Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Website Intelligence can be defined as information about a webserver and its operating system. One way to get relevant information is just to connect to the webserver and issue a request to it. One of the useful tools in gathering web intelligence is the Netcraft tool. Which of the following sentences best describes the Netcraft tool?
Correct
The website netcraft.com provides hosting history for websites. This will provide the owner of the netblock that contains the IP address. It will also tell you the operating system the webserver runs on. In some cases, you will get details about the webserver version and other modules that have been enabled.
Incorrect
The website netcraft.com provides hosting history for websites. This will provide the owner of the netblock that contains the IP address. It will also tell you the operating system the webserver runs on. In some cases, you will get details about the webserver version and other modules that have been enabled.
-
Question 2 of 10
2. Question
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are generally the protocol used in port scanning. TCP is an orderly protocol that sends each packet in order, complete with error checking, verification, and a three-way handshake to confirm each packet is successful. Nmap can perform a variety of TCP scans, one of which is the null scan. Which of the following sentences best describes the null scan?
Correct
A null scan is a series of TCP packets that contain a sequence number of 0 and no set flag. The expected result of a null scan on an open port is no response. Since there are no flags set, the target will not know how to handle the request. It will discard the packet, and no reply will be sent. If the port is closed, the target will send an RST packet in response.
Incorrect
A null scan is a series of TCP packets that contain a sequence number of 0 and no set flag. The expected result of a null scan on an open port is no response. Since there are no flags set, the target will not know how to handle the request. It will discard the packet, and no reply will be sent. If the port is closed, the target will send an RST packet in response.
-
Question 3 of 10
3. Question
Vulnerability scanning takes a proactive approach to close any gaps and maintain strong security for an organization’s systems, data, employees, and customers. Data breaches are often the result of unpatched vulnerabilities, so identifying and eliminating these security gaps removes the attack vector. One of the useful tools in vulnerability scanning is the Security Administrator’s Integrated Network Tool (SAINT). Which of the following sentences describes SAINT?
Correct
Security Administrator’s Integrated Network Tool (SAINT) is an updated version of one of the first vulnerability scanners (SATAN). It allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fix and recommend security procedures.
Incorrect
Security Administrator’s Integrated Network Tool (SAINT) is an updated version of one of the first vulnerability scanners (SATAN). It allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fix and recommend security procedures.
-
Question 4 of 10
4. Question
Packet crafting is a technique that allows network administrators to probe firewall rule-sets and find an entry point into a targeted system or network. This is done by manually generating packets to test the network devices and behavior instead of using existing network traffic. One of the tools that can be used to craft or otherwise manipulate the header data is the hping tool. Which of the following descriptions best defines the hping tool?
Correct
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is similar to the ping utility; however, it has more functionality than sending a simple ICMP echo request that ping is usually used for. It can also be used to send a large volume of TCP traffic at a target while spoofing the source IP address, making it appear random or even originating from a specific user-defined source.
Incorrect
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is similar to the ping utility; however, it has more functionality than sending a simple ICMP echo request that ping is usually used for. It can also be used to send a large volume of TCP traffic at a target while spoofing the source IP address, making it appear random or even originating from a specific user-defined source.
-
Question 5 of 10
5. Question
The idea of interprocess communication has been around for decades. There have been several implementations of request-response protocols over the years; one example of this is the Remote Method Invocation (RMI). Which of the following sentences defines RMI?
Correct
Remote Method Invocation (RMI) is the object-oriented version of RPC. It is available as part of the core Java application programming interface (API), where the object interfaces are defined as Java interfaces and use object serialization.
Incorrect
Remote Method Invocation (RMI) is the object-oriented version of RPC. It is available as part of the core Java application programming interface (API), where the object interfaces are defined as Java interfaces and use object serialization.
-
Question 6 of 10
6. Question
Malware is consists of codes developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Ransomware is one of the most common types of malware. Which of the following sentences defines ransomware?
Correct
The goal of ransomware is to extort money from a victim. It is a program that encrypts a portion of a victim’s hard drive, where personal files are stored. The attacker provides instructions for the victim to send money, usually in a type of cryptocurrency like Bitcoin. The attacker will then provide the decryption key once the ransom has been paid.
Incorrect
The goal of ransomware is to extort money from a victim. It is a program that encrypts a portion of a victim’s hard drive, where personal files are stored. The attacker provides instructions for the victim to send money, usually in a type of cryptocurrency like Bitcoin. The attacker will then provide the decryption key once the ransom has been paid.
-
Question 7 of 10
7. Question
Dynamic analysis is performed by observing the behavior of the malware while it is actually running on a host system. Several tools can be used in conducting the dynamic analysis, one of which is IDA. Which of the following statements is true about IDA?
Correct
IDA is considered the king of debuggers and disassemblers. It is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. It has become the de-facto standard for the analysis of hostile code, vulnerability search, and commercial-off-the-shelf validation.
Incorrect
IDA is considered the king of debuggers and disassemblers. It is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. It has become the de-facto standard for the analysis of hostile code, vulnerability search, and commercial-off-the-shelf validation.
-
Question 8 of 10
8. Question
Packet capturing is the method of intercepting a data packet that is crossing a specific point in a data network. Once a packet is captured in real-time, it is stored for a period of time so that it can be analyzed, and then either be downloaded, archived, or discarded. Several tools can be used in packet capturing, one of which is the Wireshark tool. Which of the following sentences best defines the Wireshark tool?
Correct
Wireshark is a command-line GUI-based packet capture program. It is used to analyze the structure of different network protocols and has the ability to demonstrate encapsulation. The analyzer operates on Unix, Linux, and Microsoft Windows operating systems.
Incorrect
Wireshark is a command-line GUI-based packet capture program. It is used to analyze the structure of different network protocols and has the ability to demonstrate encapsulation. The analyzer operates on Unix, Linux, and Microsoft Windows operating systems.
-
Question 9 of 10
9. Question
A spoofing attack is when a malicious party impersonates another device or user on a network to launch attacks against network hosts, steal data, spread malware, or bypass access controls. There are several types of spoofing attacks that malicious parties can use, one of which is the DNS spoofing attack. Which of the following statements is true about the DNS spoofing attack?
Correct
DNS spoofing is a cyber-attack in which fake data is introduced into the DNS resolver’s cache, which causes the name server to return an incorrect IP address. This type of attack exploits vulnerabilities in domain name servers and redirect traffic towards illegitimate websites.
Incorrect
DNS spoofing is a cyber-attack in which fake data is introduced into the DNS resolver’s cache, which causes the name server to return an incorrect IP address. This type of attack exploits vulnerabilities in domain name servers and redirect traffic towards illegitimate websites.
-
Question 10 of 10
10. Question
Encrypted messages are problematic when it comes to capturing traffic. Encryption is intended to be end to end, meaning there is no way to sit in the middle. Any mechanism to sit in the middle defeats the end-to-end expectation of most encryption schemes. Ethical hackers discovered several ways to try to break encrypted protocols, one of which is by using the sslstrip program. Which of the following statements is not true about the sslstrip program?
Correct
Sslstrip was developed by Moxie Marlinspike in 2009 in conjunction with a presentation he made at Black Hat in 2009. It was developed to grab SSL messages and strip the encryption from them. It can also be used as a stand-alone program. Today, there is less of a likelihood of success in using this program because the vulnerabilities that allowed it to work have been resolved.
Incorrect
Sslstrip was developed by Moxie Marlinspike in 2009 in conjunction with a presentation he made at Black Hat in 2009. It was developed to grab SSL messages and strip the encryption from them. It can also be used as a stand-alone program. Today, there is less of a likelihood of success in using this program because the vulnerabilities that allowed it to work have been resolved.