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for R243,30. You're not tied to anything after your purchase.