You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" CEH Practice Test 13 "
0 of 64 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
CEH
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking view questions. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Answered
Review
Question 1 of 64
1. Question
A firewall is a software/hardware based system located at the network gateway that monitors and controls the traffic in the system. Which of the following firewalls can mitigate SQL injection attacks?
Correct
Web application firewall secures websites, web applications, and web services against known and unknown attacks such as SQL injection, path traversal, cross-site scripting, and others that result in web site defacement.
Incorrect
Web application firewall secures websites, web applications, and web services against known and unknown attacks such as SQL injection, path traversal, cross-site scripting, and others that result in web site defacement.
Unattempted
Web application firewall secures websites, web applications, and web services against known and unknown attacks such as SQL injection, path traversal, cross-site scripting, and others that result in web site defacement.
Question 2 of 64
2. Question
You want to use NMAP to map domain names into IP addresses. Which of the following commands can make this possible?
Correct
The A record is an Address record. It returns a 32-bit IPv4 address and is most commonly used to map hostnames to an IP address of the host.
Incorrect
The A record is an Address record. It returns a 32-bit IPv4 address and is most commonly used to map hostnames to an IP address of the host.
Unattempted
The A record is an Address record. It returns a 32-bit IPv4 address and is most commonly used to map hostnames to an IP address of the host.
Question 3 of 64
3. Question
This command line switch can remotely detect the operating system of the targeted host.
Correct
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Incorrect
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Unattempted
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Question 4 of 64
4. Question
SIA Telco is planning for a company expansion this 2021. This big move will require their network to authenticate their users connecting via analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network. Which of the following AAA protocol should the chief network engineer implement?
Correct
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manages accounting.
Incorrect
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manages accounting.
Unattempted
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manages accounting.
Question 5 of 64
5. Question
It is an act that should be adhered to by anyone who handles any electronic medical data. This act states that all medical practices must ensure that all necessary measures in keeping the patients’ medical information are in place.
Correct
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Incorrect
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Unattempted
Health Insurance Portability and Accountability Act (HIPAA) is a 1996 legislation in the United States that protects patients’ health information from being disclosed without their consent or knowledge. It regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)
Question 6 of 64
6. Question
An ethical hacker has successfully exploited a Linux server. The ethical hacker wants to make sure that outbound traffic from the server will not be detected by a Network-Based Intrusion Detection Systems (NIDS). Which of the following is the best way to avoid the NIDS?
Correct
NIDS is used to protect a system from network-based threats by monitoring and analyzing network traffic. When the traffic is encrypted, NIDS can only perform packet level analysis, since the contents in the application layer are inaccessible.
Incorrect
NIDS is used to protect a system from network-based threats by monitoring and analyzing network traffic. When the traffic is encrypted, NIDS can only perform packet level analysis, since the contents in the application layer are inaccessible.
Unattempted
NIDS is used to protect a system from network-based threats by monitoring and analyzing network traffic. When the traffic is encrypted, NIDS can only perform packet level analysis, since the contents in the application layer are inaccessible.
Question 7 of 64
7. Question
Which of the following nmap commands should be used if a hacker wants to run a port scan on a web server but wants to lessen the amount of noise in order to evade IDS?
Correct
-sT means TCP Connect scan
-O means Operating system (OS) detection
-T0 means Paranoid (0) Intrusion Detection System evasion
Incorrect
-sT means TCP Connect scan
-O means Operating system (OS) detection
-T0 means Paranoid (0) Intrusion Detection System evasion
Unattempted
-sT means TCP Connect scan
-O means Operating system (OS) detection
-T0 means Paranoid (0) Intrusion Detection System evasion
Question 8 of 64
8. Question
Von is a security analyst from SIA Global Security. One of his tasks is to monitor and check the IDS logs. He noticed that an alert was triggered even though he found nothing malicious on a normal web application traffic. He can mark this alert as:
Correct
False positives are mislabeled security alerts. These alerts indicates that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on found out that it was just the user who mistyped the password a lot of times.
Incorrect
False positives are mislabeled security alerts. These alerts indicates that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on found out that it was just the user who mistyped the password a lot of times.
Unattempted
False positives are mislabeled security alerts. These alerts indicates that there is a threat when in reality no attack has taken place. For example, an alert was triggered indicating a brute force attack, but later on found out that it was just the user who mistyped the password a lot of times.
Question 9 of 64
9. Question
Internet standards such as PGP, SSL, and IKE are all examples of which type of cryptography?
Correct
Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Secure Sockets Layer (SSL),Transport Layer Security (TLS), S/MIME, PGP, Internet Key Exchange (IKE or IKEv2), and GPG.
Incorrect
Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Secure Sockets Layer (SSL),Transport Layer Security (TLS), S/MIME, PGP, Internet Key Exchange (IKE or IKEv2), and GPG.
Unattempted
Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Secure Sockets Layer (SSL),Transport Layer Security (TLS), S/MIME, PGP, Internet Key Exchange (IKE or IKEv2), and GPG.
Question 10 of 64
10. Question
It is a regulation that requires businesses to ensure the protection of personal data and privacy of European citizens.
Correct
General Data Protection Regulation or GDPR is a regulation that requires businesses to ensure the protection of personal data and privacy of European citizens. It establishes one law across the continent and a single set of rules which applies to companies doing business within EU member states.
Incorrect
General Data Protection Regulation or GDPR is a regulation that requires businesses to ensure the protection of personal data and privacy of European citizens. It establishes one law across the continent and a single set of rules which applies to companies doing business within EU member states.
Unattempted
General Data Protection Regulation or GDPR is a regulation that requires businesses to ensure the protection of personal data and privacy of European citizens. It establishes one law across the continent and a single set of rules which applies to companies doing business within EU member states.
Question 11 of 64
11. Question
What are the three types of multi factor authentication?
Correct
Multi-factor authentication (MFA) is a method of logon verification where at least two different factors of proof are required. The three authentication factors are: something you have, something you know, and something you are.
Incorrect
Multi-factor authentication (MFA) is a method of logon verification where at least two different factors of proof are required. The three authentication factors are: something you have, something you know, and something you are.
Unattempted
Multi-factor authentication (MFA) is a method of logon verification where at least two different factors of proof are required. The three authentication factors are: something you have, something you know, and something you are.
Question 12 of 64
12. Question
Jen receives an unsuspicious email after accessing her bank account through a web browser. The email contains a very catchy image, and out of curiosity, she clicked it. She was then redirected to a website which shows an animated GIF of cat running around the park. After a few days, Jen noticed that all of her funds in her bank account was gone. Which of the following web browser-based security vulnerability got exploited by the hacker?
Correct
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to perform. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Incorrect
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to perform. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Unattempted
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to perform. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Question 13 of 64
13. Question
Which of the following commands is used to find the number of hops to the target?
Correct
Traceroute is a network diagnostic command that displays the IP and hostname of the machines along the route taken by the packets.
Incorrect
Traceroute is a network diagnostic command that displays the IP and hostname of the machines along the route taken by the packets.
Unattempted
Traceroute is a network diagnostic command that displays the IP and hostname of the machines along the route taken by the packets.
Question 14 of 64
14. Question
Which of the following best describes the role of the U.S. Computer Security Incident Response Team (CSIRT)?
Correct
Computer security incident response team or CSIRT’s main responsibility is to expose and avert cyberattacks targeting an organization. It is important to have a security team that is solely focused on incident response (IR).
Incorrect
Computer security incident response team or CSIRT’s main responsibility is to expose and avert cyberattacks targeting an organization. It is important to have a security team that is solely focused on incident response (IR).
Unattempted
Computer security incident response team or CSIRT’s main responsibility is to expose and avert cyberattacks targeting an organization. It is important to have a security team that is solely focused on incident response (IR).
Question 15 of 64
15. Question
Passive reconnaissance is the process of gathering information through which of the following?
Correct
Passive reconnaissance is the act of gathering information without alerting the potential victim. A hacker may use OSINT or Open Source Intelligence for gathering publicly available information of the targeted individual or organization.
Incorrect
Passive reconnaissance is the act of gathering information without alerting the potential victim. A hacker may use OSINT or Open Source Intelligence for gathering publicly available information of the targeted individual or organization.
Unattempted
Passive reconnaissance is the act of gathering information without alerting the potential victim. A hacker may use OSINT or Open Source Intelligence for gathering publicly available information of the targeted individual or organization.
Question 16 of 64
16. Question
This tool is used on a Linux-based system as a passive wireless packet analyzer.
Correct
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Incorrect
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Unattempted
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Question 17 of 64
17. Question
Upon getting unauthorized access to a Linux host, a hacker was able to steal the password file from /etc/passwd. What happens next?
Correct
The password file from /etc/passwd does not contain the passwords.
Incorrect
The password file from /etc/passwd does not contain the passwords.
Unattempted
The password file from /etc/passwd does not contain the passwords.
Question 18 of 64
18. Question
This type of TCP scan is used to identify listening port by sending a series of packet with no set flags?
Correct
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set.
Incorrect
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set.
Unattempted
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set.
Question 19 of 64
19. Question
Jane was hired as the Security Operation Center Analyst of SIA University. One of her tasks is to monitor all the incoming and outgoing traffic on SIA University’s local network. Which of the following tool will help her in checking for suspicious activities and possible exploits in the network?
Correct
Network-based intrusion detection system (NIDS) is used to protect a system from network-based threats by monitoring and analyzing network traffic. NIDS scan all inbound packets and hunt for any suspicious patterns. When threats are discovered, the system takes action based on its severity. This includes notifying administrators, or blocking the source IP address from accessing the network.
Incorrect
Network-based intrusion detection system (NIDS) is used to protect a system from network-based threats by monitoring and analyzing network traffic. NIDS scan all inbound packets and hunt for any suspicious patterns. When threats are discovered, the system takes action based on its severity. This includes notifying administrators, or blocking the source IP address from accessing the network.
Unattempted
Network-based intrusion detection system (NIDS) is used to protect a system from network-based threats by monitoring and analyzing network traffic. NIDS scan all inbound packets and hunt for any suspicious patterns. When threats are discovered, the system takes action based on its severity. This includes notifying administrators, or blocking the source IP address from accessing the network.
Question 20 of 64
20. Question
What risk is present if a recent nmap scan shows that port 69 is open?
Correct
Trivial File Transfer Protocol (TFTP) runs on port 69. TFTP allows transferring of files without authentication.
Incorrect
Trivial File Transfer Protocol (TFTP) runs on port 69. TFTP allows transferring of files without authentication.
Unattempted
Trivial File Transfer Protocol (TFTP) runs on port 69. TFTP allows transferring of files without authentication.
Question 21 of 64
21. Question
What is the main difference between “Blind” SQL Injection to “Normal” SQL Injection vulnerability?
Correct
Blind SQL injection is nearly identical to normal SQL injection, the only difference is the way the data is retrieved from the database.
Incorrect
Blind SQL injection is nearly identical to normal SQL injection, the only difference is the way the data is retrieved from the database.
Unattempted
Blind SQL injection is nearly identical to normal SQL injection, the only difference is the way the data is retrieved from the database.
Question 22 of 64
22. Question
This program allows us to run more than one operating system (OS) inside our machine.
Correct
VirtualBox is a virtualization machine that will allow you to run more than one operating system (OS) inside a single machine. This is essential in ethical hacking when performing penetration testing in a virtual environment.
Incorrect
VirtualBox is a virtualization machine that will allow you to run more than one operating system (OS) inside a single machine. This is essential in ethical hacking when performing penetration testing in a virtual environment.
Unattempted
VirtualBox is a virtualization machine that will allow you to run more than one operating system (OS) inside a single machine. This is essential in ethical hacking when performing penetration testing in a virtual environment.
Question 23 of 64
23. Question
Which of the following is the result of a NULL scan on an open port?
Correct
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set. If the target port is open, a null scan will result to a no response since the host will ignore the packet. If the target port is closed, it will respond a RST packet.
Incorrect
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set. If the target port is open, a null scan will result to a no response since the host will ignore the packet. If the target port is closed, it will respond a RST packet.
Unattempted
Null scan is a type of scan that is used to identify listening TCP port. In a null scan, a series of packet is sent to a TCP port with zero bits or no flags set. If the target port is open, a null scan will result to a no response since the host will ignore the packet. If the target port is closed, it will respond a RST packet.
Question 24 of 64
24. Question
Which of the following is designed to increase the confidentiality of information by implementing verification and authentication during a data exchange?
Correct
PKI or Public Key Infrastructure is a security architecture developed to increase secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email.
Incorrect
PKI or Public Key Infrastructure is a security architecture developed to increase secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email.
Unattempted
PKI or Public Key Infrastructure is a security architecture developed to increase secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email.
Question 25 of 64
25. Question
Which of the following tools can be used as a network intrusion prevention and intrusion detection, record network activity, and functions as a network sniffer?
Correct
Snort is an open source intrusion prevention and detection system which aims to provide the most effective and comprehensive real-time network defense. It can be used as a packet sniffer, a packet logger, and a network file logging device.
Incorrect
Snort is an open source intrusion prevention and detection system which aims to provide the most effective and comprehensive real-time network defense. It can be used as a packet sniffer, a packet logger, and a network file logging device.
Unattempted
Snort is an open source intrusion prevention and detection system which aims to provide the most effective and comprehensive real-time network defense. It can be used as a packet sniffer, a packet logger, and a network file logging device.
Question 26 of 64
26. Question
This act requires the standard national numbers of employers to be identified on standard transactions.
Correct
Health Insurance Portability and Accountability Act (HIPAA) requires that employers have standard national numbers that identify them on standard transactions.
Incorrect
Health Insurance Portability and Accountability Act (HIPAA) requires that employers have standard national numbers that identify them on standard transactions.
Unattempted
Health Insurance Portability and Accountability Act (HIPAA) requires that employers have standard national numbers that identify them on standard transactions.
Question 27 of 64
27. Question
Hashing algorithm is an algorithm developed by the National Institute of Standards and Technology to generate cryptographically secure one-way hash. Which of the following is being described?
Correct
Message Digest Algorithm 5 also known as MD5 is a cryptographic hash algorithm that can be used to create a 128-bit string value from an arbitrary length string.
Incorrect
Message Digest Algorithm 5 also known as MD5 is a cryptographic hash algorithm that can be used to create a 128-bit string value from an arbitrary length string.
Unattempted
Message Digest Algorithm 5 also known as MD5 is a cryptographic hash algorithm that can be used to create a 128-bit string value from an arbitrary length string.
Question 28 of 64
28. Question
This can be simply defined as the collection publicly available information:
Correct
OSINT or Open-source intelligence refers to any available information that can be accessed from free public sources such as the internet.
Incorrect
OSINT or Open-source intelligence refers to any available information that can be accessed from free public sources such as the internet.
Unattempted
OSINT or Open-source intelligence refers to any available information that can be accessed from free public sources such as the internet.
Question 29 of 64
29. Question
Angel is the current Chief Security Officer at SIA University. During their meeting with a Security consultant, Angel explains that there might be a conflict with their existing security controls. She discussed that their Network Administrator is the only one responsible for the approval and issuance of RFID card access to their server room, and monitoring/reviewing the weekly access logs. SIA University is currently facing which of the following issue?
Correct
The concept of delegating more than one person to complete a task is called Separation of duties. Separation of duties, also known as Segregation of duties has two primary goal. First is to prevent the conflict of interest, and reduce the risk of unauthorized access and fraudulent activity. Second is to identify and mitigate control failures such as security breaches, information theft and circumvention of security controls.
Incorrect
The concept of delegating more than one person to complete a task is called Separation of duties. Separation of duties, also known as Segregation of duties has two primary goal. First is to prevent the conflict of interest, and reduce the risk of unauthorized access and fraudulent activity. Second is to identify and mitigate control failures such as security breaches, information theft and circumvention of security controls.
Unattempted
The concept of delegating more than one person to complete a task is called Separation of duties. Separation of duties, also known as Segregation of duties has two primary goal. First is to prevent the conflict of interest, and reduce the risk of unauthorized access and fraudulent activity. Second is to identify and mitigate control failures such as security breaches, information theft and circumvention of security controls.
Question 30 of 64
30. Question
This tool is used for checking network vulnerabilities and compliance assessment.
Correct
Nessus performs vulnerability, configuration, and compliance assessment. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.
Incorrect
Nessus performs vulnerability, configuration, and compliance assessment. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.
Unattempted
Nessus performs vulnerability, configuration, and compliance assessment. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.
Question 31 of 64
31. Question
It is an act of gathering information without engaging with the system or the individual itself.
Correct
Passive reconnaissance is the process of gaining valuable information without being noticed by the potential victim. It is also an act of gathering information without engaging with the system or the individual
Incorrect
Passive reconnaissance is the process of gaining valuable information without being noticed by the potential victim. It is also an act of gathering information without engaging with the system or the individual
Unattempted
Passive reconnaissance is the process of gaining valuable information without being noticed by the potential victim. It is also an act of gathering information without engaging with the system or the individual
Question 32 of 64
32. Question
A start-up company hired a penetration tester to conduct a security audit on their network. Upon investigating, it was discovered that a breach to the company’s network had happened a lot of times because the IDS is not configured properly. This is why no alarms were triggered during the attack. What type of alert is the IDS giving?
Correct
False negative happens when no alarm was raised even though an attack has taken place.
Incorrect
False negative happens when no alarm was raised even though an attack has taken place.
Unattempted
False negative happens when no alarm was raised even though an attack has taken place.
Question 33 of 64
33. Question
Which of the following command line switches in Nmap is used for detecting operating system?
Correct
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Incorrect
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Unattempted
-O is a command line switch used for OS detection in Nmap. For example, nmap -O 192.168.1.1.
Question 34 of 64
34. Question
Jane is a network security officer at SIA Global Security. She has a machine installed with a snort and another machine installed with kiwi Syslog. She performed a SYN scan and wants to check if the messages sent from the snort machine (10.172.0.18) are received by the kiwi Syslog machine (10.172.0.150). What Wireshark filter will show that there is a connection between the two machines?
Correct
To check the connections between two machines, the destination port at destination IP must be configured. The destination IP is 10.172.0.150, where the kiwi Syslog is installed.
Incorrect
To check the connections between two machines, the destination port at destination IP must be configured. The destination IP is 10.172.0.150, where the kiwi Syslog is installed.
Unattempted
To check the connections between two machines, the destination port at destination IP must be configured. The destination IP is 10.172.0.150, where the kiwi Syslog is installed.
Question 35 of 64
35. Question
This standard is associated with the credit card industry?
Correct
Payment Card Industry Data Security Standard (PCI DSS) is a global information security standard by “PCI Security Standards Council” that handles cardholders’ data for debit, credit, prepaid, e-purse, ATM, and POS cards. This offers a comprehensive and robust standard and supporting materials to improve payment card information security. This include an outline of specifications, tools, measurements, and support resources to help organizations protect the cardholder’s information.
Incorrect
Payment Card Industry Data Security Standard (PCI DSS) is a global information security standard by “PCI Security Standards Council” that handles cardholders’ data for debit, credit, prepaid, e-purse, ATM, and POS cards. This offers a comprehensive and robust standard and supporting materials to improve payment card information security. This include an outline of specifications, tools, measurements, and support resources to help organizations protect the cardholder’s information.
Unattempted
Payment Card Industry Data Security Standard (PCI DSS) is a global information security standard by “PCI Security Standards Council” that handles cardholders’ data for debit, credit, prepaid, e-purse, ATM, and POS cards. This offers a comprehensive and robust standard and supporting materials to improve payment card information security. This include an outline of specifications, tools, measurements, and support resources to help organizations protect the cardholder’s information.
Question 36 of 64
36. Question
This is a powerful framework commonly used by ethical hackers in performing automated attacks on a network in order to check its security vulnerabilities.
Correct
Metasploit framework is a very powerful tool which can be used by penetration testers to check vulnerabilities on networks and servers. It provides exploits, payloads, auxiliary functions, encoders, listeners, shellcode, post-exploitation code and nops.
Incorrect
Metasploit framework is a very powerful tool which can be used by penetration testers to check vulnerabilities on networks and servers. It provides exploits, payloads, auxiliary functions, encoders, listeners, shellcode, post-exploitation code and nops.
Unattempted
Metasploit framework is a very powerful tool which can be used by penetration testers to check vulnerabilities on networks and servers. It provides exploits, payloads, auxiliary functions, encoders, listeners, shellcode, post-exploitation code and nops.
Question 37 of 64
37. Question
Which of the following is/are an example(s) of a Botnet? (Select all that apply.)
Correct
Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks. Some of the most familiar examples of a botnets are mirai, lemon duck, and prometei.
Incorrect
Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks. Some of the most familiar examples of a botnets are mirai, lemon duck, and prometei.
Unattempted
Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks. Some of the most familiar examples of a botnets are mirai, lemon duck, and prometei.
Question 38 of 64
38. Question
Which type of SQL injection attack is being used if the attacker uses the command:
Correct
In this type of SQL Injection Attack, the cybercriminal uses SQL comment operator “- – “ to ignore part from SQL query search.
Incorrect
In this type of SQL Injection Attack, the cybercriminal uses SQL comment operator “- – “ to ignore part from SQL query search.
Unattempted
In this type of SQL Injection Attack, the cybercriminal uses SQL comment operator “- – “ to ignore part from SQL query search.
Question 39 of 64
39. Question
Which of the following algorithm was tagged as useless way back in 2007, after discovering that the passkeys can be easily uncovered in less than a minute?
Correct
WEP or Wired Equivalent Privacy is currently the most widely used Wi-Fi security protocol for securing 802.11 networks. In 2007, a new attack on WEP, the PTW attack, was discovered, which allows an attacker to recover the secret key in less than 60 seconds in some cases.
Incorrect
WEP or Wired Equivalent Privacy is currently the most widely used Wi-Fi security protocol for securing 802.11 networks. In 2007, a new attack on WEP, the PTW attack, was discovered, which allows an attacker to recover the secret key in less than 60 seconds in some cases.
Unattempted
WEP or Wired Equivalent Privacy is currently the most widely used Wi-Fi security protocol for securing 802.11 networks. In 2007, a new attack on WEP, the PTW attack, was discovered, which allows an attacker to recover the secret key in less than 60 seconds in some cases.
Question 40 of 64
40. Question
Which of the following best describes Code injection?
Correct
Injection flaws are commonly found in SQL, LDAP, XPath, NoSQL, OS commands, XML parsers, SMTP headers, expression languages (EL), and Object Relational Mapping (ORM) queries.
The hacker injects malicious SQL code or query into the user input form to manipulate and control the database, allowing them to access and delete modify information and change other applications’ behavior.
Incorrect
Injection flaws are commonly found in SQL, LDAP, XPath, NoSQL, OS commands, XML parsers, SMTP headers, expression languages (EL), and Object Relational Mapping (ORM) queries.
The hacker injects malicious SQL code or query into the user input form to manipulate and control the database, allowing them to access and delete modify information and change other applications’ behavior.
Unattempted
Injection flaws are commonly found in SQL, LDAP, XPath, NoSQL, OS commands, XML parsers, SMTP headers, expression languages (EL), and Object Relational Mapping (ORM) queries.
The hacker injects malicious SQL code or query into the user input form to manipulate and control the database, allowing them to access and delete modify information and change other applications’ behavior.
Question 41 of 64
41. Question
The goal of this type of malware is not to steal confidential information, but rather, to restrict the user from using the system.
Correct
Denial of service, or DoS, is an attack on a computer or network which makes it inaccessible to the user. In a DoS attack, a cybercriminal sends high volume traffic to a victim’s system to overload its resources until the system crashes, preventing its users from accessing the network.
Incorrect
Denial of service, or DoS, is an attack on a computer or network which makes it inaccessible to the user. In a DoS attack, a cybercriminal sends high volume traffic to a victim’s system to overload its resources until the system crashes, preventing its users from accessing the network.
Unattempted
Denial of service, or DoS, is an attack on a computer or network which makes it inaccessible to the user. In a DoS attack, a cybercriminal sends high volume traffic to a victim’s system to overload its resources until the system crashes, preventing its users from accessing the network.
Question 42 of 64
42. Question
You were hired to do a web application security test. You noticed that the site is dynamic and must make use of a back end database. In order to check if SQL injection is possible, what is the first character that you should use to attempt breaking a valid SQL request?
Correct
Injection attacks can be prevented by doing a source code validation or review. This will allow you to determine the injection flaws and mitigate them before deploying the code into production.
Incorrect
Injection attacks can be prevented by doing a source code validation or review. This will allow you to determine the injection flaws and mitigate them before deploying the code into production.
Unattempted
Injection attacks can be prevented by doing a source code validation or review. This will allow you to determine the injection flaws and mitigate them before deploying the code into production.
Question 43 of 64
43. Question
This tool performs comprehensive tests against web servers, including potentially dangerous files/programs, and version specific problems.
Correct
Nikto is an Open Source (GPL) web server scanner that performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Incorrect
Nikto is an Open Source (GPL) web server scanner that performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Unattempted
Nikto is an Open Source (GPL) web server scanner that performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Question 44 of 64
44. Question
This type of malware can remain dormant in a victim’s computer and will trigger only when the programmed condition is met.
Correct
A logic bomb is a malicious program that has been inserted into the victims’ computer network, operating system, or software application. Unlike other malware attacks, logic bombs can remain dormant in a victims’ computer unless the programmed condition that will trigger it is met.
Incorrect
A logic bomb is a malicious program that has been inserted into the victims’ computer network, operating system, or software application. Unlike other malware attacks, logic bombs can remain dormant in a victims’ computer unless the programmed condition that will trigger it is met.
Unattempted
A logic bomb is a malicious program that has been inserted into the victims’ computer network, operating system, or software application. Unlike other malware attacks, logic bombs can remain dormant in a victims’ computer unless the programmed condition that will trigger it is met.
Question 45 of 64
45. Question
Which of the following refers to the group of hijacked or infected computers, servers, mobile, and IoT devices that is being controlled by a hacker.
Correct
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks.
Incorrect
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks.
Unattempted
Botnet refers to the group of hijacked or infected computers, servers, mobile devices, and IoT (Internet of Things) devices that are being controlled by a hacker. Botnets are used to carry out malicious activities such as account credential leakage, unauthorized access and clicking of ads, sending spam emails, and participating in a DDoS (Distributed Denial of Service) attacks.
Question 46 of 64
46. Question
It is a wireless network detector, packet sniffer, and intrusion detection system (IDS) and is commonly found on Linux-based system.
Correct
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Incorrect
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Unattempted
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Question 47 of 64
47. Question
This is an environment where we can practice ethical hacking without the fear of compromising a legitimate network.
Correct
Sandboxed environment, also known as hacking environment, is where we can practice and explore a variety of hacking techniques without compromising other legitimate systems or networks.
Incorrect
Sandboxed environment, also known as hacking environment, is where we can practice and explore a variety of hacking techniques without compromising other legitimate systems or networks.
Unattempted
Sandboxed environment, also known as hacking environment, is where we can practice and explore a variety of hacking techniques without compromising other legitimate systems or networks.
Question 48 of 64
48. Question
Jane, a freelance CEH, is bidding for a security audit contract on a large company. This job contract involves penetration testing and reporting. The company is asking for a proof of work so Jane prints out several audits that she has performed from other companies. Which of the following is likely to occur?
Correct
Ethical hackers must maintain the confidentiality of a sensitive data. Do not disclose any sensitive information obtained from your ethical hacking to other third parties unless authorized by the owner.
Incorrect
Ethical hackers must maintain the confidentiality of a sensitive data. Do not disclose any sensitive information obtained from your ethical hacking to other third parties unless authorized by the owner.
Unattempted
Ethical hackers must maintain the confidentiality of a sensitive data. Do not disclose any sensitive information obtained from your ethical hacking to other third parties unless authorized by the owner.
Question 49 of 64
49. Question
Which of the following command line switches in Nmap is used for scanning fewer ports.
Correct
-F (Fast (limited port) scan) Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100.
Incorrect
-F (Fast (limited port) scan) Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100.
Unattempted
-F (Fast (limited port) scan) Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100.
Question 50 of 64
50. Question
Which of the following is an architectural pattern that aims to provide application functionality as services to other applications?
Correct
A service-oriented architecture (SOA) is an architectural pattern in computer software design in which application components provide services to other components via a communications protocol, typically over a network.
Incorrect
A service-oriented architecture (SOA) is an architectural pattern in computer software design in which application components provide services to other components via a communications protocol, typically over a network.
Unattempted
A service-oriented architecture (SOA) is an architectural pattern in computer software design in which application components provide services to other components via a communications protocol, typically over a network.
Question 51 of 64
51. Question
Which of the following DNS record types can specify how long does a DNS poisoning will last?
Correct
The Start of Authority (SOA) record stores important information about a domain or zone such as the primary name server of the domain, the email address of the admin, the last update of domain, the time the server should wait before the refresh.
Incorrect
The Start of Authority (SOA) record stores important information about a domain or zone such as the primary name server of the domain, the email address of the admin, the last update of domain, the time the server should wait before the refresh.
Unattempted
The Start of Authority (SOA) record stores important information about a domain or zone such as the primary name server of the domain, the email address of the admin, the last update of domain, the time the server should wait before the refresh.
Question 52 of 64
52. Question
As an ethical hacker, you are tasked to perform a penetration test in XY company. While performing the first step, which is the information gathering, you found the list of employees along with their emails posted on the internet. Using an email spoofing technique, you sent an email to one of the employees while pretending to be his supervisor. In this email you asked him to open the pdf links and print it. Believing you were his supervisor, he read your email and opens the malicious link which infected his machine. What testing method was used in this attack?
Correct
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Incorrect
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Unattempted
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Question 53 of 64
53. Question
It is an adaptive SQL Injection testing technique that is used to identify coding errors and security loopholes by inputting huge amounts of random data against the targeted application.
Correct
Fuzz testing is a quality and assurance checking technique that is used to identify coding errors and security loopholes in a targeted web applications. Huge amounts of random data called ‘Fuzz’ will be generated by the fuzz testing tools (Fuzzers) and be used against the target web application to discover vulnerabilities that can be exploited by various attacks.
Incorrect
Fuzz testing is a quality and assurance checking technique that is used to identify coding errors and security loopholes in a targeted web applications. Huge amounts of random data called ‘Fuzz’ will be generated by the fuzz testing tools (Fuzzers) and be used against the target web application to discover vulnerabilities that can be exploited by various attacks.
Unattempted
Fuzz testing is a quality and assurance checking technique that is used to identify coding errors and security loopholes in a targeted web applications. Huge amounts of random data called ‘Fuzz’ will be generated by the fuzz testing tools (Fuzzers) and be used against the target web application to discover vulnerabilities that can be exploited by various attacks.
Question 54 of 64
54. Question
Which of the following keys are shared during the process of encryption and decryption?
Correct
In asymmetric key system, public keys are shared or available to anyone, while private keys are held only by the key owner.
Incorrect
In asymmetric key system, public keys are shared or available to anyone, while private keys are held only by the key owner.
Unattempted
In asymmetric key system, public keys are shared or available to anyone, while private keys are held only by the key owner.
Question 55 of 64
55. Question
This is a form of Penetration Testing or Ethical Hacking which relies on exploiting human psychology to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Correct
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Incorrect
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Unattempted
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Question 56 of 64
56. Question
Which of the following statements best describes Social Engineering?
Correct
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Incorrect
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Unattempted
Social engineering is an act of using an individual to compromise an information system or to give access to a sensitive resource. It exploits human psychology that aims to manipulate the victim into divulging confidential information in the interest of cybercriminals.
Question 57 of 64
57. Question
It is the process of identifying, analyzing, prioritizing, and resolving security events in an organization.
Correct
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Incorrect
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Unattempted
Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore and prevent further damage in service operations.
Question 58 of 64
58. Question
Which of the following is used to indicate a single-line or nested comment in structured query language (SQL)?
Correct
SQL Comment uses the two hyphens (–) for single-line or nested comments. Comments inserted with — are terminated by a new line, which is specified with a carriage return.
Incorrect
SQL Comment uses the two hyphens (–) for single-line or nested comments. Comments inserted with — are terminated by a new line, which is specified with a carriage return.
Unattempted
SQL Comment uses the two hyphens (–) for single-line or nested comments. Comments inserted with — are terminated by a new line, which is specified with a carriage return.
Question 59 of 64
59. Question
Which type of hackers are often referred to as the “good guys” or those who exploit security vulnerabilities for the benefit of the company?
Correct
White hat hackers or “the good guys” are often referred to as ethical hackers. They are authorized persons or individuals specializing in ethical hacking tools, techniques, and methodologies to strengthen an organization’s information systems.
Incorrect
White hat hackers or “the good guys” are often referred to as ethical hackers. They are authorized persons or individuals specializing in ethical hacking tools, techniques, and methodologies to strengthen an organization’s information systems.
Unattempted
White hat hackers or “the good guys” are often referred to as ethical hackers. They are authorized persons or individuals specializing in ethical hacking tools, techniques, and methodologies to strengthen an organization’s information systems.
Question 60 of 64
60. Question
Bluetooth uses which of the following digital modulation technique to exchange information between paired devices?
Correct
Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of PSK are used: /4 DQPSK, and 8DPSK
Incorrect
Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of PSK are used: /4 DQPSK, and 8DPSK
Unattempted
Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of PSK are used: /4 DQPSK, and 8DPSK
Question 61 of 64
61. Question
A network administrator uncovers several unfamiliar files such as a tarball and nc files in the root directory of his Linux FTP server. Upon further checking, the FTP server’s access logs show that an anonymous user was able to log in to the server, uploaded the unfamiliar files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server’s software. The ps command shows that the nc file is running as a process, and the netstat command shows that the nc process is listening on a network port. What kind of vulnerability made this remote attack possible?
Correct
To upload files the user must have proper write file permissions.
Incorrect
To upload files the user must have proper write file permissions.
Unattempted
To upload files the user must have proper write file permissions.
Question 62 of 64
62. Question
Which of the following is/are not passive reconnaissance tools? Choose all that applies.
Correct
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Incorrect
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Unattempted
Nmap is a powerful active reconnaissance tool. This tool can be used to gather lots of information about the target. Let’s see how we can use Nmap in our favor.
Question 63 of 64
63. Question
A future client wants to see sample reports from previous penetration tests. What should you do next?
Correct
Penetration tests data done from previous clients should not be disclosed to third parties.
Incorrect
Penetration tests data done from previous clients should not be disclosed to third parties.
Unattempted
Penetration tests data done from previous clients should not be disclosed to third parties.
Question 64 of 64
64. Question
The amount of risk that remains after all the countermeasures have been exhausted is called?
Correct
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Incorrect
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Unattempted
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
X
Use Page numbers below to navigate to other practice tests