CEH Exam Prep Questions with Correct Answers
Which tool can be used to silently copy files from USB devices?
A. USB Grabber
B. USB Snoopy
C. USB Dumper
D. USB Sniffer - Answer-C
You have successfully gained access to your client's internal network and successfully comprised a Linux
server ...
CEH Exam Prep Questions
with Correct Answers
Which tool can be used to silently copy files from USB devices?
A. USB Grabber
B. USB Snoopy
C. USB Dumper
D. USB Sniffer - Answer-C
You have successfully gained access to your client's internal network and successfully
comprised a Linux
server which is part of the internal IP network. You want to know which Microsoft
Windows workstations have
file sharing enabled.
Which port would you see listening on these Windows machines in the network?
A. 445
B. 3389
C. 1433
D. 161 - Answer-A
How does the Address Resolution Protocol (ARP) work?
A. It sends a request packet to all the network elements, asking for the domain name
from a specific IP.
B. It sends a request packet to all the network elements, asking for the MAC address
from a specific IP.
C. It sends a reply packet for a specific IP, asking for the MAC address.
D. It sends a reply packet to all the network elements, asking for the MAC address from
a specific IP. - Answer-B
Which of the following statements is TRUE?
A. Sniffers operate on Layer 3 of the OSI model.
B. Sniffers operate on the Layer 1 of the OSI model.
C. Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
D. Sniffers operate on Layer 2 of the OSI model. - Answer-C
An intrusion detection system, IDS, has alerted the network administrator to a possible
malicious sequence of
packets sent to a web server in the network's external DMZ. The packet traffic was
captured by the IDS and
,saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely
malicious or simply a false
positive?
A. Protocol analyzer
B. Network sniffer
C. Intrusion Prevention System (IPS)
D. Vulnerability scanner - Answer-A
A penetration tester is conducting a port scan on a specific host. The tester found
several ports opened that
were confusing in concluding the OS version installed. Considering the NMAP result
below, which of the
following is likely to be installed on the target machine by the OS? Starting NMAP 5.21
at 2011-03-15 11:06
NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed
ports PORT STATE
SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn
515/tcp open 631/tcp
open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
A. The host is likely a printer.
B. The host is likely a Windows machine.
C. The host is likely a Linux machine.
D. The host is likely a router. - Answer-A
Using Windows CMD, how would an attacker list all the shares to which the current user
context has access?
A. NET CONFIG
B. NET VIEW
C. NET FILE
D. NET USE - Answer-B
Look at the following output. What did the hacker accomplish?
; <<>> DiG 9.7.-P1 <<>> axfr domain.com @192.168.1.105
;; global options: +cmd
domain.com. 3600 IN SOA srv1.domain.com. hostsrv1.domain.com. 131 900 600
86400 3600
domain.com. 600 IN A 192.168.1.102
domain.com. 600 IN A 192.168.1.105
domain.com. 3600 IN NS srv1.domain.com.
domain.com. 3600 IN NS srv2.domain.com.
vpn.domain.com. 3600 IN A 192.168.1.1
server.domain.com. 3600 IN A 192.168.1.3
office.domain.com. 3600 IN A 192.168.1.4
remote.domain.com. 3600 IN A 192.168.1.48
,support.domain.com. 3600 IN A 192.168.1.47
ns1.domain.com. 3600 IN A 192.168.1.41
ns2.domain.com. 3600 IN A 192.168.1.42
ns3.domain.com. 3600 IN A 192.168.1.34
ns4.domain.com. 3600 IN A 192.168.1.45
srv1.domain.com. 3600 IN A 192.168.1.102
srv2.domain.com. 1200 IN A 192.168.1.105
domain.com. 3600 IN SOA srv1.domain.com. hostsrv1.domain.com. 131 900 600
86400 3600
;; Query time: 269 msec
;; - Answer-B
You have successfully compromised a machine on the network and found a server that
is alive on the same
network. You tried to ping it but you didn't get any response back.
What is happening?
A. ICMP could be disabled on the target server.
B. You need to run the ping command with root privileges.
C. TCP/IP doesn't support ICMP.
D. The ARP is disabled on the target server. - Answer-A
You have successfully comprised a server having an IP address of 10.10.0.5. You
would like to enumerate all
machines in the same network quickly.
What is the best nmap command you will use?
A. nmap -T4 -O 10.10.10.0/24
B. nmap -T4 -r 10.10.1.0/24
C. nmap -T4 -F 10.10.0.0/24
D. nmap -T4 -q 10.10.0.0/24 - Answer-C
Your company was hired by a small healthcare provider to perform a technical
assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based
computer?
A. Check MITRE.org for the latest list of CVE findings
B. Create a disk image of a clean Windows installation
C. Use the built-in Windows Update tool
D. Use a scan tool like Nessus - Answer-D
Which of the following security operations is used for determining the attack surface of
an organization?
A. Using configuration management to determine when and where to apply security
patches
B. Training employees on the security policy regarding social engineering
C. Running a network scan to detect network services in the corporate DMZ
D. Reviewing the need for a security clearance for each employee - Answer-C
, You have compromised a server on a network and successfully opened a shell. You
aimed to identify all
operating systems running on the network. However, as you attempt to fingerprint all
machines in the network
using the nmap syntax below, it is not going through.
invictus@victim_server:~$ nmap -T4 -O 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx
QUITTING!
What seems to be wrong?
A. The outgoing TCP/IP fingerprinting is blocked by the host firewall.
B. This is a common behavior for a corrupted nmap application.
C. OS Scan requires root privileges.
D. The nmap syntax is wrong. - Answer-C
Port scanning can be used as part of a technical assessment to determine network
vulnerabilities. The TCP
XMAS scan is used to identify listening ports on the targeted system.
If a scanned port is open, what happens?
A. The port will send a SYN.
B. The port will ignore the packets.
C. The port will send an RST.
D. The port will send an ACK - Answer-B
If the tester is attempting to ping a target that exists but receives no response or a
response that states the
destination is unreachable, ICMP may be disabled and the network may be using TCP.
Which other option
could the tester use to get a response from a host using TCP?
A. TCP ping
B. Broadcast ping
C. Traceroute
D. Hping - Answer-A
The "gray box testing" methodology enforces what kind of restriction?
A. Only the external operation of a system is accessible to the tester.
B. The internal operation of a system is completely known to the tester.
C. The internal operation of a system is only partly accessible to the tester.
D. Only the internal operation of a system is known to the tester. - Answer-C
The "black box testing" methodology enforces which kind of restriction?
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Scholarsstudyguide. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €11,99. Je zit daarna nergens aan vast.
