Quiz-summary
0 of 30 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 30 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- Answered
- Review
-
Question 1 of 30
1. Question
Ethical hacking is consists of five phases: reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access, and covering tracks. Which of the following sentences best describes the reconnaissance and footprinting phase?
Correct
The reconnaissance and footprinting phase involves determining the size and scope of your test. Reconnaissance is where you gather information about your target, while footprinting is the method of trying to identify network blocks, hosts, locations, and people. The information gathered here will be used later as you progress through additional stages.
Incorrect
The reconnaissance and footprinting phase involves determining the size and scope of your test. Reconnaissance is where you gather information about your target, while footprinting is the method of trying to identify network blocks, hosts, locations, and people. The information gathered here will be used later as you progress through additional stages.
-
Question 2 of 30
2. Question
Network topology refers to the layout of a network, and how different nodes in a network are connected, and how they communicate. Which of the following descriptions defines a ring topology?
Correct
In a ring topology, all the nodes appear to be connected to a contiguous network segment. Typically, all messages travel through a ring in the same direction, and a failure in any cable or device breaks the loop and will take down the entire segment.
Incorrect
In a ring topology, all the nodes appear to be connected to a contiguous network segment. Typically, all messages travel through a ring in the same direction, and a failure in any cable or device breaks the loop and will take down the entire segment.
-
Question 3 of 30
3. Question
Transmission Control Protocol (TCP) is a transport layer protocol in the OSI layer and is used to create a connection between remote computers by transporting and ensuring the delivery of messages over supporting networks and the internet. Several headers are defined for TCP, one of which is the window header. Which of the following sentences defines the window header?
Correct
The window header is a 16-bit field that tells the recipient how many bytes the sender is willing to accept. This allows for speeding up and slowing down the communication. A smaller window size means more acknowledgments are necessary, while a larger window size means the channel is reliable, so there isn’t as much need to keep checking in.
Incorrect
The window header is a 16-bit field that tells the recipient how many bytes the sender is willing to accept. This allows for speeding up and slowing down the communication. A smaller window size means more acknowledgments are necessary, while a larger window size means the channel is reliable, so there isn’t as much need to keep checking in.
-
Question 4 of 30
4. Question
A computer network is a system in which multiple computers are connected to share information and resources. Computer network varies with each other based on their functionality, geography, ownership, and communication media used. Virtual Local Area Network (VLAN) is a type of computer network based on the geographical area. Which of the following sentences is true about a VLAN?
Correct
Virtual Local Area Network (VLAN) allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain. VLANs are implemented to achieve scalability, security, and ease of network management and can quickly adapt to changes in network requirements and relocation of workstations and server nodes.
Incorrect
Virtual Local Area Network (VLAN) allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain. VLANs are implemented to achieve scalability, security, and ease of network management and can quickly adapt to changes in network requirements and relocation of workstations and server nodes.
-
Question 5 of 30
5. Question
A threat is something that has the possibility to incur a breach of confidentiality, integrity, or availability. Several concepts help better understand where risks lie, one of which is the threat vector. Which of the following statements defines a threat vector?
Correct
A threat vector is a pathway by which a threat agent gains access through one or more of six main routes into a computer system by exploiting a route vulnerability.
Incorrect
A threat vector is a pathway by which a threat agent gains access through one or more of six main routes into a computer system by exploiting a route vulnerability.
-
Question 6 of 30
6. Question
Security is a business enabler; hence, organizations must set parameters around what is important and the means to protect it. It does that by creating policies, guidelines, standards, and procedures. Which of the following statements best defines security standards?
Correct
Security standards are the direction about how policies should be implemented. There are sets of standards that provide guidance for organizations and are managed by standard bodies. First, the National Institute of Standards and Technology (NIST) has a set of standards, documented in several special publications. Second, the International Organization for Standardization (ISO) maintains ISO 27001 and ISO 27002. Other standard documents may be relevant to you, depending on where you are in the world.
Incorrect
Security standards are the direction about how policies should be implemented. There are sets of standards that provide guidance for organizations and are managed by standard bodies. First, the National Institute of Standards and Technology (NIST) has a set of standards, documented in several special publications. Second, the International Organization for Standardization (ISO) maintains ISO 27001 and ISO 27002. Other standard documents may be relevant to you, depending on where you are in the world.
-
Question 7 of 30
7. Question
System logs are helpful to diagnose problems in the system and network. They can also help in an investigation of a potential issue. Organizations use a variety of log management solutions, one of which is the security information and event management (SIEM) software. Which of the following statement best defines the SIEM software?
Correct
The security information and event management (SIEM) software is used to correlate and analyze security alerts. The advantage of using SIEM is being able to pull a lot of data together so you can get a broader picture of what is happening across the network. This will help you to see trends and larger attacks.
Incorrect
The security information and event management (SIEM) software is used to correlate and analyze security alerts. The advantage of using SIEM is being able to pull a lot of data together so you can get a broader picture of what is happening across the network. This will help you to see trends and larger attacks.
-
Question 8 of 30
8. Question
Unix-like systems and Windows systems offer the ability to enable and configure auditing. The definition and function of auditing differ across the two systems. If you’re using a Linux system, what program can you use to manage audit policies?
Correct
Using the program auditctl, audit policies can be managed on a Linux system. The auditing subsystem in the Linux kernel can be used to watch files and directories for activity. It can also be used to monitor application execution and to monitor system calls. Any system call used by any program on the system can be monitored and logged.
Incorrect
Using the program auditctl, audit policies can be managed on a Linux system. The auditing subsystem in the Linux kernel can be used to watch files and directories for activity. It can also be used to monitor application execution and to monitor system calls. Any system call used by any program on the system can be monitored and logged.
-
Question 9 of 30
9. Question
Open-source intelligence is derived from data and information that is available to the general public. There are several useful tools in gathering open-source intelligence, one of which is theHarvester tool. Which of the following sentences best describes theHarvester tool?
Correct
TheHarvester tool is a script that will search through the different sources to locate contact information based on a domain name provided to the program. It is designed to understand the customer footprint on the internet. It is also useful for anyone that wants to know what an attacker can see about their organization.
Incorrect
TheHarvester tool is a script that will search through the different sources to locate contact information based on a domain name provided to the program. It is designed to understand the customer footprint on the internet. It is also useful for anyone that wants to know what an attacker can see about their organization.
-
Question 10 of 30
10. Question
Shodan is a search engine specifically designed for Internet of Things (IoT) devices. It keeps track of a large number of devices along with vendors, device types, and capabilities. What search term can you use to identify distributed network protocol (DNP) 3 devices?
Correct
Shodan (www.shodan.io) is an excellent resource when it comes to identifying devices that are considered part of the IoT. Using searches of the Shodan database, you can identify devices that may exist on the target network. For example, the search term port:20000 source address can identify distributed network protocol (DNP) 3 devices.
Incorrect
Shodan (www.shodan.io) is an excellent resource when it comes to identifying devices that are considered part of the IoT. Using searches of the Shodan database, you can identify devices that may exist on the target network. For example, the search term port:20000 source address can identify distributed network protocol (DNP) 3 devices.
-
Question 11 of 30
11. Question
A port scan identifies open ports on systems connected to the target network. It is a starting point for identifying services and applications that are listening on those ports. Zenmap is one of the useful tools in port scanning. Which of the following statements best defines zenmap?
Correct
Zenmap is a free and open-source GUI for Nmap. It is available on many operating systems and makes Nmap easier to use for beginners. Zenmap is usually packaged with Nmap itself, but if you want you can download it separately. This tool is not meant to replace Nmap but to make it more useful.
Incorrect
Zenmap is a free and open-source GUI for Nmap. It is available on many operating systems and makes Nmap easier to use for beginners. Zenmap is usually packaged with Nmap itself, but if you want you can download it separately. This tool is not meant to replace Nmap but to make it more useful.
-
Question 12 of 30
12. Question
Vulnerability scanning is the inspection of the potential points of exploitation on a computer or network to identify security holes. Several tools can be used to perform vulnerability scanning, one of which is the Nessus tool. Which of the following sentences describes the Nessus tool?
Correct
Nessus was initially released in 1998 as a freely available vulnerability scanner and remained so until 2005 when the company changed Nessus 3 to a proprietary license. Today, the product still exists in two formats; a limited, free version and a full-feature paid subscription option. It is available for Linux, Windows, and MAC OS X.
Incorrect
Nessus was initially released in 1998 as a freely available vulnerability scanner and remained so until 2005 when the company changed Nessus 3 to a proprietary license. Today, the product still exists in two formats; a limited, free version and a full-feature paid subscription option. It is available for Linux, Windows, and MAC OS X.
-
Question 13 of 30
13. Question
Packet crafting is the art of creating a packet according to various requirements to carry out attacks and to exploit vulnerabilities in a network. Several tools can be used to craft or otherwise manipulate the header data, one of which is the hping tool. Which of the following descriptions best defines an hping tool?
Correct
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is a command-line oriented TCP/IP packet analyzer. It supports TCP, UDP, ICMP, and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
Incorrect
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is a command-line oriented TCP/IP packet analyzer. It supports TCP, UDP, ICMP, and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
-
Question 14 of 30
14. Question
Organizations have security mechanisms in place to defend themselves from intruders. This may be a firewall, intrusion detection system, or intrusion prevention system. Fortunately, there are some evasion techniques that may help you get around these devices. Which of the following is not an example of an evasion technique?
Correct
The most common evasion techniques are as follows:
(1) Hide/obscure the data
(2) Alterations
(3) Fragmentation
(4) Overlaps
(5) Malformed data
(6) Low and slow
(7) Resource consumption
(8) Screen blindness
(9) TunnelingIncorrect
The most common evasion techniques are as follows:
(1) Hide/obscure the data
(2) Alterations
(3) Fragmentation
(4) Overlaps
(5) Malformed data
(6) Low and slow
(7) Resource consumption
(8) Screen blindness
(9) Tunneling -
Question 15 of 30
15. Question
Enumeration is about determining what services are running and then extracting information from those services. There are a variety of protocols and tools that you would use during enumeration. For a start, there is the Simple Mail Transfer Protocol (SMTP). Which of the following statements best defines SMTP?
Correct
Simple Mail Transfer Protocol (SMTP) is the standard protocol for email services on a TCP/IP network. It is an application-layer protocol that enables the transmission and delivery of email over the internet. SMTP is created and maintained by the Internet Engineering Task Force (IETF).
Incorrect
Simple Mail Transfer Protocol (SMTP) is the standard protocol for email services on a TCP/IP network. It is an application-layer protocol that enables the transmission and delivery of email over the internet. SMTP is created and maintained by the Internet Engineering Task Force (IETF).
-
Question 16 of 30
16. Question
Part of the enumeration process is looking at web servers to identify directories available on a website. There are different ways to do this, one of which is by using the Metasploit tool. Which module in Metasploit can you use if you want to search for directory names on a website?
Correct
If you want to search for directory names on a website, you can use the brute_dirs module in Metasploit. Using this module, you set a format for what a directory name could or should look like, and the module will run through all possible names that match the format.
Incorrect
If you want to search for directory names on a website, you can use the brute_dirs module in Metasploit. Using this module, you set a format for what a directory name could or should look like, and the module will run through all possible names that match the format.
-
Question 17 of 30
17. Question
An exploit is the means for an external entity to cause a program to fail that will then allow an attacker to control the flow of the program’s execution. To do this, you need a shellcode for the program to execute on your behalf. The shellcode is an executable file created from assembly language code. It includes a meterpreter shell and a way to connect back to the system it has been configured to call back to. Which of the following statements best describes meterpreter?
Correct
Meterpreter is an operating system agnostic shell language. It has a number of commands that can be run against the target system regardless of what operating system the target system has. Meterpreter translates the commands passed to it into ones that are specific to the underlying operating system. This can include listing files, changing directories, uploading files, and gathering system information like passwords.
Incorrect
Meterpreter is an operating system agnostic shell language. It has a number of commands that can be run against the target system regardless of what operating system the target system has. Meterpreter translates the commands passed to it into ones that are specific to the underlying operating system. This can include listing files, changing directories, uploading files, and gathering system information like passwords.
-
Question 18 of 30
18. Question
If you’re using a Linux system and you want to hide some files in plain sight, what particular folder or directory can you use to save these files?
Correct
On a Linux system, you can use dot files and dot directories to hide these files in plain sight. A dot file has a filename that starts with a dot, such as .rashrc. If you put files into one of those directories, they may get lost or overlooked.
Incorrect
On a Linux system, you can use dot files and dot directories to hide these files in plain sight. A dot file has a filename that starts with a dot, such as .rashrc. If you put files into one of those directories, they may get lost or overlooked.
-
Question 19 of 30
19. Question
Malware refers to software programs designed to damage and to do other unwanted actions on a computer system. There are several examples of malware, one of which is a trojan. Which of the following sentences defines a trojan?
Correct
A trojan is a malicious program that pretends to be harmless to trick people into downloading it. Trojans do not self-replicate by infecting other files or computers. Rather, it is a decoy horse, ushering in other malicious software to hide its nefarious intent.
Incorrect
A trojan is a malicious program that pretends to be harmless to trick people into downloading it. Trojans do not self-replicate by infecting other files or computers. Rather, it is a decoy horse, ushering in other malicious software to hide its nefarious intent.
-
Question 20 of 30
20. Question
A botnet is a collection of compromised computers often referred to as “zombies” infected with malware that allow an attacker to control them. One of the most common types of a botnet is the ZeuS botnet. Which of the following sentences defines Zeus botnet?
Correct
The objective of a ZeuS botnet is to steal banking information from infected systems. Once ZeuS has been installed on a target system, it provides a way for the attacker to access the system remotely. It can capture keystrokes and extract bank account information to transit to the attacker.
Incorrect
The objective of a ZeuS botnet is to steal banking information from infected systems. Once ZeuS has been installed on a target system, it provides a way for the attacker to access the system remotely. It can capture keystrokes and extract bank account information to transit to the attacker.
-
Question 21 of 30
21. Question
Dynamic analysis is a type of malware analysis that involves running the malware and observing its behavior. Cuckoo sandbox is a useful tool in conducting dynamic analysis. Which of the following statements is true about the cuckoo sandbox?
Correct
Cuckoo sandbox is an automated malware analysis tool. It handles starting up a VM, injecting the malware into it, and then performing some analysis on files, the registry, network connections, process actions, and memory. Cuckoo sandbox is freely available software that uses Python for managing the VM and the reporting.
Incorrect
Cuckoo sandbox is an automated malware analysis tool. It handles starting up a VM, injecting the malware into it, and then performing some analysis on files, the registry, network connections, process actions, and memory. Cuckoo sandbox is freely available software that uses Python for managing the VM and the reporting.
-
Question 22 of 30
22. Question
Packet capturing is the process of acquiring network traffic that is addressed to systems other than your own. One valuable tool used in packet capturing is Wireshark. Which of the following sentences best defines Wireshark?
Correct
Wireshark is a command-line GUI-based packet capture program. It provides a way to view the packets easily, moving around the complete capture. It also gives us the ability to easily scroll through the list of all frames captured.
Incorrect
Wireshark is a command-line GUI-based packet capture program. It provides a way to view the packets easily, moving around the complete capture. It also gives us the ability to easily scroll through the list of all frames captured.
-
Question 23 of 30
23. Question
A once common social engineering attack was the 419 scam. It is also referred to as the Nigerian Prince scam and is named after section 419 of the Nigerian criminal code. Which of the following statements best describes the 419 scam?
Correct
The 419 scam asks for an advanced fee with the promise of enormous riches on the back end. Once the attacker gets the advanced fee from the victim, they move on, and the victim never receives any of this money.
Incorrect
The 419 scam asks for an advanced fee with the promise of enormous riches on the back end. Once the attacker gets the advanced fee from the victim, they move on, and the victim never receives any of this money.
-
Question 24 of 30
24. Question
Social engineering is the process of convincing or manipulating someone into doing something they wouldn’t normally do for someone they don’t know. There are four social engineering vectors, one of which is vishing. Which of the following sentences is true about vishing?
Correct
Vishing or voice phishing is the method of using phone calls or leaving voice messages purporting to be from reputable companies to induce individuals to reveal personal information, such as bank details and credit card numbers.
Incorrect
Vishing or voice phishing is the method of using phone calls or leaving voice messages purporting to be from reputable companies to induce individuals to reveal personal information, such as bank details and credit card numbers.
-
Question 25 of 30
25. Question
Biometrics is the use of physical characteristics that is unique to you as a form of authentication. This is a form of physical access control that may simply be impossible to get by. One type of biometrics is retinal scanning. Which of the following sentences best defines retinal scanning?
Correct
Retinal scanning is the method of authenticating the identity of the person based on your eye. The retina is at the very back of your eye and contains the light-sensitive cells that create impulses for your optic nerve. The retina contains a pattern from blood vessels, which can be used to identify a person.
Incorrect
Retinal scanning is the method of authenticating the identity of the person based on your eye. The retina is at the very back of your eye and contains the light-sensitive cells that create impulses for your optic nerve. The retina contains a pattern from blood vessels, which can be used to identify a person.
-
Question 26 of 30
26. Question
There are a variety of techniques that can be used to conduct a website attack, one of which is site cloning. Which of the following statements is true about the site cloning attack?
Correct
Site cloning refers to the copying or modification of an existing website design or script to create a new website. It allows designers to create websites without the need to write scripts from scratch. You can use the WinHTTrack and Wget tool to conduct this technique.
Incorrect
Site cloning refers to the copying or modification of an existing website design or script to create a new website. It allows designers to create websites without the need to write scripts from scratch. You can use the WinHTTrack and Wget tool to conduct this technique.
-
Question 27 of 30
27. Question
A wireless attack is a method of gathering information that is being sent across a network and uses this information to commit some crimes in other networks. One type of wireless attack is the deauthentication attack. Which of the following statements best describes the deauthentication attack?
Correct
A deauthentication attack sends messages that force stations to reauthenticate against the access point. It logs out any station, making the station reestablish the association. There are a couple of reasons you might want to run a deauthentication attack; one is to get a hidden ESSID. Another reason is to capture handshakes during association.
Incorrect
A deauthentication attack sends messages that force stations to reauthenticate against the access point. It logs out any station, making the station reestablish the association. There are a couple of reasons you might want to run a deauthentication attack; one is to get a hidden ESSID. Another reason is to capture handshakes during association.
-
Question 28 of 30
28. Question
Bluetooth attacks are one way to gain access to mobile devices. It’s easy to conduct since you don’t need to have physical access; you just need to be proximal to the victim. Some of these attacks are bluejacking, bluesnarfing, and bluebugging. Which of the following sentences defines bluejacking?
Correct
Bluejacking involves an attacker sending data to a Bluetooth-enabled device without having to get through the pairing process, or perhaps the pairing happened without the receiver knowing about it. You could use a bluejacking attack to send an unsolicited message to a victim. This might be a spoof attack, where you send a message that appears to be from someone else to get the recipient to do something.
Incorrect
Bluejacking involves an attacker sending data to a Bluetooth-enabled device without having to get through the pairing process, or perhaps the pairing happened without the receiver knowing about it. You could use a bluejacking attack to send an unsolicited message to a victim. This might be a spoof attack, where you send a message that appears to be from someone else to get the recipient to do something.
-
Question 29 of 30
29. Question
A cross-site scripting (XSS) attack is one that uses the webserver to attack the client-side. This injects a code fragment from a scripting language into an input field to have that code executed within the browser of a user visiting a site. There are three ways to run a cross-site scripting attack: persistent cross-site scripting, reflected cross-site scripting, and document object model (DOM). Which of the following statements best describes the persistent cross-site scripting?
Correct
Persistent cross-site scripting occurs when a malicious script is injected directly into a vulnerable web application. It is stored on the server and displayed for any user visiting a page.
Incorrect
Persistent cross-site scripting occurs when a malicious script is injected directly into a vulnerable web application. It is stored on the server and displayed for any user visiting a page.
-
Question 30 of 30
30. Question
The purpose of a denial of service attack is to take an application out of service so legitimate users can’t use it. As users often interact with businesses through web applications, they are often the target of denial of service attacks. There are several types of denial of service attacks, one of which is the local area network denial (LAND) attack. Which of the following statements defines a LAND attack?
Correct
The local area network denial (LAND) attack sets the source and destination information of a TCP segment to be the same. This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth. This loop would lock up the system.
Incorrect
The local area network denial (LAND) attack sets the source and destination information of a TCP segment to be the same. This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth. This loop would lock up the system.