Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Transmission Control Protocol (TCP) is a connection-oriented communications protocol that facilitates the exchange of messages between computing devices in a network. The sequence number field is one of the headers defined for TCP. Which of the following sentences best describes the sequence number header?
Correct
The sequence number is part of what contributes to guaranteed delivery. This is a 32-bit number that is set to a random value when the conversation is initiated. It is incremented with the number of bytes that are sent.
Incorrect
The sequence number is part of what contributes to guaranteed delivery. This is a 32-bit number that is set to a random value when the conversation is initiated. It is incremented with the number of bytes that are sent.
-
Question 2 of 10
2. Question
In the Open Systems Interconnection (OSI) reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Which of the following statements defines the network layer in the OSI model?
Correct
The network layer is the third layer in the Open Systems Interconnection (OSI) model. This layer gets messages from one endpoint to another. It does this by taking care of addressing and routing. The IP is one protocol that exists at this layer.
Incorrect
The network layer is the third layer in the Open Systems Interconnection (OSI) model. This layer gets messages from one endpoint to another. It does this by taking care of addressing and routing. The IP is one protocol that exists at this layer.
-
Question 3 of 10
3. Question
Penetration testing is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit. It is consists of five phases. Which of the following sentences best describes the gaining access phase?
Correct
The gaining access phase is what many people consider to be the most interesting and important part of a penetration test. This is where you can demonstrate that some services are potentially vulnerable by exploiting the service.
Incorrect
The gaining access phase is what many people consider to be the most interesting and important part of a penetration test. This is where you can demonstrate that some services are potentially vulnerable by exploiting the service.
-
Question 4 of 10
4. Question
The User Datagram Protocol (UDP) is a much lighter-weight protocol that offers no guarantee of delivery. Messages sent using UDP are just put out on the wire with the hope that they will get to the destination because the IP protocol will just take care of everything. Which of the following statements is true about the header fields defined for UDP?
Correct
There are four header fields in the User Datagram Protocol (UDP). All of them are 16-bits in length, and half of it is the source and destination ports. In UDP, the source port is considered an optional field. The reason for this is that since there is no connection, there may never be a response from the server. It’s entirely up to the application in use.
Incorrect
There are four header fields in the User Datagram Protocol (UDP). All of them are 16-bits in length, and half of it is the source and destination ports. In UDP, the source port is considered an optional field. The reason for this is that since there is no connection, there may never be a response from the server. It’s entirely up to the application in use.
-
Question 5 of 10
5. Question
Organizations spend a lot of time and effort on defenses and mitigations against attacks. To secure their business, they create policies, guidelines, standards, and procedures. Which of the following statements best defines procedures?
Correct
Procedures are the actual implementation of the standard. These provide guidance about how, specifically, the standards are achieved at a very granular level. This may be accomplished with step-by-step instructions on what needs to be done.
Incorrect
Procedures are the actual implementation of the standard. These provide guidance about how, specifically, the standards are achieved at a very granular level. This may be accomplished with step-by-step instructions on what needs to be done.
-
Question 6 of 10
6. Question
The primary purpose of a firewall is to establish a barrier between your internal network and incoming traffic from external sources to block malicious traffic like viruses and hackers. Packet filtering is one of the firewall techniques. Which of the following statements is true about packet filtering?
Correct
Packet filtering is very basic in its functionality. It is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination IP addresses, protocols, and ports.
Incorrect
Packet filtering is very basic in its functionality. It is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination IP addresses, protocols, and ports.
-
Question 7 of 10
7. Question
The Operating System maintains a log of events that help in monitoring, administering, and troubleshooting the system in addition to helping users get information about important processes. One of the most common log management solutions organizations used is the Elastic Stack. Which of the following statement best defines Elastic Stack?
Correct
Elastic Stack is a complete end-to-end log analysis solution that helps in deep searching, analyzing, and visualizing the log generated from different machines. It is an amazing and powerful collection of three open-source projects: Elasticsearch, Logstash, and Kibana. Despite each one of these three technologies being a separate project, they have been built to work exceptionally well together.
Incorrect
Elastic Stack is a complete end-to-end log analysis solution that helps in deep searching, analyzing, and visualizing the log generated from different machines. It is an amazing and powerful collection of three open-source projects: Elasticsearch, Logstash, and Kibana. Despite each one of these three technologies being a separate project, they have been built to work exceptionally well together.
-
Question 8 of 10
8. Question
Different organizations were established to perform registrant functions, store information about addresses they are responsible for as well as contacts. One of these organizations is the Regional Internet Registries (RIR). Which of the following statements best defines RIR?
Correct
Regional Internet Registries (RIR) is an organization that manages and controls internet addresses in a specific region, usually a country and sometimes an entire continent.
There are five Regional Internet Registries:
(1) African Network Information Center (AfriNIC)
(2) American Registry for Internet Numbers (ARIN)
(3) Asia Pacific Network Information Centre (APNIC)
(4) Latin America Network Information Centre (LACNIC)
(5) Reseaux IP Europeens Network Coordination Centre (RIPE NCC)Incorrect
Regional Internet Registries (RIR) is an organization that manages and controls internet addresses in a specific region, usually a country and sometimes an entire continent.
There are five Regional Internet Registries:
(1) African Network Information Center (AfriNIC)
(2) American Registry for Internet Numbers (ARIN)
(3) Asia Pacific Network Information Centre (APNIC)
(4) Latin America Network Information Centre (LACNIC)
(5) Reseaux IP Europeens Network Coordination Centre (RIPE NCC) -
Question 9 of 10
9. Question
Open Source Intelligence (OSINT) is the collection and analysis of information that is gathered from the public. It is primarily used in national security, law enforcement, and business intelligence functions. There are several useful tools in gathering OSINT, one of which is the PeekYou tool. Which of the following sentences best describes the PeekYou tool?
Correct
PeekYou is a search engine that allows you to look for people using their real names and usernames. It collects and combines scattered content from social media sites, news sources, homepages, and blog platforms to present comprehensive online identities.
Incorrect
PeekYou is a search engine that allows you to look for people using their real names and usernames. It collects and combines scattered content from social media sites, news sources, homepages, and blog platforms to present comprehensive online identities.
-
Question 10 of 10
10. Question
Passive reconnaissance is the first step hackers take before exploiting system or network vulnerabilities. Several tools can be used in conducting passive reconnaissance, one of which is the Passive Recon tool. Which of the following sentences is true about the Passive Recon tool?
Correct
Passive Recon is a firefox extension that requires a multitude of public databases and look-up services like DNS, whois, and other related tools to reveal as much information as possible about a domain without interacting with it directly.
Incorrect
Passive Recon is a firefox extension that requires a multitude of public databases and look-up services like DNS, whois, and other related tools to reveal as much information as possible about a domain without interacting with it directly.