You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" CEH Practice Test 15 "
0 of 62 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
CEH
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking view questions. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Answered
Review
Question 1 of 62
1. Question
It is defined as the process of identifying, analyzing, prioritizing, and resolving events that take place in an organization.
Correct
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Incorrect
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Unattempted
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Question 2 of 62
2. Question
This is called a “Collision attack” in cryptography
Correct
A collision attack is an attempt to find two input strings of a hash function that produce the same hash result.
Incorrect
A collision attack is an attempt to find two input strings of a hash function that produce the same hash result.
Unattempted
A collision attack is an attempt to find two input strings of a hash function that produce the same hash result.
Question 3 of 62
3. Question
A large financial company recently requires its employees to perform file transfers using protocols that encrypts traffic. As a security analyst, you suspect that some of the employees are still performing file transfers using unencrypted protocols. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
Correct
Wireshark filter “tcp.port == 21” will show traffic from ports 21 which is used for FTP.
Incorrect
Wireshark filter “tcp.port == 21” will show traffic from ports 21 which is used for FTP.
Unattempted
Wireshark filter “tcp.port == 21” will show traffic from ports 21 which is used for FTP.
Question 4 of 62
4. Question
What is the most efficient way of cracking passwords for Windows Server 2003 Active Directory (AD) users?
Correct
A rainbow table attack is a hacking method that involves the use of a rainbow hash table. This table contains the values used to encrypt the passwords before adding them to the database.
Incorrect
A rainbow table attack is a hacking method that involves the use of a rainbow hash table. This table contains the values used to encrypt the passwords before adding them to the database.
Unattempted
A rainbow table attack is a hacking method that involves the use of a rainbow hash table. This table contains the values used to encrypt the passwords before adding them to the database.
Question 5 of 62
5. Question
Angel is an expert when it comes to password weaknesses and key loggers. She was then assigned to conduct a password assessment to XYZ company. She suspects that weak passwords are the norm throughout the company. Which of the following options suggests that Angel can retrieve passwords from the company’s hosts and servers?
Correct
Different types of keylogger planted into the environment would retrieve the
passwords for Angel.
Incorrect
Different types of keylogger planted into the environment would retrieve the
passwords for Angel.
Unattempted
Different types of keylogger planted into the environment would retrieve the
passwords for Angel.
Question 6 of 62
6. Question
Which of the following belongs to the 5 Phases of Ethical Hacking:
Correct
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Incorrect
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Unattempted
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Question 7 of 62
7. Question
A black hat hacker changes the profile information of a targeted victim on the targeted website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database.
What is this type of attack (that can use either HTTP GET or HTTP POST) called?
Correct
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Incorrect
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Unattempted
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Question 8 of 62
8. Question
Jia is a certified ethical hacker at SIA Global Security. She was contacted by a startup company to perform a technical assessment on their network. What is the best approach for checking vulnerabilities on a Windows-based computer?
Correct
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure
Incorrect
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure
Unattempted
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure
Question 9 of 62
9. Question
John has successfully compromised a server having an IP address of 10.10.0.7. He wants to enumerate all machines in the same network quickly. Which of the following Nmap command must he use?
Correct
The command “nmap -T4 -F” is used to scan faster than a normal scan because it uses the aggressive timing template and scans fewer ports
Incorrect
The command “nmap -T4 -F” is used to scan faster than a normal scan because it uses the aggressive timing template and scans fewer ports
Unattempted
The command “nmap -T4 -F” is used to scan faster than a normal scan because it uses the aggressive timing template and scans fewer ports
Question 10 of 62
10. Question
The new chief security officer asks for a report of all the computers on the network with missing patches and weak passwords. Which of the following scanner can generate this report?
Correct
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Incorrect
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Unattempted
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Question 11 of 62
11. Question
What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?
Correct
The OSSTMM recognizes three types of compliance:
1. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
2. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
3. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Incorrect
The OSSTMM recognizes three types of compliance:
1. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
2. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
3. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Unattempted
The OSSTMM recognizes three types of compliance:
1. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
2. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
3. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Question 12 of 62
12. Question
Angel has successfully compromised a server on a network and opened a shell. She wants to identify all operating systems running on the network. Unfortunately, as she attempts to fingerprint all machines in the network using the nmap syntax below, it is not going through. What seems to be wrong in her syntax?
Correct
The requested scan type requires root privileges.
Incorrect
The requested scan type requires root privileges.
Unattempted
The requested scan type requires root privileges.
Question 13 of 62
13. Question
The normal (default) speed of scanning for open ports is by using which of the following command?
Correct
Incorrect
Unattempted
Question 14 of 62
14. Question
There are two types of sniffing: Passive and Active sniffing. Which of the following is/are an example of Active sniffing?
Correct
Active sniffing involves sending out multiple network probes to identify access points. The following are examples of different active sniffing techniques:
MAC flooding
DNS poisoning
RP poisoning
DHCP attacks
Switch port stealing
Spoofing attack
Incorrect
Active sniffing involves sending out multiple network probes to identify access points. The following are examples of different active sniffing techniques:
MAC flooding
DNS poisoning
RP poisoning
DHCP attacks
Switch port stealing
Spoofing attack
Unattempted
Active sniffing involves sending out multiple network probes to identify access points. The following are examples of different active sniffing techniques:
MAC flooding
DNS poisoning
RP poisoning
DHCP attacks
Switch port stealing
Spoofing attack
Question 15 of 62
15. Question
Anna is using the nslookup command to list all DNS information such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, and TimeToLive (TTL) records for a Domain. Anna is accomplishing which of the following?
Correct
Zone transfer is the process of copying the contents of the zone file on a primary DNS server to a secondary DNS server. Using zone transfer provides fault tolerance by synchronizing the zone file in a primary DNS server with the zone file in a secondary DNS server.
Incorrect
Zone transfer is the process of copying the contents of the zone file on a primary DNS server to a secondary DNS server. Using zone transfer provides fault tolerance by synchronizing the zone file in a primary DNS server with the zone file in a secondary DNS server.
Unattempted
Zone transfer is the process of copying the contents of the zone file on a primary DNS server to a secondary DNS server. Using zone transfer provides fault tolerance by synchronizing the zone file in a primary DNS server with the zone file in a secondary DNS server.
Question 16 of 62
16. Question
Which of the following biometrics scan is used on the eye to measure the layer of blood vessels?
Correct
Retinal scans capture capillaries deep within the eye by using unique near-infrared cameras.
Incorrect
Retinal scans capture capillaries deep within the eye by using unique near-infrared cameras.
Unattempted
Retinal scans capture capillaries deep within the eye by using unique near-infrared cameras.
Question 17 of 62
17. Question
Theon logged in as a local admin on a Windows 7 system and needs to launch the Computer Management Console from command line. Which of the following command will he use?
Correct
To open the Computer Management Console from command line just type compmgmt.msc in your run box or at the command line.
Incorrect
To open the Computer Management Console from command line just type compmgmt.msc in your run box or at the command line.
Unattempted
To open the Computer Management Console from command line just type compmgmt.msc in your run box or at the command line.
Question 18 of 62
18. Question
A large company is planning to use Blackberry phones as their corporate mobile phones. They assigned Paul, a security analyst, to evaluate the possible threats they might encounter. To do this, he will use Blackjacking attack to demonstrate how a cybercriminal can bypass the perimeter defenses and gain access to the corporate’s network. Which of the following tool will he use to perform a Blackjacking attack?
Correct
Blackberry users have been warned that the security of Blackberry wireless e-mail devices is at risk due to a hacking tool, BBProxy.
Incorrect
Blackberry users have been warned that the security of Blackberry wireless e-mail devices is at risk due to a hacking tool, BBProxy.
Unattempted
Blackberry users have been warned that the security of Blackberry wireless e-mail devices is at risk due to a hacking tool, BBProxy.
Question 19 of 62
19. Question
Which of the following is/are NOT an example of active reconnaissance?
Correct
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Incorrect
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Unattempted
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Question 20 of 62
20. Question
Which of the following is a type of SQL injection attack?
Correct
Union-based, Error-based, and Blind are all types of SQL injection attacks.
Incorrect
Union-based, Error-based, and Blind are all types of SQL injection attacks.
Unattempted
Union-based, Error-based, and Blind are all types of SQL injection attacks.
Question 21 of 62
21. Question
Proxy tool provides a lot of advantages when testing web applications. It allows you manually test every request and analyze the response to find vulnerabilities. It also allows you to test parameters and headers manually to get more precise results than when using web vulnerability scanners. What proxy tool will help you find web vulnerabilities?
Correct
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface to finding and exploiting security vulnerabilities.
Incorrect
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface to finding and exploiting security vulnerabilities.
Unattempted
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface to finding and exploiting security vulnerabilities.
Question 22 of 62
22. Question
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 14?
Correct
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Incorrect
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Unattempted
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Question 23 of 62
23. Question
Which of the following password cracking attacks takes the most time and effort?
Correct
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Incorrect
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Unattempted
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Question 24 of 62
24. Question
Which of the following describes Simple Object Access Protocol (SOAP)? Choose all that applies.
Correct
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Incorrect
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Unattempted
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Question 25 of 62
25. Question
This is considered the best way to protect Personally Identifiable Information (PII) from Web application vulnerabilities?
Correct
It is a best practice that any Personally Identifiable Information (PII) must be encrypted
Incorrect
It is a best practice that any Personally Identifiable Information (PII) must be encrypted
Unattempted
It is a best practice that any Personally Identifiable Information (PII) must be encrypted
Question 26 of 62
26. Question
Jann is a system administrator in a startup company. While analyzing the IDS logs, she noticed an alert was logged even when the external router was accessed from the administrator’s computer to update the router configuration. What type of an alert is this?
Correct
False positives are mislabeled security alerts. These alerts indicate that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on, found out that it was just the user who mistyped the password a lot of times.
Incorrect
False positives are mislabeled security alerts. These alerts indicate that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on, found out that it was just the user who mistyped the password a lot of times.
Unattempted
False positives are mislabeled security alerts. These alerts indicate that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on, found out that it was just the user who mistyped the password a lot of times.
Question 27 of 62
27. Question
SIA Global Security wants to check if it is possible to infiltrate their company. They want the attack to be realistic so they did not provide any information besides the company name. What is the first step of security testing the client?
Correct
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Incorrect
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Unattempted
The Phases of hacking are: Phase 1-Reconnaissance Phase 2-Scanning Phase 3-Gaining Access Phase 4-Maintaining Access Phase 5-Covering Tracks
Question 28 of 62
28. Question
The hacker infected the server with a certain type of Trojan in order and use it in sending and hosting junk mails. What type of Trojan did the hacker use?
Correct
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in DDoS (Distributed Denial of Service) attacks.
Incorrect
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in DDoS (Distributed Denial of Service) attacks.
Unattempted
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in DDoS (Distributed Denial of Service) attacks.
Question 29 of 62
29. Question
A telco company based in New York City hired you to evaluate the security of their email gateway. To do this, you created a test email and send it across the Internet to one of their employee. The recipient employee is aware of the said evaluation.
After a few minutes, the employee received your test email. This proves that the email gateway of the telco company allows?
Correct
Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value.
Incorrect
Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value.
Unattempted
Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value.
Question 30 of 62
30. Question
Peterson discovered an active server that is currently in the same network as the machine he recently exploited. He pings it but there was no response. What could be the main issue?
Correct
The ping command sends an ICMP echo request to a device on the network, and the device immediately responds with an ICMP echo reply. If there was no response after the ping, the ICMP may be disabled on the target server.
Incorrect
The ping command sends an ICMP echo request to a device on the network, and the device immediately responds with an ICMP echo reply. If there was no response after the ping, the ICMP may be disabled on the target server.
Unattempted
The ping command sends an ICMP echo request to a device on the network, and the device immediately responds with an ICMP echo reply. If there was no response after the ping, the ICMP may be disabled on the target server.
Question 31 of 62
31. Question
Which of the following commands will start the Nessus client in the background so that the Nessus server can be configured on a Linux device.
Correct
In Linux, to start a process in the background you will use &.
Incorrect
In Linux, to start a process in the background you will use &.
Unattempted
In Linux, to start a process in the background you will use &.
Question 32 of 62
32. Question
Which of the following command is used to create a scheduled task in Windows System?
Correct
Schtasks allows an administrator to create, delete, query, change, run, and end scheduled tasks on a local or remote system
Incorrect
Schtasks allows an administrator to create, delete, query, change, run, and end scheduled tasks on a local or remote system
Unattempted
Schtasks allows an administrator to create, delete, query, change, run, and end scheduled tasks on a local or remote system
Question 33 of 62
33. Question
Which system consists of a publicly available set of databases that contain domain name registration contact information?
Correct
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Incorrect
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Unattempted
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Question 34 of 62
34. Question
Which of the following is an example of active reconnaissance?
Correct
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Incorrect
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Unattempted
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Question 35 of 62
35. Question
This is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to function properly.
Correct
Dual-homed or dual-homing refers to an Ethernet device that has more than one network interface used for redundancy purposes. In firewall technology, it is one of the firewall architectures used for implementing preventive security.
Incorrect
Dual-homed or dual-homing refers to an Ethernet device that has more than one network interface used for redundancy purposes. In firewall technology, it is one of the firewall architectures used for implementing preventive security.
Unattempted
Dual-homed or dual-homing refers to an Ethernet device that has more than one network interface used for redundancy purposes. In firewall technology, it is one of the firewall architectures used for implementing preventive security.
Question 36 of 62
36. Question
It is the practice of exposing known security vulnerabilities of a certain system or network with the authorized or owner’s permission
Correct
The goal of white hat hacking is to check for security vulnerabilities of a certain system or network to help the owners address and fix these before being discovered by malicious hackers.
Incorrect
The goal of white hat hacking is to check for security vulnerabilities of a certain system or network to help the owners address and fix these before being discovered by malicious hackers.
Unattempted
The goal of white hat hacking is to check for security vulnerabilities of a certain system or network to help the owners address and fix these before being discovered by malicious hackers.
Question 37 of 62
37. Question
This attack occurs when the cybercriminal continuously sends a connection request to the target until all the ports are saturated, making the legitimate users unable to connect.
Correct
A SYN flood occurs when a cybercriminal sends a connection request to the targeted server but fails to complete the connection through what is known as a three-way handshake. The incomplete handshake leaves the connected port unavailable for further requests. The cybercriminal will continue sending a connection request until all the ports are saturated, making the legitimate users unable to connect.
Incorrect
A SYN flood occurs when a cybercriminal sends a connection request to the targeted server but fails to complete the connection through what is known as a three-way handshake. The incomplete handshake leaves the connected port unavailable for further requests. The cybercriminal will continue sending a connection request until all the ports are saturated, making the legitimate users unable to connect.
Unattempted
A SYN flood occurs when a cybercriminal sends a connection request to the targeted server but fails to complete the connection through what is known as a three-way handshake. The incomplete handshake leaves the connected port unavailable for further requests. The cybercriminal will continue sending a connection request until all the ports are saturated, making the legitimate users unable to connect.
Question 38 of 62
38. Question
Which of the following options is the most secure way for storing backup tapes?
Correct
An effective disaster data recovery strategy should consist of producing backup tapes and housing them in an offsite storage facility. This way the data isn’t compromised if a natural disaster affects the business’ office. It is highly recommended that the backup tapes be handled properly and stored in a secure, climate-controlled facility. This provides peace of mind and gives the business almost immediate stability after a disaster.
Incorrect
An effective disaster data recovery strategy should consist of producing backup tapes and housing them in an offsite storage facility. This way the data isn’t compromised if a natural disaster affects the business’ office. It is highly recommended that the backup tapes be handled properly and stored in a secure, climate-controlled facility. This provides peace of mind and gives the business almost immediate stability after a disaster.
Unattempted
An effective disaster data recovery strategy should consist of producing backup tapes and housing them in an offsite storage facility. This way the data isn’t compromised if a natural disaster affects the business’ office. It is highly recommended that the backup tapes be handled properly and stored in a secure, climate-controlled facility. This provides peace of mind and gives the business almost immediate stability after a disaster.
Question 39 of 62
39. Question
Which of the following types of firewalls ensures that the packets are part of the established session?
Correct
A stateful firewall is a network firewall that monitors the operating state and characteristics of network connections traversing it. The firewall is configured to distinguish legitimate packets for different types of connections. Only packets matching a known active connection (session) are allowed to pass the firewall.
Incorrect
A stateful firewall is a network firewall that monitors the operating state and characteristics of network connections traversing it. The firewall is configured to distinguish legitimate packets for different types of connections. Only packets matching a known active connection (session) are allowed to pass the firewall.
Unattempted
A stateful firewall is a network firewall that monitors the operating state and characteristics of network connections traversing it. The firewall is configured to distinguish legitimate packets for different types of connections. Only packets matching a known active connection (session) are allowed to pass the firewall.
Question 40 of 62
40. Question
This type of hacker works only to cause fear and disruption of systems and networks.
Correct
Cyber terrorists are hackers who are influenced by certain religious or political beliefs. They work to cause fear and disruption of systems and networks.
Incorrect
Cyber terrorists are hackers who are influenced by certain religious or political beliefs. They work to cause fear and disruption of systems and networks.
Unattempted
Cyber terrorists are hackers who are influenced by certain religious or political beliefs. They work to cause fear and disruption of systems and networks.
Question 41 of 62
41. Question
Which of the following statements is TRUE about sniffers?
Correct
The OSI layer 2 is where packet sniffers collect their data.
Incorrect
The OSI layer 2 is where packet sniffers collect their data.
Unattempted
The OSI layer 2 is where packet sniffers collect their data.
Question 42 of 62
42. Question
It is an entity or act with the potential to adversely damage a system through unauthorized access, destruction, disclosure, denial of service, or modification of data. Which of the following terms best matches the definition?
Correct
A threat is any entity or malicious act with the potential to adversely damage organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Incorrect
A threat is any entity or malicious act with the potential to adversely damage organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Unattempted
A threat is any entity or malicious act with the potential to adversely damage organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Question 43 of 62
43. Question
Which of the following is/are an example of active reconnaissance?
Correct
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Incorrect
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Unattempted
Active reconnaissance is the opposite of passive reconnaissance wherein the information is gathered by directly engaging with the potential target. This may be done via manual testing or automated scanning using tools such as Nmap, ping, traceroute, and netcat.
Question 44 of 62
44. Question
Which of the following asymmetry cipher is based on factoring the product of two large prime numbers?
Correct
RSA is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.
Incorrect
RSA is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.
Unattempted
RSA is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.
Question 45 of 62
45. Question
A cybercriminal is standing outside, near a secure entrance facility while pretending to have a tense conversation on his cell phone. An unsuspicious authorized employee badges in and the cybercriminal who is still on the phone, grabs the door as it begins to close, and enters the facility. What do you call this type of attack?
Correct
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Incorrect
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Unattempted
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Question 46 of 62
46. Question
Operating System (OS) Fingerprinting helps a cracker because:
Correct
OS fingerprinting is the process a hacker goes through to determine the type of operating system being used on a targeted computer. This is beneficial because it gives the hacker useful information about any security vulnerabilities of the operating system that can be exploited to launch an attack.
Incorrect
OS fingerprinting is the process a hacker goes through to determine the type of operating system being used on a targeted computer. This is beneficial because it gives the hacker useful information about any security vulnerabilities of the operating system that can be exploited to launch an attack.
Unattempted
OS fingerprinting is the process a hacker goes through to determine the type of operating system being used on a targeted computer. This is beneficial because it gives the hacker useful information about any security vulnerabilities of the operating system that can be exploited to launch an attack.
Question 47 of 62
47. Question
Anna was hired as a Security Analyst at SIA Global Security. To secure the company’s network, she set up a firewall and an IDS. Unfortunately, cybercriminals are still able to attack the network. After further investigation, she discovered that the IDS is not properly configured. This is why the alarms did not trigger when needed. What type of alert is the IDS giving?
Correct
False negative happens when no alarm was raised even though an attack has taken place.
Incorrect
False negative happens when no alarm was raised even though an attack has taken place.
Unattempted
False negative happens when no alarm was raised even though an attack has taken place.
Question 48 of 62
48. Question
The extraction of passwords from a person by using coercion or torture?
Correct
The rubber hose attack is extracting secrets from people by use of torture or coercion.
Incorrect
The rubber hose attack is extracting secrets from people by use of torture or coercion.
Unattempted
The rubber hose attack is extracting secrets from people by use of torture or coercion.
Question 49 of 62
49. Question
In user authentication, which of the following is considered as “something you have”?
Correct
Fingerprint is considered as “something you are”,
PIN is considered as “something you know”,
Smart Card is considered as “something you have”
Incorrect
Fingerprint is considered as “something you are”,
PIN is considered as “something you know”,
Smart Card is considered as “something you have”
Unattempted
Fingerprint is considered as “something you are”,
PIN is considered as “something you know”,
Smart Card is considered as “something you have”
Question 50 of 62
50. Question
This act that states that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Correct
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer-sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Incorrect
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer-sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Unattempted
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer-sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Question 51 of 62
51. Question
Which of the following is a characteristic of Public Key Infrastructure (PKI)?
Correct
A digital certificate contains, among other things, the sender’s public key, and can be used to identify the sender.
Incorrect
A digital certificate contains, among other things, the sender’s public key, and can be used to identify the sender.
Unattempted
A digital certificate contains, among other things, the sender’s public key, and can be used to identify the sender.
Question 52 of 62
52. Question
These hackers are ready and willing to perform an attack for a “cause”, even if they get caught and prosecuted.
Correct
Suicide hackers are those who hack for some purpose and even don’t bother to suffer long-term jail due to their activities.
Incorrect
Suicide hackers are those who hack for some purpose and even don’t bother to suffer long-term jail due to their activities.
Unattempted
Suicide hackers are those who hack for some purpose and even don’t bother to suffer long-term jail due to their activities.
Question 53 of 62
53. Question
Which of the following commands runs snort in packet logger mode?
Correct
If you want to store the packages in binary mode for later analysis use “./snort –l ./log -b”.
Incorrect
If you want to store the packages in binary mode for later analysis use “./snort –l ./log -b”.
Unattempted
If you want to store the packages in binary mode for later analysis use “./snort –l ./log -b”.
Question 54 of 62
54. Question
Which of the following cyberattack takes advantage of a website vulnerability in which the site displays content that includes un-sanitized user-provided data.
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Question 55 of 62
55. Question
What is a Boot Sector Virus?
Correct
A boot sector virus is a computer virus that infects a storage device’s master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
Incorrect
A boot sector virus is a computer virus that infects a storage device’s master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
Unattempted
A boot sector virus is a computer virus that infects a storage device’s master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
Question 56 of 62
56. Question
A hacker is trying to compromise a financial company’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?
Correct
Banner grabbing is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a host server containing details like software type and version running in a system or server. The welcome screens divulge software version numbers and other system information on network hosts, giving cybercriminals a leg up on attacking the network.
Incorrect
Banner grabbing is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a host server containing details like software type and version running in a system or server. The welcome screens divulge software version numbers and other system information on network hosts, giving cybercriminals a leg up on attacking the network.
Unattempted
Banner grabbing is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a host server containing details like software type and version running in a system or server. The welcome screens divulge software version numbers and other system information on network hosts, giving cybercriminals a leg up on attacking the network.
Question 57 of 62
57. Question
Which of the following is NOT an ideal choice for biometric controls?
Correct
Height and weight are not ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Incorrect
Height and weight are not ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Unattempted
Height and weight are not ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Question 58 of 62
58. Question
Which of the following is a Windows command that can be used to list all the shared connections to which the current user has access?
Correct
The net use command is a Command Prompt command that’s used to connect to, remove, and configure connections to shared resources, like mapped drives and network printers.
Incorrect
The net use command is a Command Prompt command that’s used to connect to, remove, and configure connections to shared resources, like mapped drives and network printers.
Unattempted
The net use command is a Command Prompt command that’s used to connect to, remove, and configure connections to shared resources, like mapped drives and network printers.
Question 59 of 62
59. Question
Aleaj wants to do an ICMP scan on a remote computer using hping2. Which of the following syntax will allow her to do an ICMP scan?
Correct
The correct syntax for Aleaj to perform an ICMP scan on a remote computer using hping2 is:
C. hping2 -1 host.domain.com
Here’s the breakdown of the options:
A. hping2 host.domain.com: This is the basic syntax for hping2, but it defaults to TCP mode. It wouldn’t perform an ICMP scan.
B. hping2 –set-ICMP host.domain.com: While hping2 supports setting various options, “–set-ICMP” is not a valid flag for defining the ICMP mode.
C. hping2 -1 host.domain.com: This is the correct syntax. The -1 flag in hping2 is specifically used to switch hping2 to ICMP mode. This makes it suitable for sending ICMP echo requests (pings) to the target host.
D. hping2 -i host.domain.com: While this syntax can also be used for ICMP scans in some versions of hping2, -1 is the more widely recognized and documented flag specifically designed for ICMP mode.
Additional Notes:
It’s important to use hping2 responsibly and ethically, avoiding scans against targets without permission.
By using hping2 -1 host.domain.com, Aleaj can effectively perform an ICMP scan on the remote computer. This will send ICMP echo requests and wait for responses, helping her determine if the host is reachable and alive.
Incorrect
The correct syntax for Aleaj to perform an ICMP scan on a remote computer using hping2 is:
C. hping2 -1 host.domain.com
Here’s the breakdown of the options:
A. hping2 host.domain.com: This is the basic syntax for hping2, but it defaults to TCP mode. It wouldn’t perform an ICMP scan.
B. hping2 –set-ICMP host.domain.com: While hping2 supports setting various options, “–set-ICMP” is not a valid flag for defining the ICMP mode.
C. hping2 -1 host.domain.com: This is the correct syntax. The -1 flag in hping2 is specifically used to switch hping2 to ICMP mode. This makes it suitable for sending ICMP echo requests (pings) to the target host.
D. hping2 -i host.domain.com: While this syntax can also be used for ICMP scans in some versions of hping2, -1 is the more widely recognized and documented flag specifically designed for ICMP mode.
Additional Notes:
It’s important to use hping2 responsibly and ethically, avoiding scans against targets without permission.
By using hping2 -1 host.domain.com, Aleaj can effectively perform an ICMP scan on the remote computer. This will send ICMP echo requests and wait for responses, helping her determine if the host is reachable and alive.
Unattempted
The correct syntax for Aleaj to perform an ICMP scan on a remote computer using hping2 is:
C. hping2 -1 host.domain.com
Here’s the breakdown of the options:
A. hping2 host.domain.com: This is the basic syntax for hping2, but it defaults to TCP mode. It wouldn’t perform an ICMP scan.
B. hping2 –set-ICMP host.domain.com: While hping2 supports setting various options, “–set-ICMP” is not a valid flag for defining the ICMP mode.
C. hping2 -1 host.domain.com: This is the correct syntax. The -1 flag in hping2 is specifically used to switch hping2 to ICMP mode. This makes it suitable for sending ICMP echo requests (pings) to the target host.
D. hping2 -i host.domain.com: While this syntax can also be used for ICMP scans in some versions of hping2, -1 is the more widely recognized and documented flag specifically designed for ICMP mode.
Additional Notes:
It’s important to use hping2 responsibly and ethically, avoiding scans against targets without permission.
By using hping2 -1 host.domain.com, Aleaj can effectively perform an ICMP scan on the remote computer. This will send ICMP echo requests and wait for responses, helping her determine if the host is reachable and alive.
Question 60 of 62
60. Question
Jane is a penetration tester from SIA Global Security. She was hired to do a risk assessment of a company’s DMZ. The rules of engagement state that the vulnerability test can be done from an external IP address with no prior knowledge of the internal IT systems. Which of the following test is being performed?
Correct
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Incorrect
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Unattempted
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Question 61 of 62
61. Question
Which of the following attack is possible if a token and a 4-digit personal identification number (PIN) are used to access a computer system? The token performs off-line checking for the correct PIN.
Correct
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time-consuming.
Incorrect
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time-consuming.
Unattempted
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time-consuming.
Question 62 of 62
62. Question
Port scanning can be used in determining network vulnerabilities as part of a technical assessment. The TCP XMAS scan is used to identify listening ports on the targeted system. What happens if a scanned port is open?
Correct
Cybercriminals use TCP XMAS scan to determine if ports are closed on the target machine. This scan type is accomplished by sending TCP segments with all possible flags set in the packet header, generating packets that are illegal based on RFC 793. The RFC 793 expected behavior is that any TCP segment with an out-of-state Flag sent to an open port is discarded, whereas segments with out-of-state flags sent to closed ports should be handled with a RST in response. This behavior should allow an attacker to scan for closed ports by sending certain types of rule-breaking packets (out of sync or disallowed by the TCB) and detect closed ports via RST packets.
Incorrect
Cybercriminals use TCP XMAS scan to determine if ports are closed on the target machine. This scan type is accomplished by sending TCP segments with all possible flags set in the packet header, generating packets that are illegal based on RFC 793. The RFC 793 expected behavior is that any TCP segment with an out-of-state Flag sent to an open port is discarded, whereas segments with out-of-state flags sent to closed ports should be handled with a RST in response. This behavior should allow an attacker to scan for closed ports by sending certain types of rule-breaking packets (out of sync or disallowed by the TCB) and detect closed ports via RST packets.
Unattempted
Cybercriminals use TCP XMAS scan to determine if ports are closed on the target machine. This scan type is accomplished by sending TCP segments with all possible flags set in the packet header, generating packets that are illegal based on RFC 793. The RFC 793 expected behavior is that any TCP segment with an out-of-state Flag sent to an open port is discarded, whereas segments with out-of-state flags sent to closed ports should be handled with a RST in response. This behavior should allow an attacker to scan for closed ports by sending certain types of rule-breaking packets (out of sync or disallowed by the TCB) and detect closed ports via RST packets.
X
Use Page numbers below to navigate to other practice tests