CEH v12 Practice Questions with Correct Answers
Identify the type of DNS configuration in which first DNS server on the internal network and second DNS in DMZ?
A) EDNS
B) Split DNS
C) DNSSEC
D) DynDNS - Answer-Split DNS
The fraudster Lisandro, masquerading as a large car manufacturing c...
CEH v12 Practice Questions with
Correct Answers
Identify the type of DNS configuration in which first DNS server on the internal network
and second DNS in DMZ?
A) EDNS
B) Split DNS
C) DNSSEC
D) DynDNS - Answer-Split DNS
The fraudster Lisandro, masquerading as a large car manufacturing company recruiter,
massively sends out job offers via e-mail with the promise of a good salary, a friendly
team, unlimited coffee, and medical insurance. He attaches Microsoft Word or Excel
documents to his letters into which he embeds a special virus written in Visual Basic
that runs when the document is opened and infects the victim's computer. What type of
virus does Lisandro use?
A) Polymorphic code
B) Multipart virus
C) Stealth virus
D) Macro virus - Answer-Macro virus
As a result of the attack on the dating web service, Ivan received a dump of all user
passwords in a hashed form. Ivan recognized the hashing algorithm and started
identifying passwords. What tool is he most likely going to use if the service used
hashing without salt?
A) Dictionary attacks
B) Brute force
C) Rainbow table
D) XSS - Answer-Rainbow table
The Domain Name System (DNS) is the phonebook of the Internet. When a user tries to
access a web address like "example.com", web browser or application performs a DNS
Query against a DNS server, supplying the hostname. The DNS server takes the
hostname and resolves it into a numeric IP address, which the web browser can
connect to. Which of the proposed tools allows you to set different DNS query types and
poll arbitrarily specified servers?
A) Metasploit
B) Wireshark
C) Nslookup
,D) Nikto - Answer-Nslookup
Ivan, a black-hat hacker, performs a man-in-the-middle attack. To do this, it uses a
rogue wireless AP and embeds a malicious applet in all HTTP connections. When the
victims went to any web page, the applet ran. Which of the following tools could Ivan
probably use to inject HTML code?
A) Wireshark
B) Aircrack-ng
C) tcpdump
D) Ettercap - Answer-Ettercap
The ping utility is used to check the integrity and quality of connections in networks. In
the process, it sends an ICMP Echo-Request and captures the incoming ICMP Echo-
Reply, but quite often remote nodes block or ignore ICMP. Which of the options will
solve this problem?
A) Use arping
B) Use hping
C) Use traceroute
D) Use broadcast ping - Answer-Use hping
Which of the following is a component of IPsec that performs protocol-level functions
required to encrypt and decrypt the packets?
A) IPsec Policy Agent
B) Oakley
C) IPsec driver
D) Internet Key Exchange (IKE) - Answer-IPsec driver
Which of the following tools is a command-line vulnerability scanner that scans web
servers for dangerous files/CGIs?
A) Snort
B) Kon-Boot
C) John the Ripper
D) Nikto - Answer-Nikto
Michael, a technical specialist, discovered that the laptop of one of the employees
connecting to a wireless point couldn't access the internet, but at the same time, it can
transfer files locally. He checked the IP address and the default gateway. They are both
on 192.168.1.0/24. Which of the following caused the problem?
A) The laptop is using an invalid IP address
B) The laptop and the gateway are not on the same network
C) The laptop isn't using a private IP address
,D) The gateway is not routing to a public IP address - Answer-The gateway is not
routing to a public IP address
Josh, a security analyst, wants to choose a tool for himself to examine links between
data. One of the main requirements is to present data using graphs and link analysis.
Which of the following tools will meet John's requirements?
A) Palantir
B) Maltego
C) Analyst's Notebook
D) Metasploit - Answer-Maltego
What describes two-factor authentication for a credit card (using a card and pin)?
A) Something you know and something you are
B) Something you have and something you know
C) Something you are and something you remember
D) Something you have and something you are - Answer-Something you have and
something you know
Identify a vulnerability in OpenSSL that allows stealing the information protected under
normal conditions by the SSL/TLS encryption used to secure the internet?
A) SSL/TLS Renegotiation Vulnerability
B) POODLE
C) Heartbleed Bug
D) Shellshock - Answer-Heartbleed Bug
You make a series of interactive queries, choosing subsequent plaintexts based on the
information from the previous encryption. What type of attack are you trying to perform?
A) Adaptive chosen-plaintext attack
B) Ciphertext-only attack
C) Known-plaintext attack
D) Chosen-plaintext attack - Answer-Adaptive chosen-plaintext attack
Which of the following does not apply to IPsec?
A) Provides authentication
B) Use key exchange
C) Encrypts the payloads
D) Work at the Data Link Layer - Answer-Work at the Data Link Layer
Alex, a cybersecurity specialist, received a task from the head to scan open ports. One
of the main conditions was to use the most reliable type of TCP scanning. Which of the
following types of scanning would Alex use?
, A) NULL Scan
B) Half-open Scan
C) TCP Connect/Full Open Scan
D) Xmas Scan - Answer-TCP Connect/Full Open Scan
Which of the following Nmap options will you use if you want to scan fewer ports than
the default?
A) -p
B) -sP
C) -T
D) -F - Answer--F
You conduct an investigation and finds out that the browser of one of your employees
sent malicious request that the employee knew nothing about. Identify the web page
vulnerability that the attacker used to attack your employee?
A) Cross-Site Request Forgery (CSRF)
B) Command Injection Attacks
C) File Inclusion Attack
D) Hidden Field Manipulation Attack - Answer-Cross-Site Request Forgery (CSRF)
Which of the following program attack both the boot sector and executable files?
A) Stealth virus
B) Polymorphic virus
C) Macro virus
D) Multipartite virus - Answer-Multipartite virus
Which of the following is the type of violation when an unauthorized individual enters a
building following an employee through the employee entrance?
A) Reverse Social Engineering
B) Tailgating
C) Pretexting
D) Announced - Answer-Tailgating
Maria conducted a successful attack and gained access to a linux server. She wants to
avoid that NIDS will not catch the succeeding outgoing traffic from this server in the
future. Which of the following is the best way to avoid detection of NIDS?
A) Protocol Isolation
B) Out of band signaling
C) Encryption
D) Alternate Data Streams - Answer-Encryption
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur Scholarsstudyguide. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €11,52. Vous n'êtes lié à rien après votre achat.
