Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
SMB (Service message block) protocol supports the null authentication, What does it mean by null authentication?
Correct
Null authentication is supported by SMB. This means that there are functions that don’t require a username and password. When a system requests useful information about other systems on the same or another network while using null authentication, which means no credentials were passed. This null authentication can allow us for the gathering of useful information about the system.
Incorrect
Null authentication is supported by SMB. This means that there are functions that don’t require a username and password. When a system requests useful information about other systems on the same or another network while using null authentication, which means no credentials were passed. This null authentication can allow us for the gathering of useful information about the system.
-
Question 2 of 10
2. Question
NetBIOS is a Built-In Utility in Windows OS, How we can gather NetBIOS statistics?
Correct
The nbtstat command is a diagnostic tool for NetBIOS over TCP/IP in Microsoft Windows. Its primary design helps in troubleshooting NetBIOS name resolution problems. This command has been included in many versions of Microsoft Windows.
Incorrect
The nbtstat command is a diagnostic tool for NetBIOS over TCP/IP in Microsoft Windows. Its primary design helps in troubleshooting NetBIOS name resolution problems. This command has been included in many versions of Microsoft Windows.
-
Question 3 of 10
3. Question
Metasploit can also be used to enumerate users. Which of the following module would use to enumerate users?
Correct
The Metasploit tool is also used to enumerate users. For this purpose, you would use the smb_enumusers_domain module. By knowing one, we can use a username and password. Thee module is allowed to authenticate against the system in order to obtain additional users.
Incorrect
The Metasploit tool is also used to enumerate users. For this purpose, you would use the smb_enumusers_domain module. By knowing one, we can use a username and password. Thee module is allowed to authenticate against the system in order to obtain additional users.
-
Question 4 of 10
4. Question
Which of the follwoing provides details about systems it finds on the local network, including the NetBIOS name, user, MAC address, and IP address?
Correct
The program nbtscan gives us the details about systems Which it finds on the local network, Which includes the NetBIOS name, user, MAC address, and IP address. It is a program which is used for scanning of IP on networks for NetBIOS name information. It requests a NetBIOS status query to each address of a specific supplied range and the lists received information in a form that is easy to read and understand for human.
Incorrect
The program nbtscan gives us the details about systems Which it finds on the local network, Which includes the NetBIOS name, user, MAC address, and IP address. It is a program which is used for scanning of IP on networks for NetBIOS name information. It requests a NetBIOS status query to each address of a specific supplied range and the lists received information in a form that is easy to read and understand for human.
-
Question 5 of 10
5. Question
Which of the following program is used to exploit the vulnerability in the system?
Correct
Metasploit Framework, the Metasploit Project’s best-known creation, is an application software which is a platform/tool for the development, testing and execution of exploits. It can also be used for the creation of security testing tools and exploit modules and also as a penetration testing system. Following are used for scanning vulnerability:
(A) OpenVAS
(B) Nessus
(C) NexposeIncorrect
Metasploit Framework, the Metasploit Project’s best-known creation, is an application software which is a platform/tool for the development, testing and execution of exploits. It can also be used for the creation of security testing tools and exploit modules and also as a penetration testing system. Following are used for scanning vulnerability:
(A) OpenVAS
(B) Nessus
(C) Nexpose -
Question 6 of 10
6. Question
Which of the following website is best for exploits associated with vulnerabilities?
Correct
Searching exploit-db.com for the vulnerability which is associated with exploits. For example, When we were working with the EternalBlue exploit, that has a module in Metasploit. By searching exploit-db.com for modules which relate to the EternalBlue vulnerability.
Incorrect
Searching exploit-db.com for the vulnerability which is associated with exploits. For example, When we were working with the EternalBlue exploit, that has a module in Metasploit. By searching exploit-db.com for modules which relate to the EternalBlue vulnerability.
-
Question 7 of 10
7. Question
An external entity to cause a program to fail in a way that allows the attacker to control the flow of the program’s execution is the definition for which of the following?
Correct
An exploit is defined as the means for an external entity to be a cause of a program to fail in a way which allows the attacker to control the program and its execution. Only causing the program to fail, though, It isn’t enough. You need to do some coding of your own for that particular program to execute on your behalf.
Incorrect
An exploit is defined as the means for an external entity to be a cause of a program to fail in a way which allows the attacker to control the program and its execution. Only causing the program to fail, though, It isn’t enough. You need to do some coding of your own for that particular program to execute on your behalf.
-
Question 8 of 10
8. Question
In Metasploit during exploitation, which of the following shell can be used to gather information about the system so we know what we’re getting for password data?
Correct
Using Meterpreter, we can gather useful information about the system so we know what we’re getting is for password data. The command sysinfo will tell us about the system name along with the operating system installed on the system. This tells us we are hacking at LAN Manager hashes for grabing the passwords.
Incorrect
Using Meterpreter, we can gather useful information about the system so we know what we’re getting is for password data. The command sysinfo will tell us about the system name along with the operating system installed on the system. This tells us we are hacking at LAN Manager hashes for grabing the passwords.
-
Question 9 of 10
9. Question
Which of the following tool is used to crack the password and is a great password cracking tool?
Correct
John the Ripper is a common tool used to crack passwords. It is a great offline password cracking tool, which means that it works on files that have been grabbed from their original source. It has different modes which are used for cracking the passwords.
Incorrect
John the Ripper is a common tool used to crack passwords. It is a great offline password cracking tool, which means that it works on files that have been grabbed from their original source. It has different modes which are used for cracking the passwords.
-
Question 10 of 10
10. Question
In Ethical hacking, which of the following are the stored precomputed hashes?
Correct
A rainbow table is defined as a precomputed table which is used for reversing cryptographic hash functions, commonly used for cracking password hashes. The Rainbow Tables, which are used for the hacking of a password (for example credit card numbers, etc.) up to a specified length which consists of a limited number of character.
Incorrect
A rainbow table is defined as a precomputed table which is used for reversing cryptographic hash functions, commonly used for cracking password hashes. The Rainbow Tables, which are used for the hacking of a password (for example credit card numbers, etc.) up to a specified length which consists of a limited number of character.