100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CEH v12 Practice Questions with Correct Answers €12,22   In winkelwagen

Tentamen (uitwerkingen)

CEH v12 Practice Questions with Correct Answers

 13 keer bekeken  0 keer verkocht
  • Vak
  • CEH v12
  • Instelling
  • CEH V12

CEH v12 Practice Questions with Correct Answers Identify the type of DNS configuration in which first DNS server on the internal network and second DNS in DMZ? A) EDNS B) Split DNS C) DNSSEC D) DynDNS - Answer-Split DNS The fraudster Lisandro, masquerading as a large car manufacturing c...

[Meer zien]

Voorbeeld 4 van de 109  pagina's

  • 12 augustus 2024
  • 109
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
  • CEH v12
  • CEH v12
avatar-seller
CEH v12 Practice Questions with
Correct Answers
Identify the type of DNS configuration in which first DNS server on the internal network
and second DNS in DMZ?

A) EDNS
B) Split DNS
C) DNSSEC
D) DynDNS - Answer-Split DNS

The fraudster Lisandro, masquerading as a large car manufacturing company recruiter,
massively sends out job offers via e-mail with the promise of a good salary, a friendly
team, unlimited coffee, and medical insurance. He attaches Microsoft Word or Excel
documents to his letters into which he embeds a special virus written in Visual Basic
that runs when the document is opened and infects the victim's computer. What type of
virus does Lisandro use?

A) Polymorphic code
B) Multipart virus
C) Stealth virus
D) Macro virus - Answer-Macro virus

As a result of the attack on the dating web service, Ivan received a dump of all user
passwords in a hashed form. Ivan recognized the hashing algorithm and started
identifying passwords. What tool is he most likely going to use if the service used
hashing without salt?

A) Dictionary attacks
B) Brute force
C) Rainbow table
D) XSS - Answer-Rainbow table

The Domain Name System (DNS) is the phonebook of the Internet. When a user tries to
access a web address like "example.com", web browser or application performs a DNS
Query against a DNS server, supplying the hostname. The DNS server takes the
hostname and resolves it into a numeric IP address, which the web browser can
connect to. Which of the proposed tools allows you to set different DNS query types and
poll arbitrarily specified servers?

A) Metasploit
B) Wireshark
C) Nslookup

,D) Nikto - Answer-Nslookup

Ivan, a black-hat hacker, performs a man-in-the-middle attack. To do this, it uses a
rogue wireless AP and embeds a malicious applet in all HTTP connections. When the
victims went to any web page, the applet ran. Which of the following tools could Ivan
probably use to inject HTML code?

A) Wireshark
B) Aircrack-ng
C) tcpdump
D) Ettercap - Answer-Ettercap

The ping utility is used to check the integrity and quality of connections in networks. In
the process, it sends an ICMP Echo-Request and captures the incoming ICMP Echo-
Reply, but quite often remote nodes block or ignore ICMP. Which of the options will
solve this problem?

A) Use arping
B) Use hping
C) Use traceroute
D) Use broadcast ping - Answer-Use hping

Which of the following is a component of IPsec that performs protocol-level functions
required to encrypt and decrypt the packets?

A) IPsec Policy Agent
B) Oakley
C) IPsec driver
D) Internet Key Exchange (IKE) - Answer-IPsec driver


Which of the following tools is a command-line vulnerability scanner that scans web
servers for dangerous files/CGIs?

A) Snort
B) Kon-Boot
C) John the Ripper
D) Nikto - Answer-Nikto

Michael, a technical specialist, discovered that the laptop of one of the employees
connecting to a wireless point couldn't access the internet, but at the same time, it can
transfer files locally. He checked the IP address and the default gateway. They are both
on 192.168.1.0/24. Which of the following caused the problem?

A) The laptop is using an invalid IP address
B) The laptop and the gateway are not on the same network
C) The laptop isn't using a private IP address

,D) The gateway is not routing to a public IP address - Answer-The gateway is not
routing to a public IP address

Josh, a security analyst, wants to choose a tool for himself to examine links between
data. One of the main requirements is to present data using graphs and link analysis.
Which of the following tools will meet John's requirements?

A) Palantir
B) Maltego
C) Analyst's Notebook
D) Metasploit - Answer-Maltego

What describes two-factor authentication for a credit card (using a card and pin)?

A) Something you know and something you are
B) Something you have and something you know
C) Something you are and something you remember
D) Something you have and something you are - Answer-Something you have and
something you know

Identify a vulnerability in OpenSSL that allows stealing the information protected under
normal conditions by the SSL/TLS encryption used to secure the internet?

A) SSL/TLS Renegotiation Vulnerability
B) POODLE
C) Heartbleed Bug
D) Shellshock - Answer-Heartbleed Bug

You make a series of interactive queries, choosing subsequent plaintexts based on the
information from the previous encryption. What type of attack are you trying to perform?

A) Adaptive chosen-plaintext attack
B) Ciphertext-only attack
C) Known-plaintext attack
D) Chosen-plaintext attack - Answer-Adaptive chosen-plaintext attack

Which of the following does not apply to IPsec?

A) Provides authentication
B) Use key exchange
C) Encrypts the payloads
D) Work at the Data Link Layer - Answer-Work at the Data Link Layer

Alex, a cybersecurity specialist, received a task from the head to scan open ports. One
of the main conditions was to use the most reliable type of TCP scanning. Which of the
following types of scanning would Alex use?

, A) NULL Scan
B) Half-open Scan
C) TCP Connect/Full Open Scan
D) Xmas Scan - Answer-TCP Connect/Full Open Scan

Which of the following Nmap options will you use if you want to scan fewer ports than
the default?

A) -p
B) -sP
C) -T
D) -F - Answer--F

You conduct an investigation and finds out that the browser of one of your employees
sent malicious request that the employee knew nothing about. Identify the web page
vulnerability that the attacker used to attack your employee?

A) Cross-Site Request Forgery (CSRF)
B) Command Injection Attacks
C) File Inclusion Attack
D) Hidden Field Manipulation Attack - Answer-Cross-Site Request Forgery (CSRF)

Which of the following program attack both the boot sector and executable files?

A) Stealth virus
B) Polymorphic virus
C) Macro virus
D) Multipartite virus - Answer-Multipartite virus

Which of the following is the type of violation when an unauthorized individual enters a
building following an employee through the employee entrance?

A) Reverse Social Engineering
B) Tailgating
C) Pretexting
D) Announced - Answer-Tailgating

Maria conducted a successful attack and gained access to a linux server. She wants to
avoid that NIDS will not catch the succeeding outgoing traffic from this server in the
future. Which of the following is the best way to avoid detection of NIDS?

A) Protocol Isolation
B) Out of band signaling
C) Encryption
D) Alternate Data Streams - Answer-Encryption

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

√  	Verzekerd van kwaliteit door reviews

√ Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Scholarsstudyguide. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €12,22. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 75632 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€12,22
  • (0)
  Kopen