CEH Certified Ethical Hacking Review Questions and Correct Answers
1 vue 0 fois vendu
Cours
Ethical Hacking
Établissement
Ethical Hacking
White hat If you have been contracted to perform an attack against a target system, you are what type of hacker?
Hacktivist Which of the following describes an attacker who goes after a target to draw attention to a cause?
Low What level of knowledge about hacking does a script kiddie have?
Perm...
ceh certified ethical hacking review questions and
white hat if you have been contracted to perform
hacktivist which of the following describes an at
École, étude et sujet
Ethical Hacking
Ethical Hacking
Vendeur
S'abonner
twishfrancis
Avis reçus
Aperçu du contenu
CEH Certified Ethical Hacking Review
Questions and Correct Answers
White hat ✅If you have been contracted to perform an attack against a target system,
you are what type of hacker?
Hacktivist ✅Which of the following describes an attacker who goes after a target to
draw attention to a cause?
Low ✅What level of knowledge about hacking does a script kiddie have?
Permission ✅Which of the following does an ethical hacker require to start evaluating
a system?
Complete knowledge ✅A white-box test means the tester has which of the following?
Suicide hacker ✅Which of the following describes a hacker who attacks without regard
for being caught or punished?
A description of expected behavior ✅What is a code of ethics?
Hacktivists ✅The group Anonymous is an example of what?
Legal reasons
Regulatory reasons
To perform an audit ✅Companies may require a penetration test for which of the
following reasons?
Get permission ✅What should a pentester do prior to initiating a new penetration test?
Hacks for political reasons ✅Which of the following best describes what a hacktivist
does?
Hacks without stealth ✅Which of the following best describes what a suicide hacker
does?
Gray hat ✅Which type of hacker may use their skills for both benign and malicious
goals at different times?
A lack of fear of being caught ✅What separates a suicide hacker from other attackers?
,White hat ✅Which of the following would most likely engage in the pursuit of
vulnerability research?
Passively uncovering vulnerabilities ✅Vulnerability research deals with which of the
following?
With no knowledge ✅How is black-box testing performed?
Gives proof ✅A contract is important because it does what?
Target of evaluation ✅What does TOE stand for?
A weakness ✅Which of the following best describes a vulnerability?
Application ✅At which layer of the OSI model does a proxy operate?
Layer 2 ✅If a device is using node MAC addresses to funnel traffic, what layer of the
OSI model is this device working in?
Windows ✅Which OS holds 90 percent of the desktop market and is one of our largest
attack surfaces?
443 ✅Which port uses SSL to secure web traffic?
Collision domain ✅What kind of domain resides on a single switchport?
Ring ✅Which network topology uses a token-based access methodology?
Layer 1 ✅Hubs operate at what layer of the OSI model?
SYN, SYN-ACK, ACK ✅What is the proper sequence of the TCP three-way-
handshake?
TCP ✅Which of these protocols is a connection-oriented protocol?
Telnet ✅A scan of a network client shows that port 23 is open; what protocol is this
aligned with?
49152 to 65535 ✅What port range is an obscure third-party application most likely to
use?
Packet ✅Which category of firewall filters is based on packet header data only?
,IDS ✅An administrator has just been notified of irregular network activity; what
appliance functions in this manner?
Mesh ✅Which topology has built-in redundancy because of its many client
connections?
All nodes attached to the same port ✅When scanning a network via a hardline
connection to a wired-switch NIC in promiscuous mode, what would be the extent of
network traffic you would expect to see?
Proxy ✅What device acts as an intermediary between an internal client and a web
resource?
NAT ✅Which technology allows the use of a single public address to support many
internal clients while also preventing exposure of internal IP addresses to the outside
world?
IPS ✅What network appliance senses irregularities and plays an active role in
stopping that irregular activity from continuing?
SMTP ✅You have selected the option in your IDS to notify you via email if it senses
any network irregularities. Checking the logs, you notice a few incidents but you didn't
receive any alerts. What protocol needs to be configured on the IDS?
Application firewall ✅Choosing a protective network appliance, you want a device that
will inspect packets at the most granular level possible while providing improved traffic
efficiency. What appliance would satisfy these requirements?
Shared key cryptography ✅Symmetric cryptography is also known as __________.
Certificate authority ✅Which of the following manages digital certificates?
Public key ✅Asymmetric encryption is also referred to as which of the following?
Nonreversible ✅Which of the following best describes hashing?
Hashing ✅A message digest is a product of which kind of algorithm?
Two keys ✅A public and private key system differs from symmetric because it uses
which of the following?
PKI system ✅A public key is stored on the local computer by its owner in a
__________.
, Number of keys ✅Symmetric key systems have key distribution problems due to
__________.
Integrity ✅What does hashing preserve in relation to data?
MD5 ✅Which of the following is a common hashing protocol?
A way of encrypting data in a reversible method ✅Which of the following best
describes PGP?
Securing transmitted data ✅SSL is a mechanism for which of the following?
PKI ✅Which system does SSL use to function?
Level 3 ✅In IPsec, encryption and other processes happen at which layer of the OSI
model?
Authentication services ✅In IPsec, what does Authentication Header (AH) provide?
Data security ✅In IPsec, what does Encapsulating Security Payload (ESP) provide?
During transmission ✅At what point can SSL be used to protect data?
PKI ✅Which of the following does IPsec use?
Netscape ✅Who first developed SSL?
AH/ESP ✅IPsec uses which two modes?
Investigation of a target ✅Which of the following best describes footprinting?
Port scanning ✅Which of the following is not typically used during footprinting?
To fine-tune search results ✅Why use Google hacking?
To gain information from human beings ✅What is the role of social engineering?
Check financial filings ✅What is EDGAR used to do?
Operators ✅Which of the following can be used to tweak or fine-tune search results?
Job boards ✅Which of the following can an attacker use to determine the technology
and structure within an organization?
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur twishfrancis. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €12,60. Vous n'êtes lié à rien après votre achat.
