Quiz-summary
0 of 30 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
Information
Certified Ethical Hacker Exam Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 30 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- Answered
- Review
-
Question 1 of 30
1. Question
Transmission Control Protocol (TCP) is a connection-oriented communications protocol that facilitates the exchange of messages between computing devices in a network. The sequence number field is one of the headers defined for TCP. Which of the following sentences best describes the sequence number header?
Correct
The sequence number is part of what contributes to guaranteed delivery. This is a 32-bit number that is set to a random value when the conversation is initiated. It is incremented with the number of bytes that are sent.
Incorrect
The sequence number is part of what contributes to guaranteed delivery. This is a 32-bit number that is set to a random value when the conversation is initiated. It is incremented with the number of bytes that are sent.
-
Question 2 of 30
2. Question
In the Open Systems Interconnection (OSI) reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Which of the following statements defines the network layer in the OSI model?
Correct
The network layer is the third layer in the Open Systems Interconnection (OSI) model. This layer gets messages from one endpoint to another. It does this by taking care of addressing and routing. The IP is one protocol that exists at this layer.
Incorrect
The network layer is the third layer in the Open Systems Interconnection (OSI) model. This layer gets messages from one endpoint to another. It does this by taking care of addressing and routing. The IP is one protocol that exists at this layer.
-
Question 3 of 30
3. Question
Penetration testing is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit. It is consists of five phases. Which of the following sentences best describes the gaining access phase?
Correct
The gaining access phase is what many people consider to be the most interesting and important part of a penetration test. This is where you can demonstrate that some services are potentially vulnerable by exploiting the service.
Incorrect
The gaining access phase is what many people consider to be the most interesting and important part of a penetration test. This is where you can demonstrate that some services are potentially vulnerable by exploiting the service.
-
Question 4 of 30
4. Question
The User Datagram Protocol (UDP) is a much lighter-weight protocol that offers no guarantee of delivery. Messages sent using UDP are just put out on the wire with the hope that they will get to the destination because the IP protocol will just take care of everything. Which of the following statements is true about the header fields defined for UDP?
Correct
There are four header fields in the User Datagram Protocol (UDP). All of them are 16-bits in length, and half of it is the source and destination ports. In UDP, the source port is considered an optional field. The reason for this is that since there is no connection, there may never be a response from the server. It’s entirely up to the application in use.
Incorrect
There are four header fields in the User Datagram Protocol (UDP). All of them are 16-bits in length, and half of it is the source and destination ports. In UDP, the source port is considered an optional field. The reason for this is that since there is no connection, there may never be a response from the server. It’s entirely up to the application in use.
-
Question 5 of 30
5. Question
Organizations spend a lot of time and effort on defenses and mitigations against attacks. To secure their business, they create policies, guidelines, standards, and procedures. Which of the following statements best defines procedures?
Correct
Procedures are the actual implementation of the standard. These provide guidance about how, specifically, the standards are achieved at a very granular level. This may be accomplished with step-by-step instructions on what needs to be done.
Incorrect
Procedures are the actual implementation of the standard. These provide guidance about how, specifically, the standards are achieved at a very granular level. This may be accomplished with step-by-step instructions on what needs to be done.
-
Question 6 of 30
6. Question
The primary purpose of a firewall is to establish a barrier between your internal network and incoming traffic from external sources to block malicious traffic like viruses and hackers. Packet filtering is one of the firewall techniques. Which of the following statements is true about packet filtering?
Correct
Packet filtering is very basic in its functionality. It is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination IP addresses, protocols, and ports.
Incorrect
Packet filtering is very basic in its functionality. It is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination IP addresses, protocols, and ports.
-
Question 7 of 30
7. Question
The Operating System maintains a log of events that help in monitoring, administering, and troubleshooting the system in addition to helping users get information about important processes. One of the most common log management solutions organizations used is the Elastic Stack. Which of the following statement best defines Elastic Stack?
Correct
Elastic Stack is a complete end-to-end log analysis solution that helps in deep searching, analyzing, and visualizing the log generated from different machines. It is an amazing and powerful collection of three open-source projects: Elasticsearch, Logstash, and Kibana. Despite each one of these three technologies being a separate project, they have been built to work exceptionally well together.
Incorrect
Elastic Stack is a complete end-to-end log analysis solution that helps in deep searching, analyzing, and visualizing the log generated from different machines. It is an amazing and powerful collection of three open-source projects: Elasticsearch, Logstash, and Kibana. Despite each one of these three technologies being a separate project, they have been built to work exceptionally well together.
-
Question 8 of 30
8. Question
Different organizations were established to perform registrant functions, store information about addresses they are responsible for as well as contacts. One of these organizations is the Regional Internet Registries (RIR). Which of the following statements best defines RIR?
Correct
Regional Internet Registries (RIR) is an organization that manages and controls internet addresses in a specific region, usually a country and sometimes an entire continent.
There are five Regional Internet Registries:
(1) African Network Information Center (AfriNIC)
(2) American Registry for Internet Numbers (ARIN)
(3) Asia Pacific Network Information Centre (APNIC)
(4) Latin America Network Information Centre (LACNIC)
(5) Reseaux IP Europeens Network Coordination Centre (RIPE NCC)Incorrect
Regional Internet Registries (RIR) is an organization that manages and controls internet addresses in a specific region, usually a country and sometimes an entire continent.
There are five Regional Internet Registries:
(1) African Network Information Center (AfriNIC)
(2) American Registry for Internet Numbers (ARIN)
(3) Asia Pacific Network Information Centre (APNIC)
(4) Latin America Network Information Centre (LACNIC)
(5) Reseaux IP Europeens Network Coordination Centre (RIPE NCC) -
Question 9 of 30
9. Question
Open Source Intelligence (OSINT) is the collection and analysis of information that is gathered from the public. It is primarily used in national security, law enforcement, and business intelligence functions. There are several useful tools in gathering OSINT, one of which is the PeekYou tool. Which of the following sentences best describes the PeekYou tool?
Correct
PeekYou is a search engine that allows you to look for people using their real names and usernames. It collects and combines scattered content from social media sites, news sources, homepages, and blog platforms to present comprehensive online identities.
Incorrect
PeekYou is a search engine that allows you to look for people using their real names and usernames. It collects and combines scattered content from social media sites, news sources, homepages, and blog platforms to present comprehensive online identities.
-
Question 10 of 30
10. Question
Passive reconnaissance is the first step hackers take before exploiting system or network vulnerabilities. Several tools can be used in conducting passive reconnaissance, one of which is the Passive Recon tool. Which of the following sentences is true about the Passive Recon tool?
Correct
Passive Recon is a firefox extension that requires a multitude of public databases and look-up services like DNS, whois, and other related tools to reveal as much information as possible about a domain without interacting with it directly.
Incorrect
Passive Recon is a firefox extension that requires a multitude of public databases and look-up services like DNS, whois, and other related tools to reveal as much information as possible about a domain without interacting with it directly.
-
Question 11 of 30
11. Question
Website Intelligence can be defined as information about a webserver and its operating system. One way to get relevant information is just to connect to the webserver and issue a request to it. One of the useful tools in gathering web intelligence is the Netcraft tool. Which of the following sentences best describes the Netcraft tool?
Correct
The website netcraft.com provides hosting history for websites. This will provide the owner of the netblock that contains the IP address. It will also tell you the operating system the webserver runs on. In some cases, you will get details about the webserver version and other modules that have been enabled.
Incorrect
The website netcraft.com provides hosting history for websites. This will provide the owner of the netblock that contains the IP address. It will also tell you the operating system the webserver runs on. In some cases, you will get details about the webserver version and other modules that have been enabled.
-
Question 12 of 30
12. Question
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are generally the protocol used in port scanning. TCP is an orderly protocol that sends each packet in order, complete with error checking, verification, and a three-way handshake to confirm each packet is successful. Nmap can perform a variety of TCP scans, one of which is the null scan. Which of the following sentences best describes the null scan?
Correct
A null scan is a series of TCP packets that contain a sequence number of 0 and no set flag. The expected result of a null scan on an open port is no response. Since there are no flags set, the target will not know how to handle the request. It will discard the packet, and no reply will be sent. If the port is closed, the target will send an RST packet in response.
Incorrect
A null scan is a series of TCP packets that contain a sequence number of 0 and no set flag. The expected result of a null scan on an open port is no response. Since there are no flags set, the target will not know how to handle the request. It will discard the packet, and no reply will be sent. If the port is closed, the target will send an RST packet in response.
-
Question 13 of 30
13. Question
Vulnerability scanning takes a proactive approach to close any gaps and maintain strong security for an organization’s systems, data, employees, and customers. Data breaches are often the result of unpatched vulnerabilities, so identifying and eliminating these security gaps removes the attack vector. One of the useful tools in vulnerability scanning is the Security Administrator’s Integrated Network Tool (SAINT). Which of the following sentences describes SAINT?
Correct
Security Administrator’s Integrated Network Tool (SAINT) is an updated version of one of the first vulnerability scanners (SATAN). It allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fix and recommend security procedures.
Incorrect
Security Administrator’s Integrated Network Tool (SAINT) is an updated version of one of the first vulnerability scanners (SATAN). It allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fix and recommend security procedures.
-
Question 14 of 30
14. Question
Packet crafting is a technique that allows network administrators to probe firewall rule-sets and find an entry point into a targeted system or network. This is done by manually generating packets to test the network devices and behavior instead of using existing network traffic. One of the tools that can be used to craft or otherwise manipulate the header data is the hping tool. Which of the following descriptions best defines the hping tool?
Correct
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is similar to the ping utility; however, it has more functionality than sending a simple ICMP echo request that ping is usually used for. It can also be used to send a large volume of TCP traffic at a target while spoofing the source IP address, making it appear random or even originating from a specific user-defined source.
Incorrect
Hping is considered to be the Swiss Army Knife of TCP/IP packets. It is similar to the ping utility; however, it has more functionality than sending a simple ICMP echo request that ping is usually used for. It can also be used to send a large volume of TCP traffic at a target while spoofing the source IP address, making it appear random or even originating from a specific user-defined source.
-
Question 15 of 30
15. Question
The idea of interprocess communication has been around for decades. There have been several implementations of request-response protocols over the years; one example of this is the Remote Method Invocation (RMI). Which of the following sentences defines RMI?
Correct
Remote Method Invocation (RMI) is the object-oriented version of RPC. It is available as part of the core Java application programming interface (API), where the object interfaces are defined as Java interfaces and use object serialization.
Incorrect
Remote Method Invocation (RMI) is the object-oriented version of RPC. It is available as part of the core Java application programming interface (API), where the object interfaces are defined as Java interfaces and use object serialization.
-
Question 16 of 30
16. Question
Malware is consists of codes developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Ransomware is one of the most common types of malware. Which of the following sentences defines ransomware?
Correct
The goal of ransomware is to extort money from a victim. It is a program that encrypts a portion of a victim’s hard drive, where personal files are stored. The attacker provides instructions for the victim to send money, usually in a type of cryptocurrency like Bitcoin. The attacker will then provide the decryption key once the ransom has been paid.
Incorrect
The goal of ransomware is to extort money from a victim. It is a program that encrypts a portion of a victim’s hard drive, where personal files are stored. The attacker provides instructions for the victim to send money, usually in a type of cryptocurrency like Bitcoin. The attacker will then provide the decryption key once the ransom has been paid.
-
Question 17 of 30
17. Question
Dynamic analysis is performed by observing the behavior of the malware while it is actually running on a host system. Several tools can be used in conducting the dynamic analysis, one of which is IDA. Which of the following statements is true about IDA?
Correct
IDA is considered the king of debuggers and disassemblers. It is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. It has become the de-facto standard for the analysis of hostile code, vulnerability search, and commercial-off-the-shelf validation.
Incorrect
IDA is considered the king of debuggers and disassemblers. It is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. It has become the de-facto standard for the analysis of hostile code, vulnerability search, and commercial-off-the-shelf validation.
-
Question 18 of 30
18. Question
Packet capturing is the method of intercepting a data packet that is crossing a specific point in a data network. Once a packet is captured in real-time, it is stored for a period of time so that it can be analyzed, and then either be downloaded, archived, or discarded. Several tools can be used in packet capturing, one of which is the Wireshark tool. Which of the following sentences best defines the Wireshark tool?
Correct
Wireshark is a command-line GUI-based packet capture program. It is used to analyze the structure of different network protocols and has the ability to demonstrate encapsulation. The analyzer operates on Unix, Linux, and Microsoft Windows operating systems.
Incorrect
Wireshark is a command-line GUI-based packet capture program. It is used to analyze the structure of different network protocols and has the ability to demonstrate encapsulation. The analyzer operates on Unix, Linux, and Microsoft Windows operating systems.
-
Question 19 of 30
19. Question
A spoofing attack is when a malicious party impersonates another device or user on a network to launch attacks against network hosts, steal data, spread malware, or bypass access controls. There are several types of spoofing attacks that malicious parties can use, one of which is the DNS spoofing attack. Which of the following statements is true about the DNS spoofing attack?
Correct
DNS spoofing is a cyber-attack in which fake data is introduced into the DNS resolver’s cache, which causes the name server to return an incorrect IP address. This type of attack exploits vulnerabilities in domain name servers and redirect traffic towards illegitimate websites.
Incorrect
DNS spoofing is a cyber-attack in which fake data is introduced into the DNS resolver’s cache, which causes the name server to return an incorrect IP address. This type of attack exploits vulnerabilities in domain name servers and redirect traffic towards illegitimate websites.
-
Question 20 of 30
20. Question
Encrypted messages are problematic when it comes to capturing traffic. Encryption is intended to be end to end, meaning there is no way to sit in the middle. Any mechanism to sit in the middle defeats the end-to-end expectation of most encryption schemes. Ethical hackers discovered several ways to try to break encrypted protocols, one of which is by using the sslstrip program. Which of the following statements is not true about the sslstrip program?
Correct
Sslstrip was developed by Moxie Marlinspike in 2009 in conjunction with a presentation he made at Black Hat in 2009. It was developed to grab SSL messages and strip the encryption from them. It can also be used as a stand-alone program. Today, there is less of a likelihood of success in using this program because the vulnerabilities that allowed it to work have been resolved.
Incorrect
Sslstrip was developed by Moxie Marlinspike in 2009 in conjunction with a presentation he made at Black Hat in 2009. It was developed to grab SSL messages and strip the encryption from them. It can also be used as a stand-alone program. Today, there is less of a likelihood of success in using this program because the vulnerabilities that allowed it to work have been resolved.
-
Question 21 of 30
21. Question
Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. There are four social engineering vectors, one of which is impersonation. Which of the following sentences is true about impersonation?
Correct
Impersonation is considered to be more of a physical vector wherein the attacker is trying to gain access to a building or facility by pretending to be someone else. It can also be conducted through websites, in that users believe they are visiting one site when in fact they are visiting another.
Incorrect
Impersonation is considered to be more of a physical vector wherein the attacker is trying to gain access to a building or facility by pretending to be someone else. It can also be conducted through websites, in that users believe they are visiting one site when in fact they are visiting another.
-
Question 22 of 30
22. Question
Attackers can use several techniques to conduct a website attack. One of the most common techniques used in a website attack is the website cloning attack. Which of the following statements is true about the website cloning attack?
Correct
Website cloning attack refers to the process of copying or modifying an existing website design or script to create a new website. You can use the WinHTTrack and Wget tool to conduct this technique.
Incorrect
Website cloning attack refers to the process of copying or modifying an existing website design or script to create a new website. You can use the WinHTTrack and Wget tool to conduct this technique.
-
Question 23 of 30
23. Question
Wi-Fi is a wireless networking technology that allows devices such as computers, mobile devices, and other equipment to interface with the internet. It allows these devices to exchange information with one another, creating a network. There are two types of wireless networks: ad hoc network and infrastructure network. Which of the following sentences defines the infrastructure network?
Correct
An infrastructure network has a central device, which acts as a switch. In this type of network, computers don’t talk to one another directly. Instead, all messages go through an access point.
Incorrect
An infrastructure network has a central device, which acts as a switch. In this type of network, computers don’t talk to one another directly. Instead, all messages go through an access point.
-
Question 24 of 30
24. Question
Wireless networks have become an integral part of how we conduct our businesses. They ease many processes and help us get rid of the clutter caused by hundreds of wires. On the downside, wireless networks are much more vulnerable to attacks and intruders. One of the most common wireless attacks is the key reinstallation attack (KRACK). Which of the following statements best describes the KRACK?
Correct
The key reinstallation attack (KRACK) is an attack that is performed during the WPA2 handshake, which is during the initialization of the WPA2 connection. It exploits a vulnerability in WPA2 to steal data transmitted over networks. These attacks can result in the theft of sensitive information like login credentials, credit card numbers, and any other data the victim transmits over the web. KRACK can also be used to perform on-path attacks, serving the victim a fake website or injecting malicious code into a legitimate site.
Incorrect
The key reinstallation attack (KRACK) is an attack that is performed during the WPA2 handshake, which is during the initialization of the WPA2 connection. It exploits a vulnerability in WPA2 to steal data transmitted over networks. These attacks can result in the theft of sensitive information like login credentials, credit card numbers, and any other data the victim transmits over the web. KRACK can also be used to perform on-path attacks, serving the victim a fake website or injecting malicious code into a legitimate site.
-
Question 25 of 30
25. Question
Despite their advantages, web applications raise several security concerns stemming from improper encoding. Serious weaknesses or vulnerabilities allow attackers to gain direct and public access to databases to gather sensitive data, this is known as a web application attack. One of the most common web application attacks is the SQL injection attack. Which of the following statements best defines the SQL injection attack?
Correct
An SQL injection attack is an attack against the database server; it takes advantage of poor programming practices in the application code. This attack happens when a malicious user sends unexpected data through a web request. Sometimes, form data is passed directly into an SQL query from the application server to the database server to execute.
Incorrect
An SQL injection attack is an attack against the database server; it takes advantage of poor programming practices in the application code. This attack happens when a malicious user sends unexpected data through a web request. Sometimes, form data is passed directly into an SQL query from the application server to the database server to execute.
-
Question 26 of 30
26. Question
Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. This attack occurs when an attacker uses a web application to send malicious codes generally in the form of a browser side script to a different end-user. There are three ways to run a cross-site scripting attack: persistent cross-site scripting, reflected cross-site scripting, and document object model (DOM). Which of the following statements best describes the reflected cross-site scripting attack?
Correct
The reflected cross-site scripting attack is the simplest variety of cross-site scripting. It arises when an application receives data in an HTTP request and includes the data within the immediate response in an unsafe way. Reflected attacks are delivered to victims via another route, such as email message, or some other website. When a user is tricked into clicking on a malicious link, submitting a specially crafted form, or even just browsing a malicious site, the injected code travels to the vulnerable website, which reflects the attack on the user’s browser. The browser then executes the code because it came from a trusted server.
Incorrect
The reflected cross-site scripting attack is the simplest variety of cross-site scripting. It arises when an application receives data in an HTTP request and includes the data within the immediate response in an unsafe way. Reflected attacks are delivered to victims via another route, such as email message, or some other website. When a user is tricked into clicking on a malicious link, submitting a specially crafted form, or even just browsing a malicious site, the injected code travels to the vulnerable website, which reflects the attack on the user’s browser. The browser then executes the code because it came from a trusted server.
-
Question 27 of 30
27. Question
The Denial-of-Service (DoS) attack is the process of flooding the target with traffic or sending it information that triggers a crash, making the machine or network inaccessible to its intended users. There are several types of denial of service attacks, one of which is the Local Area Network Denial (LAND) attack. Which of the following statements defines a LAND attack?
Correct
The Local Area Network Denial (LAND) attack sets the source and destination information of a TCP segment to be the same. This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth. This loop would lock up the system.
Incorrect
The Local Area Network Denial (LAND) attack sets the source and destination information of a TCP segment to be the same. This sends the segment into a loop in the operating system, as it is processed as an outbound, then an inbound, and so forth. This loop would lock up the system.
-
Question 28 of 30
28. Question
An application exploit is where an attacker gets control of the execution path of a program. There are a couple of ways to change the flow of execution of a program, one of which is by conducting the buffer overflow attack. Which of the following statements is true about the buffer overflow attack?
Correct
The buffer overflow attack takes advantage of a memory structure called the stack. The stack is a section of memory where data is stored while program functions are executing. The goal of a buffer overflow attack is to inject a section of code, called shellcode, that the attacker wants to be executed. The place in the stack where the return address is kept needs to point to the space in memory where the shellcode now resides.
Incorrect
The buffer overflow attack takes advantage of a memory structure called the stack. The stack is a section of memory where data is stored while program functions are executing. The goal of a buffer overflow attack is to inject a section of code, called shellcode, that the attacker wants to be executed. The place in the stack where the return address is kept needs to point to the space in memory where the shellcode now resides.
-
Question 29 of 30
29. Question
The attack life cycle is a sequence of events that an attacker goes through to successfully infiltrate a network and exfiltrate data from it. Which of the following sentences describes the establishment of the foothold phase in the attack life cycle?
Correct
The establishment of the foothold phase is the third phase in the attack life cycle. In this phase, the attacker will have gained access previously, but here they strengthen their position. This may come from installing a means to get back in anytime they want without having to rely on the initial compromise vector. This may also involve establishing a command and control mechanism.
Incorrect
The establishment of the foothold phase is the third phase in the attack life cycle. In this phase, the attacker will have gained access previously, but here they strengthen their position. This may come from installing a means to get back in anytime they want without having to rely on the initial compromise vector. This may also involve establishing a command and control mechanism.
-
Question 30 of 30
30. Question
Symmetric key cryptography is a type of encryption scheme in which the same key is used both to encrypt and decrypt messages. Any symmetric key algorithm can be either a stream or a block cipher. Which of the following sentences is true about a block cipher?
Correct
Block ciphers take the entire block of data to be encrypted and turn it into fixed-length blocks. If the total length of the data isn’t multiple of the block size, the last block is padded to get to the size of the block. It may commonly use a block length of 64 bits. An example of a block cipher that uses a symmetric key is the Data Encryption Standard (DES).
Incorrect
Block ciphers take the entire block of data to be encrypted and turn it into fixed-length blocks. If the total length of the data isn’t multiple of the block size, the last block is padded to get to the size of the block. It may commonly use a block length of 64 bits. An example of a block cipher that uses a symmetric key is the Data Encryption Standard (DES).