Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Which of the following attacks use a false promise to pique a victim’s greed or curiosity?
Correct
Baiting attacks is usually used as a false or fake promise to pique a victim’s greed or curiosity. They tempt users into a trap that steals their personal and private information or infects their systems with malware or virus. The baiting attack mostly uses physical media to disperse malware or virus and get private information.
Incorrect
Baiting attacks is usually used as a false or fake promise to pique a victim’s greed or curiosity. They tempt users into a trap that steals their personal and private information or infects their systems with malware or virus. The baiting attack mostly uses physical media to disperse malware or virus and get private information.
-
Question 2 of 10
2. Question
Which of the following is a rogue access point configured to look just like a legitimate access point, meaning it advertises a known SSID?
Correct
An evil twin can be defined:-
(A) It is a rogue access point created to find just like a legitimate access point, meaning it shows itself a known SSID
(B) It is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communicationsIncorrect
An evil twin can be defined:-
(A) It is a rogue access point created to find just like a legitimate access point, meaning it shows itself a known SSID
(B) It is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications -
Question 3 of 10
3. Question
Which of the following is a hacking method that allows an individual to send anonymous messages to Bluetooth-enabled devices within a certain radius?
Correct
Bluejacking is a term which can be defined as:-
(A) When an attacker sends data to a Bluetooth device without having to get through the pairing process, or perhaps the pairing happens without the receiver knowing about it
(B) Bluejacking attack to transmit an unsolicited message to a victim. This might be a picture or a text message.
(C) This could be a spoof attack, where you send a message that appears to be from someone else in order to get the recipient to do something.Incorrect
Bluejacking is a term which can be defined as:-
(A) When an attacker sends data to a Bluetooth device without having to get through the pairing process, or perhaps the pairing happens without the receiver knowing about it
(B) Bluejacking attack to transmit an unsolicited message to a victim. This might be a picture or a text message.
(C) This could be a spoof attack, where you send a message that appears to be from someone else in order to get the recipient to do something. -
Question 4 of 10
4. Question
Which of the following is a hacking method that allows an individual to receive data from Bluetooth-enabled devices within a certain radius?
Correct
Bluesnarfing can be defined as follows:-
(A) It is more dangerous than bluejacking
(B) Bluejacking is sending data to a device, bluesnarfing is getting data from a device
(C) Bluetooth devices have to be exposed to a certain degree to allow other devices to begin a pairing process
(D) The possibility of another device taking advantage of that little time window
(E) It’s been possible to gain access to a device over Bluetooth without having gone through the pairing processIncorrect
Bluesnarfing can be defined as follows:-
(A) It is more dangerous than bluejacking
(B) Bluejacking is sending data to a device, bluesnarfing is getting data from a device
(C) Bluetooth devices have to be exposed to a certain degree to allow other devices to begin a pairing process
(D) The possibility of another device taking advantage of that little time window
(E) It’s been possible to gain access to a device over Bluetooth without having gone through the pairing process -
Question 5 of 10
5. Question
In Web Application Attacks, which of the following is an attack against the database server?
Correct
In cybersecurity, An SQL attack is defined as an attack against the database server by the hackers, ultimately, though it gets benefits of programming flaws in the application code. Moreover, just like an injection attack, it occurs when a hacker transmit malicious (injects) unexpected data through a web request.
Incorrect
In cybersecurity, An SQL attack is defined as an attack against the database server by the hackers, ultimately, though it gets benefits of programming flaws in the application code. Moreover, just like an injection attack, it occurs when a hacker transmit malicious (injects) unexpected data through a web request.
-
Question 6 of 10
6. Question
In Denial of Service Attacks, which of the following attack is used to generate a lot of traffic that overwhelms the network connection a service is using?
Correct
A bandwidth attack is generally used to create a lot of data traffic that overcrowds the network connection service is being used. A problem with bandwidth attacks, these days, is that target computer will likely have a lot more bandwidth capacity allotted than bandwidth attack. In this case, One computer can’t possibly create enough data traffic to take a website down.
Incorrect
A bandwidth attack is generally used to create a lot of data traffic that overcrowds the network connection service is being used. A problem with bandwidth attacks, these days, is that target computer will likely have a lot more bandwidth capacity allotted than bandwidth attack. In this case, One computer can’t possibly create enough data traffic to take a website down.
-
Question 7 of 10
7. Question
Which of the following is a type of Denial of Service attack that relies on a small stream of very slow traffic which can target application or server resources?
Correct
A low and slow attack is a type of Denial of service or Distributed denial of service attack that based on a small stream of very slow traffic on the internet which can target application or server resources. Slow HTTP attacks are often very effective and efficient without doing a lot of effort from the hacker or attacker.
Incorrect
A low and slow attack is a type of Denial of service or Distributed denial of service attack that based on a small stream of very slow traffic on the internet which can target application or server resources. Slow HTTP attacks are often very effective and efficient without doing a lot of effort from the hacker or attacker.
-
Question 8 of 10
8. Question
In Denial of Service attack, A Fraggle attack is similar to the Smurf attack mentioned earlier. Which of the following message send by Fraggle attack?
Correct
A Fraggle attack is defined as follows-
(A) It is similar to the Smurf attack
(B) In a Smurf attack, spoofed ICMP messages are sent to a broadcast address while a Fraggle attack uses the same approach, but instead of ICMP, UDP messages are sent
(C) UDP, like ICMP, doesn’t validate the source address and is connectionless, which means it can be spoofed
(D) The attacker sends a UDP request to the broadcast address of a network with the target address set as the sourceIncorrect
A Fraggle attack is defined as follows-
(A) It is similar to the Smurf attack
(B) In a Smurf attack, spoofed ICMP messages are sent to a broadcast address while a Fraggle attack uses the same approach, but instead of ICMP, UDP messages are sent
(C) UDP, like ICMP, doesn’t validate the source address and is connectionless, which means it can be spoofed
(D) The attacker sends a UDP request to the broadcast address of a network with the target address set as the source -
Question 9 of 10
9. Question
In Denial of Service attack, which of the following attack can crash a system?
Correct
Local Area Network Denial (LAND) can be explained as follows:-
(A) The system of the victim can crash by this attack
(B) In the LAND attack, source and destination information of a TCP segment set to be the same
(C) This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth
(D) This loop would lock up the system.Incorrect
Local Area Network Denial (LAND) can be explained as follows:-
(A) The system of the victim can crash by this attack
(B) In the LAND attack, source and destination information of a TCP segment set to be the same
(C) This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth
(D) This loop would lock up the system. -
Question 10 of 10
10. Question
Which of the following is an attack in which attacker overwrite the memory of an application?
Correct
Attackers or hackers can exploit buffer overflow issues by overwriting or modifying the memory of an application on the victim’s computer. What will This do, it simply changes the execution path of the application, triggering a response that ultimately crashes the files or exposes private or personal information.
Incorrect
Attackers or hackers can exploit buffer overflow issues by overwriting or modifying the memory of an application on the victim’s computer. What will This do, it simply changes the execution path of the application, triggering a response that ultimately crashes the files or exposes private or personal information.