Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Website footprinting is a technique in which information about the target is collected by monitoring its website. Hackers can map the entire website of the target without being noticed. What tools can you use if you want to know the connection status, content type, and web server information of a target?
Correct
Using tools such as Burp Suite, Firebug, and Website Informer allows you to grab headers and cookies and learn connection status, content type, and web server information.
Incorrect
Using tools such as Burp Suite, Firebug, and Website Informer allows you to grab headers and cookies and learn connection status, content type, and web server information.
-
Question 2 of 10
2. Question
The domain name system (DNS) is a naming database in which internet domain names are located and translated into the internet protocol (IP) addresses. Which of the following statements best describes the pointer (PTR) record?
Correct
A pointer (PTR) record, also called reverse DNS record, maps an IP address to a hostname. The purpose of a PTR record is mostly administrative; it shows an IP address is used with a particular domain.
Incorrect
A pointer (PTR) record, also called reverse DNS record, maps an IP address to a hostname. The purpose of a PTR record is mostly administrative; it shows an IP address is used with a particular domain.
-
Question 3 of 10
3. Question
The start of authority (SOA) record identifies the primary name server for the zone. It contains the hostname of the server responsible for all DNS records within the namespace. Which of the following information is not included in the SOA record?
Correct
The start of authority (SOA) record contains the following information:
(1) The hostname of the primary DNS server for the zone.
(2) The email address of the person responsible for the zone file.
(3) The revision number of the zone file.
(4) The amount of time a secondary DNS server will wait before asking for updates.
(5) The amount of time a secondary server will wait to retry if the zone transfer fails.
(6) The maximum amount of time a secondary server will spend trying to complete a zone transfer.
(7) The minimum time to live for all records in the zone.Incorrect
The start of authority (SOA) record contains the following information:
(1) The hostname of the primary DNS server for the zone.
(2) The email address of the person responsible for the zone file.
(3) The revision number of the zone file.
(4) The amount of time a secondary DNS server will wait before asking for updates.
(5) The amount of time a secondary server will wait to retry if the zone transfer fails.
(6) The maximum amount of time a secondary server will spend trying to complete a zone transfer.
(7) The minimum time to live for all records in the zone. -
Question 4 of 10
4. Question
Network mapping is the process of discovering and visualizing the physical and virtual connectivity in a group of interrelated tasks that facilitate the creation of a network map, including flow charts, network diagrams, and device inventories. One important tool used in network mapping is traceroute. Which of the following statements best describes the traceroute tool?
Correct
Traceroute is a command-line tool that tracks a packet across the Internet and provides the route path and transit times. The traceroute utility comes included with several operating systems, including Windows and UNIX-based operating systems, or as part of a TCP/IP package.
Incorrect
Traceroute is a command-line tool that tracks a packet across the Internet and provides the route path and transit times. The traceroute utility comes included with several operating systems, including Windows and UNIX-based operating systems, or as part of a TCP/IP package.
-
Question 5 of 10
5. Question
ARP poisoning is a sniffing technique, which refers to the process of maliciously changing the ARP cache on a machine to inject faulty entries. Which of the following tools can you use to conduct this attack?
Correct
Address resolution protocol (ARP) poisoning is a form of attack in which an attacker changes the MAC address and attacks an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets. Some useful tools in ARP poisoning include the following: Cain and Abel, WinArpAttacker, Ufasoft, and dsniff.
Incorrect
Address resolution protocol (ARP) poisoning is a form of attack in which an attacker changes the MAC address and attacks an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets. Some useful tools in ARP poisoning include the following: Cain and Abel, WinArpAttacker, Ufasoft, and dsniff.
-
Question 6 of 10
6. Question
A behavior-based intrusion detection system is a hardware or software device that examines streams of packets for unusual or malicious behavior. Decision alerts are based on learned behavior and normal patterns; anything out of the ordinary for a normal day sounds the alarm. Which of the following statements best describes false positive in a behavior-based IDS?
Correct
A false positive in a behavior-based intrusion detection system is when the IDS identifies an activity as an attack, but the activity is acceptable behavior meanwhile, a false negative occurs when the IDS reports a particular stream of traffic is just fine with no corresponding alarm or alert, when, in fact, and intrusion attempt did occur.
Incorrect
A false positive in a behavior-based intrusion detection system is when the IDS identifies an activity as an attack, but the activity is acceptable behavior meanwhile, a false negative occurs when the IDS reports a particular stream of traffic is just fine with no corresponding alarm or alert, when, in fact, and intrusion attempt did occur.
-
Question 7 of 10
7. Question
A firewall is an appliance within a network that is created to protect internal resources from unauthorized external access. There are several types of firewalls, one of which is the circuit-level gateway firewall. Which of the following descriptions defines the circuit-level gateway firewall?
Correct
A circuit-level gateway is a firewall that provides UDP and TCP connection security. It works at the OSI network model’s session layer and allows or prevents data streams.
Incorrect
A circuit-level gateway is a firewall that provides UDP and TCP connection security. It works at the OSI network model’s session layer and allows or prevents data streams.
-
Question 8 of 10
8. Question
A honeypot is a system set up as a decoy to entice attackers. The idea is to load it up with fake goodies, with not-too-easy vulnerabilities a hacker may exploit. Which of the following statements best describes a low-interaction honeypot?
Correct
A low-interaction honeypot simulates a limited number of services and cannot be compromised completely. It will usually emulate a small number of internet protocols and network services, just enough to deceive the attacker and no more. Examples of these include Specter, Honeyd, and KFSensor.
Incorrect
A low-interaction honeypot simulates a limited number of services and cannot be compromised completely. It will usually emulate a small number of internet protocols and network services, just enough to deceive the attacker and no more. Examples of these include Specter, Honeyd, and KFSensor.
-
Question 9 of 10
9. Question
The windows registry is a collection of all the settings and configurations that make the system run. Two basic elements make up a registry setting: keys and values. Which of the following descriptions defines the root-level key HKEY_CLASSES_ROOT (HKCR)?
Correct
The root-level keys in the windows registry are as follows:
(1) HKEY_LOCAL_MACHINE (HKLM) contains hardware information.
(2) HKEY_CURRENT_USER (HKCU) contains profile information for the user currently logged on. Information includes user-level preferences for the OS and applications.
(3) HKEY_CLASSES_ROOT (HKCR) contains information on file associations and object linking and embedding classes.
(4) HKEY_USERS (HKU) contains specific user configuration information for all currently active users on the computer.
(5) HKEY_CURRENT_CONFIG (HKCC) stores differences between the standard configuration and the current hardware configuration.Incorrect
The root-level keys in the windows registry are as follows:
(1) HKEY_LOCAL_MACHINE (HKLM) contains hardware information.
(2) HKEY_CURRENT_USER (HKCU) contains profile information for the user currently logged on. Information includes user-level preferences for the OS and applications.
(3) HKEY_CLASSES_ROOT (HKCR) contains information on file associations and object linking and embedding classes.
(4) HKEY_USERS (HKU) contains specific user configuration information for all currently active users on the computer.
(5) HKEY_CURRENT_CONFIG (HKCC) stores differences between the standard configuration and the current hardware configuration. -
Question 10 of 10
10. Question
A password offline attack occurs when the hacker steals a copy of the password file and works the cracking efforts on a separate system. It can be done in one of three main ways: dictionary attack, hybrid attack, and brute-force attack. Which of the following statements best describes a brute-force attack?
Correct
A brute force attack, also known as exhaustive search, is a cryptographic hack that relies on guessing combinations of a targeted password until the correct password is discovered. This attack is time-consuming and is difficult to perform if methods such as data obfuscation are used.
Incorrect
A brute force attack, also known as exhaustive search, is a cryptographic hack that relies on guessing combinations of a targeted password until the correct password is discovered. This attack is time-consuming and is difficult to perform if methods such as data obfuscation are used.