Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Ethical hacking, also called penetration testing, is the process of performing a test against software to identify vulnerabilities that can be used to compromise the software and the computer system. One of the types of penetration testing is the red team assessment. Which of the following sentences is not true about a red team member?
Correct
The red team assessment is a specific type of penetration test where the testers are adversarial to the organization and network under test. A red team member would act as an attacker, meaning they would try to be stealthy so as not to be detected.
Incorrect
The red team assessment is a specific type of penetration test where the testers are adversarial to the organization and network under test. A red team member would act as an attacker, meaning they would try to be stealthy so as not to be detected.
-
Question 2 of 10
2. Question
Ethical hacking is consists of five phases: reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access, and covering tracks. Which of the following sentences best describes the scanning and enumeration phase?
Correct
The scanning and enumeration phase involves identifying systems that are accessible within the network blocks. It is where the information collected from the reconnaissance phase is used to examine the target network further for specific details, such as computer names, IP addresses, open ports, user accounts, OS details, system architecture, and vulnerabilities.
Incorrect
The scanning and enumeration phase involves identifying systems that are accessible within the network blocks. It is where the information collected from the reconnaissance phase is used to examine the target network further for specific details, such as computer names, IP addresses, open ports, user accounts, OS details, system architecture, and vulnerabilities.
-
Question 3 of 10
3. Question
The Open Systems Interconnection (OSI) model is created by the International Organization for Standardization to help refer to boundaries between functions within a network stack. It is consists of seven layers. Which of the following statements defines the session layer in the OSI model?
Correct
The session layer is the 5th layer in the Open Systems Interconnection (OSI) model. This layer manages the communication between the endpoints when it comes to maintaining the communication of the applications. It is responsible for establishing, managing, synchronizing, and terminating sessions between end-user application processes. An example of a function at the session layer is the remote procedure calls (RPCs).
Incorrect
The session layer is the 5th layer in the Open Systems Interconnection (OSI) model. This layer manages the communication between the endpoints when it comes to maintaining the communication of the applications. It is responsible for establishing, managing, synchronizing, and terminating sessions between end-user application processes. An example of a function at the session layer is the remote procedure calls (RPCs).
-
Question 4 of 10
4. Question
Network topology refers to the layout of a network, and how different nodes in a network are connected, and how they communicate. Which of the following descriptions defines a bus topology?
Correct
A bus topology also called line topology or backbone topology, orients all the devices on a network along a single cable running in a single direction, from one end of the network to the other.
Incorrect
A bus topology also called line topology or backbone topology, orients all the devices on a network along a single cable running in a single direction, from one end of the network to the other.
-
Question 5 of 10
5. Question
The Internet Engineering Task Force (IETF) is responsible for maintaining all of the documentation related to protocols. If a person or a group of people wants to propose a new protocol or an extension to an existing protocol, what document will they need to write and submit to IETF?
Correct
A request for comments (RFC) is a formal document drafted by the Internet Engineering Task Force (IETF) that describes the specifications for a particular technology. It is used when a person or a group of people wants to propose a new protocol or an extension to an existing protocol. When an RFC is ratified, it becomes a formal standards document.
Incorrect
A request for comments (RFC) is a formal document drafted by the Internet Engineering Task Force (IETF) that describes the specifications for a particular technology. It is used when a person or a group of people wants to propose a new protocol or an extension to an existing protocol. When an RFC is ratified, it becomes a formal standards document.
-
Question 6 of 10
6. Question
An Internet Protocol (IP) address is an identifier for a computer or device on a TCP/IP network. There are two versions of IP that currently coexist in the global internet: Internet Protocol version 4 and Internet Protocol version 6. Which of the following statements is not true about IPv6?
Correct
IPv6 is the latest generation of the IP protocol. It greatly increased the number of unique IP addresses that computers and devices connected to the internet can assign. It uses 16 octets, and the longest address you will run across an IPv6 will be 32 characters. The three types of IPv6 include the following: unicast, anycast, and multicast.
Incorrect
IPv6 is the latest generation of the IP protocol. It greatly increased the number of unique IP addresses that computers and devices connected to the internet can assign. It uses 16 octets, and the longest address you will run across an IPv6 will be 32 characters. The three types of IPv6 include the following: unicast, anycast, and multicast.
-
Question 7 of 10
7. Question
Transmission Control Protocol (TCP) is a transport layer protocol in the OSI layer and is used to create a connection between remote computers by transporting and ensuring the delivery of messages over supporting networks and the internet. Several headers are defined for TCP, one of which is the data offset header. Which of the following sentences defines the data offset header?
Correct
The data offset is a 4-bit value indicating the number of 32-bit words in the TCP header. This field gets its name from the fact that it is also the offset from the start of the TCP segment to the actual data.
Incorrect
The data offset is a 4-bit value indicating the number of 32-bit words in the TCP header. This field gets its name from the fact that it is also the offset from the start of the TCP segment to the actual data.
-
Question 8 of 10
8. Question
The Parkerian Hexad is a set of six elements of information security proposed by Donn B. Parker in 1988. It adds three additional attributes to the three classic security attributes of the CIA triad. Which of the following sentences best defines authenticity in the Parkerian Hexad?
Correct
Authencity sometimes referred to as non-repudiation, is the process of making sure that when you get a piece of data, no matter what it is, it’s actually from where it purports to be from. For electronic information, a digital signature could be used to verify the authorship of a digital document using public-key cryptography.
Incorrect
Authencity sometimes referred to as non-repudiation, is the process of making sure that when you get a piece of data, no matter what it is, it’s actually from where it purports to be from. For electronic information, a digital signature could be used to verify the authorship of a digital document using public-key cryptography.
-
Question 9 of 10
9. Question
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Which of the following statements is true about deep packet inspection firewalls?
Correct
Deep packet inspection (DPI) looks beyond the headers and into the payload of the packet. It is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies, reroutes, or blocks packets with specific data or code payloads that conventional packet filtering cannot detect.
Incorrect
Deep packet inspection (DPI) looks beyond the headers and into the payload of the packet. It is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies, reroutes, or blocks packets with specific data or code payloads that conventional packet filtering cannot detect.
-
Question 10 of 10
10. Question
What is this database created by the Securities and Exchange Commission (SEC), which stores all public filings associated with a company, like annual reports and other details about a company’s finances?
Correct
The Electronic Data Gathering, Analysis, and Retrieval (EDGAR) company database is a subset of the data maintained by the EDGAR system and contains over 500,000 public records. Filers may search for and view company information about various EDGAR filing entities; this information includes data such as company name, address, annual reports, and other details about a company’s finances.
Incorrect
The Electronic Data Gathering, Analysis, and Retrieval (EDGAR) company database is a subset of the data maintained by the EDGAR system and contains over 500,000 public records. Filers may search for and view company information about various EDGAR filing entities; this information includes data such as company name, address, annual reports, and other details about a company’s finances.