Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Packet crafting is the art of creating a packet according to various requirements to carry out attacks and to exploit vulnerabilities in a network. Several tools can be used to craft or otherwise manipulate the header data, one of which is the packETH tool. Which of the following descriptions best defines a packETH tool?
Correct
PackETH is a GUI and CLI packet generator tool for ethernet that lets you set the fields. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful, and supports many adjustments of parameters while sending.
Incorrect
PackETH is a GUI and CLI packet generator tool for ethernet that lets you set the fields. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful, and supports many adjustments of parameters while sending.
-
Question 2 of 10
2. Question
Remote method invocation (RMI) is a distributed object technology developed by Sun for the Java programming language. It is available as part of the core Java application programming interface (API), where the object interfaces are defined as Java interfaces and use object serialization. Which of the following tools can you use if you want to scan for RMI services?
Correct
Metasploit is not the only way you can scan for RMI services. If you search a little, you can find additional programs like BaRMIe. The goal of BaRMIe is to enable security professionals to identify, attack, and secure uptight RMI services. Using partial RMI interfaces from existing software, BaRMIe can interact directly with those services without first brute-forcing 64-bits over the network.
Incorrect
Metasploit is not the only way you can scan for RMI services. If you search a little, you can find additional programs like BaRMIe. The goal of BaRMIe is to enable security professionals to identify, attack, and secure uptight RMI services. Using partial RMI interfaces from existing software, BaRMIe can interact directly with those services without first brute-forcing 64-bits over the network.
-
Question 3 of 10
3. Question
Enumeration is about determining what services are running and then extracting information from those services. There are a variety of protocols and tools that you would use during enumeration, one of which is the Simple Network Management Protocol (SNMP). Which of the following statements best defines SNMP?
Correct
Simple Network Management Protocol (SNMP) is a set of protocols for network management and monitoring. It is mostly used for collecting statistical and configuration information about network devices such as computers, hubs, switches, and even network printers. The SNMP protocol is included in the application layer of TCP/IP as defined by the Internet Engineering Task Force (IETF).
Incorrect
Simple Network Management Protocol (SNMP) is a set of protocols for network management and monitoring. It is mostly used for collecting statistical and configuration information about network devices such as computers, hubs, switches, and even network printers. The SNMP protocol is included in the application layer of TCP/IP as defined by the Internet Engineering Task Force (IETF).
-
Question 4 of 10
4. Question
Once you have an exploited system, you will want to start gathering information in it. Mimikatz is one of the useful tools that can grab password hashes. Which of the following statements best describes mimikatz?
Correct
Mimikatz is an open-source malware program that can be used to check if the security support provider (SSP) has credentials and to pull hashes from the live SSP. To function completely, mimikatz requires an administrator or full system controls. A mimikatz attack uses several techniques to find sensitive information such as plaintext passwords, hash, pin codes, and tickets from the memory of a system. The collected credentials can then be used to access unauthorized information or perform lateral movement attacks.
Incorrect
Mimikatz is an open-source malware program that can be used to check if the security support provider (SSP) has credentials and to pull hashes from the live SSP. To function completely, mimikatz requires an administrator or full system controls. A mimikatz attack uses several techniques to find sensitive information such as plaintext passwords, hash, pin codes, and tickets from the memory of a system. The collected credentials can then be used to access unauthorized information or perform lateral movement attacks.
-
Question 5 of 10
5. Question
An easy way to handle logs on the target is to just clear them. This means that you will either wipe all the entries in the case of the event logs on a Windows system or delete log files in the case of a Linux or Unix-like system. If you’re using a Windows system, what command can you use if you want to wipe all the entries in the system event log?
Correct
Once we have compromised a Windows system and have a Meterpreter shell, we can use the clearev command. You need to have adequate permissions to be able to clear the system event log. The LOCALSYSTEM user has the permissions necessary to adjust the logs.
Incorrect
Once we have compromised a Windows system and have a Meterpreter shell, we can use the clearev command. You need to have adequate permissions to be able to clear the system event log. The LOCALSYSTEM user has the permissions necessary to adjust the logs.
-
Question 6 of 10
6. Question
If you’re using a Windows system and you want to hide the data in plain sight, you can store the files in temporary directories. One example of a temporary directory is a folder that shows a listing for the internet files on a Windows system. Where can you find this directory in your computer system?
Correct
The path to that directory is C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files, which has a lot of waypoints where you can similarly hide files where they won’t be seen. This is not a directory most people visit, so it wouldn’t be hard to place a file here and just have it never get noticed.
Incorrect
The path to that directory is C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files, which has a lot of waypoints where you can similarly hide files where they won’t be seen. This is not a directory most people visit, so it wouldn’t be hard to place a file here and just have it never get noticed.
-
Question 7 of 10
7. Question
Malware refers to software programs designed to damage and to do other unwanted actions on a computer system. There are several examples of malware, one of which is a worm. Which of the following sentences defines a worm?
Correct
A worm propels itself. It doesn’t require any assistance from the user. This means that it has a way of connecting to remote systems and executing itself on those systems.
Incorrect
A worm propels itself. It doesn’t require any assistance from the user. This means that it has a way of connecting to remote systems and executing itself on those systems.
-
Question 8 of 10
8. Question
Ransomware is another type of malware wherein the goal is to extort money from a victim. One of the best-known families of ransomware is WannaCry. Which of the following sentences does not describe WannaCry?
Correct
WannaCry is a ransomware worm that spread rapidly across several computer networks in May of 2017. It was spread through the use of EternalBlue, an exploit developed by the United States National Security Agency (NSA). It struck several important and high-profile systems, including many in Britain’s National Health Service. After infecting Windows computers, it encrypts files on the PC’s hard drive, making them impossible for users to access, then demands a ransom payment in bitcoin to decrypt them.
Incorrect
WannaCry is a ransomware worm that spread rapidly across several computer networks in May of 2017. It was spread through the use of EternalBlue, an exploit developed by the United States National Security Agency (NSA). It struck several important and high-profile systems, including many in Britain’s National Health Service. After infecting Windows computers, it encrypts files on the PC’s hard drive, making them impossible for users to access, then demands a ransom payment in bitcoin to decrypt them.
-
Question 9 of 10
9. Question
Packet capturing is the process of acquiring network traffic that is addressed to systems other than your own. One valuable tool used in packet capturing is TShark. Which of the following sentences best describes TShark?
Correct
TShark is a network protocol analyzer and comes installed with the Wireshark package. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark’s native capture file format is a pcapng format, which is also the format used by Wireshark and various other tools.
Incorrect
TShark is a network protocol analyzer and comes installed with the Wireshark package. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark’s native capture file format is a pcapng format, which is also the format used by Wireshark and various other tools.
-
Question 10 of 10
10. Question
The purpose of a denial of service attack is to take an application out of service so legitimate users can’t use it. As users often interact with businesses through web applications, they are often the target of a denial of service attacks. There are several types of denial of service attacks, one of which is the bandwidth attack. Which of the following statements defines a bandwidth attack?
Correct
A bandwidth attack is a denial-of-service attack that is used to generate a lot of traffic that overwhelms the network connection service is using. The primary means for achieving this goal is by sending large traffic volumes that do not respect congestion control signals, such as that in the Transmission Control Protocol (TCP) or Explicit Congestion Notification (ECN).
Incorrect
A bandwidth attack is a denial-of-service attack that is used to generate a lot of traffic that overwhelms the network connection service is using. The primary means for achieving this goal is by sending large traffic volumes that do not respect congestion control signals, such as that in the Transmission Control Protocol (TCP) or Explicit Congestion Notification (ECN).