Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
What is this worldwide non-profit charitable organization dedicated to improving the security of software, and to make software security accessible, so that individuals and organizations can make cultured decisions about true software security risks?
Correct
The Open Web Application Security Project (OWASP) is an international non-profit organization focused on web application security. One of the organization’s principles is that all their materials must be freely available and easily accessible on its website, making it possible for anyone to improve their web application security. The materials they offer include documentation, tools, videos, and forums.
Incorrect
The Open Web Application Security Project (OWASP) is an international non-profit organization focused on web application security. One of the organization’s principles is that all their materials must be freely available and easily accessible on its website, making it possible for anyone to improve their web application security. The materials they offer include documentation, tools, videos, and forums.
-
Question 2 of 10
2. Question
SQL injection is a malicious technique that exploits vulnerabilities in a target website’s SQL-based application software by injecting malicious SQL statements or by exploiting incorrect input. What is this type of SQL injection, wherein the attacker is using the same communication channel to perform and retrieve the results of the attack?
Correct
In-band SQL injection is the most common and easy-to-exploit among the SQL injection attacks. It occurs when an attacker can use the same communication channel to launch the attack and gather results. The two most common types of in-band SQL injection are error-based SQL injection and union-based SQL injection.
Incorrect
In-band SQL injection is the most common and easy-to-exploit among the SQL injection attacks. It occurs when an attacker can use the same communication channel to launch the attack and gather results. The two most common types of in-band SQL injection are error-based SQL injection and union-based SQL injection.
-
Question 3 of 10
3. Question
What wireless discovery option tool identifies poor coverage locations within the WLAN network, detects interference causes, finds any rogue access points in the network and is compatible with 802.11a, b, and g?
Correct
The NetStumbler application is a Windows-based tool used to discover WLAN networks running on 802.11 a/b/g standards. It helps detect other networks that may cause interference to your network, and it can also find out poor coverage areas in the WLAN network and helps administrators set up the network the way it is intended to be.
Incorrect
The NetStumbler application is a Windows-based tool used to discover WLAN networks running on 802.11 a/b/g standards. It helps detect other networks that may cause interference to your network, and it can also find out poor coverage areas in the WLAN network and helps administrators set up the network the way it is intended to be.
-
Question 4 of 10
4. Question
Rooting or jailbreaking the device means performing some action that grants you administrative access to the device so you can do whatever you want with it. If you have an iPhone 11 Pro Max and you want to jailbreak it, what tool can you use?
Correct
In jailbreaking an iOS device, some of the tools that you can use include evasi0n7, Geeksn0w, Pangu, Redsn0w, Absinthe, and Cydia.
Incorrect
In jailbreaking an iOS device, some of the tools that you can use include evasi0n7, Geeksn0w, Pangu, Redsn0w, Absinthe, and Cydia.
-
Question 5 of 10
5. Question
Bluetooth is used for connecting devices, usually mobile phones, wirelessly over a short distance. Since we keep a lot of personal information in our Bluetooth-enabled devices, it is susceptible to hacking that could pay huge dividends. What is this type of Bluetooth attack, wherein attackers steal data from a mobile device due to an open connection, such as remaining in discovery mode?
Correct
Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone without alerting the phone’s user of the connection made to the device. Some of the information that can be accessed includes the phonebook, images, and calendar.
Incorrect
Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone without alerting the phone’s user of the connection made to the device. Some of the information that can be accessed includes the phonebook, images, and calendar.
-
Question 6 of 10
6. Question
Cloud computing provides users and organization subscribers delivery of different IT services over a network. Which type of cloud computing is geared toward software development and provides a development platform that authorizes subscribers to develop applications without building the infrastructure it would normally take to develop and launch software?
Correct
Platform as a Service (PaaS) is a cloud computing model where a third-party provider delivers hardware and software tools to users over the internet. A PaaS provider hosts the hardware and software on its infrastructure. As a result, PaaS frees developers from having to install in-house hardware and software to develop or run a new application.
Incorrect
Platform as a Service (PaaS) is a cloud computing model where a third-party provider delivers hardware and software tools to users over the internet. A PaaS provider hosts the hardware and software on its infrastructure. As a result, PaaS frees developers from having to install in-house hardware and software to develop or run a new application.
-
Question 7 of 10
7. Question
Cloud deployment models indicate how cloud services are made available to users. The four deployment models associated with cloud computing are as follows: private, public, community, and hybrid cloud models. What is this type of cloud deployment model, wherein the infrastructure is shared by several organizations, usually with the same policy and compliance considerations?
Correct
A community cloud model provides a complete cloud solution for specific business communities. Community clouds are an attractive option for companies in the health, financial, or legal spheres that are subject to strict regulatory compliance.
Incorrect
A community cloud model provides a complete cloud solution for specific business communities. Community clouds are an attractive option for companies in the health, financial, or legal spheres that are subject to strict regulatory compliance.
-
Question 8 of 10
8. Question
What is this cloud computing regulatory effort, which is a government-wide program that delivers a systemized approach to security assessment, authorization, and continuous monitoring of cloud products and services?
Correct
Federal Risk and Authorization Management Program (FedRAMP) warrants agencies to use modern cloud technologies, with emphasis on security and protection of federal information, and helps accelerate the adoption of secure cloud solutions.
Incorrect
Federal Risk and Authorization Management Program (FedRAMP) warrants agencies to use modern cloud technologies, with emphasis on security and protection of federal information, and helps accelerate the adoption of secure cloud solutions.
-
Question 9 of 10
9. Question
Cloud security is important on the side of the provider, as well as that of the subscriber. What cloud security tool provides instant visibility and continuous protection for servers in any combination of data centers, private clouds, and public clouds?
Correct
CloudPassage Halo is a unified cloud security platform that automates cloud computing security controls and compliance across servers, containers, and in any public, private, hybrid, and multi-cloud environments.
Incorrect
CloudPassage Halo is a unified cloud security platform that automates cloud computing security controls and compliance across servers, containers, and in any public, private, hybrid, and multi-cloud environments.
-
Question 10 of 10
10. Question
Malware is defined as software created to harm or infiltrate a computer system without the owner’s consent. What is this type of malware, which is defined as a self-replicating program that reproduces its code by attaching copies into other executable codes?
Correct
A virus is a malicious software program loaded into a computer without the user’s knowledge and performs illegal actions. Viruses create copies of themselves in other programs, then activate on some sort of trigger event.
Incorrect
A virus is a malicious software program loaded into a computer without the user’s knowledge and performs illegal actions. Viruses create copies of themselves in other programs, then activate on some sort of trigger event.