Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
When two TCP/IP-enabled hosts communicate with each other, data transfer is either connectionless or connection-oriented. Connectionless communication at the transport layer is accomplished by using what kind of protocol?
Correct
User Datagram Protocol (UDP) is part of the TCP/IP suite of protocols used for data transferring. UDP is also known as a stateless protocol, which means it doesn’t acknowledge that that packets being sent have been received. Examples of protocols using UDP are TFTP, DNS, and DHCP.
Incorrect
User Datagram Protocol (UDP) is part of the TCP/IP suite of protocols used for data transferring. UDP is also known as a stateless protocol, which means it doesn’t acknowledge that that packets being sent have been received. Examples of protocols using UDP are TFTP, DNS, and DHCP.
-
Question 2 of 10
2. Question
Hiding your online activities can be done using several techniques. What is this technique, wherein you use a packet-crafting tool of some sort to obscure the source IP address of packets sent from your machine?
Correct
IP spoofing is the creation of Internet Protocol (IP) packets that have a modified source address to either hide the identity of the sender, to impersonate another computer system, or both.
Incorrect
IP spoofing is the creation of Internet Protocol (IP) packets that have a modified source address to either hide the identity of the sender, to impersonate another computer system, or both.
-
Question 3 of 10
3. Question
What is this method for disguising your identity, which is defined as services on the internet that uses a proxy server to make internet activity untraceable?
Correct
An anonymizer protects personally-identifying information by hiding private information on the user’s behalf.
Some anonymizer referenced by ECC include the following:
(1) Guardster
(2) Ultrasurf
(3) Psiphon
(4) TailsIncorrect
An anonymizer protects personally-identifying information by hiding private information on the user’s behalf.
Some anonymizer referenced by ECC include the following:
(1) Guardster
(2) Ultrasurf
(3) Psiphon
(4) Tails -
Question 4 of 10
4. Question
Netcat is one of the tools used for banner grabbing. It is a command-line networking utility that reads and writes data across connections using TCP/IP. If you want to try banner grabbing using Netcat, what command will you type?
Correct
Netcat is an open-source network debugging and exploration utility that can read and write data across network connections using the TCP/IP protocol. The utility is fully compatible with several operating systems including Linux, FreeBSD, NetBSD, etc.
Incorrect
Netcat is an open-source network debugging and exploration utility that can read and write data across network connections using the TCP/IP protocol. The utility is fully compatible with several operating systems including Linux, FreeBSD, NetBSD, etc.
-
Question 5 of 10
5. Question
Sniffing is the process of monitoring and capturing all data packets that passes through a computer network using packet sniffers. What is this type of sniffing attack, which is conducted on a switched network?
Correct
Active sniffing is used to sniff a switch-based network. A switch is a device that connects two network devices together. Switches use the media access control address to forward information to their intended destination ports.
Incorrect
Active sniffing is used to sniff a switch-based network. A switch is a device that connects two network devices together. Switches use the media access control address to forward information to their intended destination ports.
-
Question 6 of 10
6. Question
Active sniffing is used to sniff a switch-based network. It involves injecting address resolution packets (ARP) into a target network to flood on the switch content addressable memory (CAM) table. What is this type of active sniffing technique, which is defined as an attack wherein the malicious hacker attempts to exhaust all available addresses from the server?
Correct
A DHCP starvation attack works by broadcasting DHCP requests with spoofed MAC addresses. If enough requests are sent, the network attacker can exhaust the address space available to the DHCP servers for some time.
Incorrect
A DHCP starvation attack works by broadcasting DHCP requests with spoofed MAC addresses. If enough requests are sent, the network attacker can exhaust the address space available to the DHCP servers for some time.
-
Question 7 of 10
7. Question
Intrusion detection systems (IDSs) are hardware or software devices that examine streams of packets for malicious behavior. What type of system is used if the packets are compared against a list of known traffic patterns that indicate an attack?
Correct
Signature-based IDS refers to the detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware. This system must be kept up to date, if not, newer intrusions may not be detected.
Incorrect
Signature-based IDS refers to the detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware. This system must be kept up to date, if not, newer intrusions may not be detected.
-
Question 8 of 10
8. Question
What is this type of intrusion detection system, which is the most widely used in the world and is defined as an open-source IDS capable of real-time traffic analysis and packet logging?
Correct
Snort is an open-source network intrusion detection system created by Martin Roesch. It is a packet sniffer that monitors network traffic in real-time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.
Incorrect
Snort is an open-source network intrusion detection system created by Martin Roesch. It is a packet sniffer that monitors network traffic in real-time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.
-
Question 9 of 10
9. Question
Passwords in Linux can be stored in two different files. What is this file, wherein passwords are displayed openly to anyone who has read privileges to this file?
Correct
Passwd file is a plain text-based database that contains information for all user accounts on the system. The file can only be modified by root or users with privileges and readable by all system users.
Incorrect
Passwd file is a plain text-based database that contains information for all user accounts on the system. The file can only be modified by root or users with privileges and readable by all system users.
-
Question 10 of 10
10. Question
A password attack is an attack wherein a third party is trying to gain access to your computer system by cracking a user’s password. According to ECC, there are four main attack types for password cracking: non-electronic, active online, passive online, and offline. Which of the following is an example of an active online attack?
Correct
The active online attack is done by directly communicating with the victim’s device. Examples of this attack include the following: hash injections, phishing, trojans, spyware, and keyloggers.
Incorrect
The active online attack is done by directly communicating with the victim’s device. Examples of this attack include the following: hash injections, phishing, trojans, spyware, and keyloggers.