CEH Practice Exam Back to exams page. Take our CEH course here. Read our CEH labs book on Amazon: 1. PaaS is a cloud service that provides a virtual infrastructure, including links, nodes and operating systems.TrueFalseQuestion 1 of 50 2. HTTPS uses asymmetric cryptography to cipher content data.TrueFalseQuestion 2 of 50 3. Advanced Encryption Standard:is a symmetric key encryption algorithm.uses a pair of keys.is a hashing algorithm.replaced DES as a more secure encryption standard.Question 3 of 50 4. Pentesting methodology approach that gives the ethical hacker partial access to the company's data.Black Box.Red Box.Grey Box.White Box.Question 4 of 50 5. Is (are) (a) type(s) of technical attack(s):Intellectual property theft.buffer overflow.piggybacking.dumpster-diving.Question 5 of 50 6. Maltego is a tool that can be used to perform:vulnerability scanning.reconnaissance.exploitation.IDS bypass.Question 6 of 50 7. John called company A stating he was a contractor and needed some information to perform some tests. What type of social engineering attack did he use?Impersonation.Dumpster-diving.Eavesdropping.Pharming.Question 7 of 50 8. Attack where an attacker sends forged e-mails to victims in order to bait them to click on a URL or download a file.pharming.phishing.forging.spamming.Question 8 of 50 9. Whois is an important tool used during the reconnaissance phase.TrueFalseQuestion 9 of 50 10. A type of attack that became a major security concern with the wide-adoption of virtualized systems.Side-channel attack.Distributed DoS.SQL Injection.XSS.Question 10 of 50 11. Banner-grabbing can be used during the footprinting phase.TrueFalseQuestion 11 of 50 12. 'nmap IP_ADDRESS' can be used to detect service software versions during port scanning. Question 12 of 50 13. The transmission of SYN, followed by SUN+ACK and concluded with ACK characterizes a:stealth scan.half scan.full scan.XMAS scan.Question 13 of 50 14. Zone transferring can be used to perform NTP enumeration.TrueFalseQuestion 14 of 50 15. EARTH <00> EARTH <03> EARTH <20> MILKYWAY <00> MILKYWAY <1E> MILKYWAY <1D> This result is compatible with the protocol. Question 15 of 50 16. EARTH <00>EARTH <03>EARTH <20>MILKYWAY <00>MILKYWAY <1E>MILKYWAY <1D>Which of the following tools can generate this result?snmpwalksmbclientmsfconsolenmblookupQuestion 16 of 50 17. The protocol uses ports 161 and 162. Question 17 of 50 18. Mac cache spoofing (or Mac spoofing) is also called . Question 18 of 50 19. These are types of cryptography:public key.symmetric key.hashing.rainbow table.Question 19 of 50 20. An attacker managed to install a backdoor in a victim's machine. To guarantee that the victim would not be able to find the data that the attacker was able to install, the attacker used a specific technique to hide that data. This technique is called . Question 20 of 50 21. A documented vulnerability is uniquely identified by an identifier called CVSS.TrueFalseQuestion 21 of 50 22. CVE stands for:Common Vulnerabilities Entropies.Common Vulnerabilities and Exposures.Characteristics, Vulnerabilities and Exposures.Characteristics and Versions of Exposures.Question 22 of 50 23. Vulnerability criticality level can be measured by a set of metrics called Common Vulnerability Score System.TrueFalseQuestion 23 of 50 24. Differently from other types of malware, a cannot propagate without human intervention. Question 24 of 50 25. a piece of malicious software appended to genuine code is known as . Question 25 of 50 26. Attack characterized by capturing information.phishing.pharming.piggybacking.eavesdropping.Question 26 of 50 27. Local (Windows or Linux) file used by the system to resolve host names before requesting a DNS resolution.localhosthostnamesresolv.confhostsQuestion 27 of 50 28. Attack characterized by altering the records of a name server.DNS spoofing.DNS cache poisoning.NTP enumeration.arp spoofing.Question 28 of 50 29. DNS cache poisoning and DNS spoofing are different names for the same attack.TrueFalseQuestion 29 of 50 30. attacks are denial-of-service attacks generated simultaneously by different sources and/or multiple threads. Question 30 of 50 31. Network composed of zombi softwares controlled by a central controller to perform attacks.BotBotNetDDoSDeepwebQuestion 31 of 50 32. Attack characterized by simultaneously transmitting a large number of 'pings'.UDP flooding.TCP flooding.ICMP flooding.Injection.Question 32 of 50 33. Generally speaking (regardless the protocol type that is used), attacks characterized by packets swarm are called:flooding.swarming.distributed attack.injection.Question 33 of 50 34. An attacker managed to retrieve a session ID of a TCP communication between the victim and a specific web server. With that information, this attacker was able to perform:HTTP response splitting.Buffer overflow.Session jamming.Session hijacking.Question 34 of 50 35. session hijacking is an attack where an attacker retrieves a session ID and ONLY monitors the flowing data. Question 35 of 50 36. Session hijacking is an attack that leverages information carried on the sequence number header field. This header field is present in the protocol. Question 36 of 50 37. Evasion is a technique that can be used to:bypass protection systems.detect protection systems.deploy DDoS attacks against protection systems.increase network performance.Question 37 of 50 38. Combination of an IDS system and a firewall:Intrusion Detection System.Application Layer Firewall.Intrusion Prevention System.Log Server.Question 38 of 50 39. A HoneyNet is an implementation of a:low-interaction honeypot.medium-interaction honeypot.high-interaction honeypot.N/A.Question 39 of 50 40. '_____________________ is an attack against the integrity of an intermediate proxy repository, in which genuine content cached for an arbitrary URL is replaced with spoofed content. Users of the Web cache repository will thus consume spoofed content instead of a genuine one when requesting this URL through the proxy.'Web Cache Poisoning AttackHTTP Response Splitting Attack.SQL Injection.Cross-Site Scripting.Question 40 of 50 41. XSS stands for . Question 41 of 50 42. XSS attacks are characterized by how a client trusts a server, whereas XSRF is characterized by how a server trusts its clients.TrueFalseQuestion 42 of 50 43. http://example.com/show.asp?view=../../../../../Windows/system.iniThis URL is compatible with what type of attack?XSS.XSRF.SQL Injection.directory traversal.Question 43 of 50 44. Single quote (') or pound (#) are symbols that are frequently used in SQLi attacks. That is because they allow the attacker to append additional SQL statement and ignore the previous statement.TrueFalseQuestion 44 of 50 45. SQLi countermeasure(s):Limit the number of concurrent connections to the DMBS.Escape symbols.Detect stored procedures.Use JavaScript.Question 45 of 50 46. WiFi network identifier:BSSID.SSID.WPA.WPS.Question 46 of 50 47. 802.1X authentication has been introduced to which WiFi standard?WPA2 Personal.WPA2 Enterprise.WPA Enterprise.WPA Personal.Question 47 of 50 48. Jack wants to install an app in his iPhone that is not available on the Apple Store. What smartphone technique can he use to achieve his goal (although it is strongly unadvised)?jailbreaking.rooting.sandboxing.hacking.Question 48 of 50 49. In scenario where IoT utility readers are directly sending measurement readings to the utility company's billing system, what is the IoT architecture model used here?device-to-devicedevice-to-clouddevice-to-gatewayBackend data sharingQuestion 49 of 50 50. A scenario where Joey presses his car key unlock button to unlock his car. It does not work, therefore he presses it again. His car door opens, he gets in the car, goes to work, goes back home. The following day, when Joey is heading to his car, he realizes it is not there. What type of attack might have happened?BlueBorne attack.Jamming attack.Signal hijacking attack.Rolling code attack.Question 50 of 50 Loading...