Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
When it comes to a cryptographic hash, though, the change of a single character in the file contents will yield a completely different hash value, meaning whatever you are doing won’t get detected is which of the following evasion technique?
Correct
Intrusion detection/protection systems will sometime use a signature. In terms of a cryptographic hash, a change of a single character/ byte in the file contents will be yielded a completely different and new hash value, meaning that doing anything won’t get detected. This strategy is known as polymorphisms, from polymorph, meaning many shapes or forms.
Incorrect
Intrusion detection/protection systems will sometime use a signature. In terms of a cryptographic hash, a change of a single character/ byte in the file contents will be yielded a completely different and new hash value, meaning that doing anything won’t get detected. This strategy is known as polymorphisms, from polymorph, meaning many shapes or forms.
-
Question 2 of 10
2. Question
Which of the following can be used to evade network security mechanisms simply because these devices, when they are inline, would take time to reassemble the messages before the adversarial activity would be seen?
Correct
Fragmentation attacks can be used to bypass network security mechanisms because these sort of devices/equipment when they are online would take time to reassemble the received messages before the suspected activity would be seen. This reassembly also takes some time and in this way, some devices just don’t bother because the reassembly and detection can add latency to communications.
Incorrect
Fragmentation attacks can be used to bypass network security mechanisms because these sort of devices/equipment when they are online would take time to reassemble the received messages before the suspected activity would be seen. This reassembly also takes some time and in this way, some devices just don’t bother because the reassembly and detection can add latency to communications.
-
Question 3 of 10
3. Question
When using TCP, you can overlap sequence numbers. This is essentially the byte count that has been sent. You may send two TCP segments that appear to occupy the same space in the puzzle being put back together is which of the following evasion technique?
Correct
When using TCP, you can overlap sequence numbers. This is a type of the byte count which has been transmitted. By transmitting two TCP segments which look like to occupy the same space in the puzzle being put back together. The Intrusion Detection System (IDS) and the target Operating System (OS) may also decide where to put the puzzle back to its original place.
Incorrect
When using TCP, you can overlap sequence numbers. This is a type of the byte count which has been transmitted. By transmitting two TCP segments which look like to occupy the same space in the puzzle being put back together. The Intrusion Detection System (IDS) and the target Operating System (OS) may also decide where to put the puzzle back to its original place.
-
Question 4 of 10
4. Question
In Evasion Techniques of intrusion detection system, which of the following is a way of transmitting data inside something else?
Correct
For transmitting data inside something else is a technique which is known as a tunnel. For example, a tunnel can be created by using the Generic Routing Encapsulation (GRE) protocol, It can be done by taking packets (which are to be tunnelled) and encapsulating them inside of GRE packets. It looks like a GRE packet is passing through while in GRE packet our original payload or the data packets which sent.
Incorrect
For transmitting data inside something else is a technique which is known as a tunnel. For example, a tunnel can be created by using the Generic Routing Encapsulation (GRE) protocol, It can be done by taking packets (which are to be tunnelled) and encapsulating them inside of GRE packets. It looks like a GRE packet is passing through while in GRE packet our original payload or the data packets which sent.
-
Question 5 of 10
5. Question
Which of the following is about determining what services are running and then extracting information from those services?
Correct
Enumeration is a process which is defined as extracting user names, network resources, name of machines, shares and services from a system, computer or machine. This gathered information is used for vulnerabilities identification or weak area in system security and tries to exploit in the System gaining phase.
Incorrect
Enumeration is a process which is defined as extracting user names, network resources, name of machines, shares and services from a system, computer or machine. This gathered information is used for vulnerabilities identification or weak area in system security and tries to exploit in the System gaining phase.
-
Question 6 of 10
6. Question
Which of the following is a service that allows remote systems to consume procedures external to the application calling them?
Correct
A remote procedure call (RPC) is a service which is defined as it allows remote systems for the consumption of the procedures which are external to the application calling them. For example, A computer program on system Alpha can call a procedure or function on another system across the network. It does this using the RPC protocol.
Incorrect
A remote procedure call (RPC) is a service which is defined as it allows remote systems for the consumption of the procedures which are external to the application calling them. For example, A computer program on system Alpha can call a procedure or function on another system across the network. It does this using the RPC protocol.
-
Question 7 of 10
7. Question
Which of the following is an implementation of RPC that was also associated with Sun?
Correct
Network File System (NFS) is a file system which was developed in 1984 by Sun Microsystems. The portmapper is an implementation of Remote Procedure Call (RPC) that was also is a practical application of Sun Microsystem. It is sometimes referred to as SunRPC. In the same case as with a scanner in Metasploit that may also be used for identification of the ports allotted to the programs using the portmapper.
Incorrect
Network File System (NFS) is a file system which was developed in 1984 by Sun Microsystems. The portmapper is an implementation of Remote Procedure Call (RPC) that was also is a practical application of Sun Microsystem. It is sometimes referred to as SunRPC. In the same case as with a scanner in Metasploit that may also be used for identification of the ports allotted to the programs using the portmapper.
-
Question 8 of 10
8. Question
Java includes its own capability for remote procedure calls. Which of the following is called remote procedure calls for JAVA?
Correct
Java a programming language includes in its library its own capability for remote procedure calls, though in Java language it is known as remote method invocation (RMI). A version of the portmapper in Java language is called rmiregistry, and the system or computer must have this program in order to use RMI.
Incorrect
Java a programming language includes in its library its own capability for remote procedure calls, though in Java language it is known as remote method invocation (RMI). A version of the portmapper in Java language is called rmiregistry, and the system or computer must have this program in order to use RMI.
-
Question 9 of 10
9. Question
Which of the following will be used by the programmer, when they are creating a program that uses RMI?
Correct
When a programmer or developer is creating a program/tool that uses RMI, they use an RMI compiler (the program rmic). The programs which are used for calling/ connecting to an RMI registry for services enumeration are registered don’t need to know the specific interfaces needed to pass objects between the skeleton (computer hardware) and the stub because the only thing the enumeration is doing is identifying the skeletons or services on the remote system.
Incorrect
When a programmer or developer is creating a program/tool that uses RMI, they use an RMI compiler (the program rmic). The programs which are used for calling/ connecting to an RMI registry for services enumeration are registered don’t need to know the specific interfaces needed to pass objects between the skeleton (computer hardware) and the stub because the only thing the enumeration is doing is identifying the skeletons or services on the remote system.
-
Question 10 of 10
10. Question
Which of the following is used to compile Java source code to an intermediate code file?
Correct
For the compilation of Java source code to an intermediate code’s file is carried out by using the program javac. Using javac tool and its options for reading Java class, interface definitions and function of java and compile them into bytecode and class files.
Incorrect
For the compilation of Java source code to an intermediate code’s file is carried out by using the program javac. Using javac tool and its options for reading Java class, interface definitions and function of java and compile them into bytecode and class files.