Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Which of the following protocols ensure Confidentiality and encryption of data for web-based communication?
Correct
Using encryption for web-based communication, the most common security protocol i.e. Secure Sockets Layer/Transport Layer (SSL/TLS) are used. It is a set of mechanisms, policies and procedure for encrypting important data. SSL and TLS both protocols specify how to create encryption keys from important data that is well known, as well as some partial data that is sent from one side to the other.
Incorrect
Using encryption for web-based communication, the most common security protocol i.e. Secure Sockets Layer/Transport Layer (SSL/TLS) are used. It is a set of mechanisms, policies and procedure for encrypting important data. SSL and TLS both protocols specify how to create encryption keys from important data that is well known, as well as some partial data that is sent from one side to the other.
-
Question 2 of 10
2. Question
In which of the following we expect data to be the same from the moment we send it to the moment it’s received?
Correct
The CIA triad is a model which can be defined as a model designed to guide policies and procedure for information safety and security within an organization and it consists of the following:-
(A) Confidentiality
(B) Integrity
(C) Availability
Integrity is defined as the following:-
(I) It is designed to protect important data from deletion, addition or modification from any unauthorized party
(II) it ensures that when an authorized person makes a change that should not have been made the damage can be reversed.Incorrect
The CIA triad is a model which can be defined as a model designed to guide policies and procedure for information safety and security within an organization and it consists of the following:-
(A) Confidentiality
(B) Integrity
(C) Availability
Integrity is defined as the following:-
(I) It is designed to protect important data from deletion, addition or modification from any unauthorized party
(II) it ensures that when an authorized person makes a change that should not have been made the damage can be reversed. -
Question 3 of 10
3. Question
In 1998, Donn Parker extended the initial three properties by adding three more in CIA TRIAD. Which of the following are the three additional properties added by Parker in CIA TRIAD?
Correct
The three additional properties added by Parker in CIA TRIAD are mentioned below:-
(A) Possession (or Control)
(B) Authenticity
(C) UtilityIncorrect
The three additional properties added by Parker in CIA TRIAD are mentioned below:-
(A) Possession (or Control)
(B) Authenticity
(C) Utility -
Question 4 of 10
4. Question
Which of the following is a programmatic situation where one process or thread is writing data while another process or thread is reading that data?
Correct
A race condition can be defined as it is a programmatic situation or condition where one function or thread is writing or generating data while another function or thread is reading that data. If they are not synced tightly, chances are there for the data to be read before it’s written. Chances are also there that they manipulate the data in between writing and reading.
Incorrect
A race condition can be defined as it is a programmatic situation or condition where one function or thread is writing or generating data while another function or thread is reading that data. If they are not synced tightly, chances are there for the data to be read before it’s written. Chances are also there that they manipulate the data in between writing and reading.
-
Question 5 of 10
5. Question
Who is an entity, like a person or group, that can instantiate a threat?
Correct
The term Threat Agent is used to indicate an individual person or group of people that can plan, manifest and execute a threat. It is necessary to recognise who would want to exploit the assets or secrets of an organization, and how this information might be used by them against the organization.
Incorrect
The term Threat Agent is used to indicate an individual person or group of people that can plan, manifest and execute a threat. It is necessary to recognise who would want to exploit the assets or secrets of an organization, and how this information might be used by them against the organization.
-
Question 6 of 10
6. Question
Which of the following is the pathway the threat agent takes to exploit vulnerability?
Correct
Threat vectors are the routes or the ways that malicious attacks may adopt to pass through the defences of the system and ultimately infect the network. Email or Phishing attacks and malicious attachments target the email threat vector.
Incorrect
Threat vectors are the routes or the ways that malicious attacks may adopt to pass through the defences of the system and ultimately infect the network. Email or Phishing attacks and malicious attachments target the email threat vector.
-
Question 7 of 10
7. Question
Which of the following is the definition of Threat?
Correct
A threat is defined as something that has the possibility to incur a breach of CIA triads i.e confidentiality, integrity, or availability. Any occurrence, event or an incident with the potential to adversely impact an Information System through unauthorized access to the computer system, completely destroy it, disclosure, deletion or addition of data, and/or denial of service.
Incorrect
A threat is defined as something that has the possibility to incur a breach of CIA triads i.e confidentiality, integrity, or availability. Any occurrence, event or an incident with the potential to adversely impact an Information System through unauthorized access to the computer system, completely destroy it, disclosure, deletion or addition of data, and/or denial of service.
-
Question 8 of 10
8. Question
Which of the following is the definition of the vulnerability?
Correct
In cybersecurity, vulnerability is defined as a weak point which can be exploited by hackers during the cyber attack to get unauthorized access to or perform unauthorized actions on a node or computer system. Vulnerabilities can allow attackers the follwoing:-
(A) To run code
(B) To access a system’s memory
(C) To install malware
(D) To steal, destroy or modify sensitive data.Incorrect
In cybersecurity, vulnerability is defined as a weak point which can be exploited by hackers during the cyber attack to get unauthorized access to or perform unauthorized actions on a node or computer system. Vulnerabilities can allow attackers the follwoing:-
(A) To run code
(B) To access a system’s memory
(C) To install malware
(D) To steal, destroy or modify sensitive data. -
Question 9 of 10
9. Question
Keeping in view of a company or business, Which of the following defines about what resources need to be protected, how resources should be utilized in a proper manner, how resources can or should be accessed?
Correct
A security policy can be defined as a statement of intention or written procedures with regard to the resources and setup of an organization or business. It defines the follwoing:-
(A) What a company considers for improvement of security
(B) What resources need to be protected
(C) How resources should be utilized in a proper manner
(D) How resources can or should be accessedIncorrect
A security policy can be defined as a statement of intention or written procedures with regard to the resources and setup of an organization or business. It defines the follwoing:-
(A) What a company considers for improvement of security
(B) What resources need to be protected
(C) How resources should be utilized in a proper manner
(D) How resources can or should be accessed -
Question 10 of 10
10. Question
Which of the following is a device that consolidates a lot of security functions into a single system that may be placed at a single point in the network?
Correct
A unified threat management (UTM) device is a device that summarizes a lot of security functions or system into a single system that may be installed at a single point in the entire network. This UTM would replace the follwoing:-
(A) Firewall
(B) Intrusion detection Device
(C) Intrusion protection devices
(D) Antivirus protection.Incorrect
A unified threat management (UTM) device is a device that summarizes a lot of security functions or system into a single system that may be installed at a single point in the entire network. This UTM would replace the follwoing:-
(A) Firewall
(B) Intrusion detection Device
(C) Intrusion protection devices
(D) Antivirus protection.