CEHv10 Quiz

Switch Port Stealing sniffing technique uses the following attack to sniff the packets MAC flooding ARP Spoofing DHCP attacks DNS poisoning

MAC flooding

In the SQL Injection Characters, which of the following character represents the global variable? % @@variable || @variable

@@variable

In the URL encoding scheme, the URL is converted into a valid ASCII format, so that data can be safely transported over HTTP. Which character is used in the URL encoding followed by the character's two-digit ASCII code, which is expressed in hexadecimal?. Select one # & $ %

%

Which of the following sequence is used by the attacker, in the Directory Traversal Attacks to access restricted directories outside of the web server root directory. Select one /... //... ..// ../

../

Identify the type of virus that adds its code to the host code without relocating the host code to insert its own code at the beginning Intrusive Viruses Transient Viruses Add-on Viruses Shell Viruses

Add-on Viruses

Which of the following attack involves in stealing a cloud service provider's domain name Cybersquatting Domain Sniping DNS Poisoning Domain Hijacking

Domain Hijacking

Which of the following tool can capture RPL related information and live packets from networks in a non-intrusive manner? Foren6 RFCrack HackRF One Telnet

Foren6

Gaining Access: Which of the following is a password cracking tool? (Select all that apply) NMAP John the Ripper Airmon-ng Hydra

John the Ripper Hydra

Which type of DNS record helps in mapping an IP address to a hostname? HINFO TXT PTR NS

PTR

Identify the hacking phase in which an attacker tries to gather information about the target prior to launch an attack Scanning Gaining Access Reconnaissance Clearing Tracks

Reconnaissance

In Code Breaking Methodologies, which of the following method involves the use of social engineering techniques to extract cryptographic keys Brute-Force Trickery and Deceit Frequency Analysis One-Time Pad

Trickery and Deceit

Google supports several advanced operators that help in modifying the search. Which of the following Google advanced search operator displays the web pages stored in the Google cache [site:] [link:] [info:] [cache:]

[cache:]

Covering tracks: Which of the following tools are capable of clearing log files? (Select all that apply) kismet dd psloglist cowpatty

dd psloglist

Which of the following Hping command used to intercept all traffic containing HTTP signature? hping3 192.168.1.103 -Q -p 139 -s hping3 -9 HTTP -I eth0 hping3 -S 192.168.1.1 -a 192.168.1.254 -p 22 --flood hping3 -F -P -U 10.0.0.25 -p 80

hping3 -9 HTTP -I eth0

Maintaining Access: Which of the following tools can provide the attacker with a remote shell AND allow for file transfers to and from the compromised machine? (Select all that apply) metasploit Stuxnet Tini netcat

metasploit Stuxnet

Run the following 'nbtstat' command, in order to get the content of NetBIOS name cache, the tables of NetBIOS names and their resolved IP addresses. nbstat .exe -e nbstat .exe -t nbstat .exe -c nbstat .exe -i

nbstat .exe -c

Identify the command which is used to adjust RSSI range python RFCrack.py -i -F MOD_2FSK -F 314350000 python RFCrack.py -j -F 314000000 python RFCrack.py -r -U "-75" -L "-5" -M MOD_2FSK -F 314350000 python RFCrack.py -r -M MOD_2FSK -F 314350000

python RFCrack.py -r -U "-75" -L "-5" -M MOD_2FSK -F 314350000

Identify which of the following detection is used to detect the intrusion based on the fixed behavioral characteristics of the user and components in a computer system Anomaly Detection Protocol Anomaly Detection Intrusion Detection System Signature Recognition

Anomaly Detection

Identify the rootkit, which helps in hiding the directories, remote connections and logins. Azazel ZeroAccess Necurs Avatar

Azazel

Scanning: Which of the following is NOT an example of a scanning tool? BeEF NMAP HPING OpenVAS

BeEF

Which of the following statement is true for Service Request Floods A. An attacker or group of zombies attempts to exhaust server resources by setting up and tearing down TCP connections B. It attacks the servers with a high rate of connections from a valid source C. It initiates a request for a single connection Only A is true Both B and C are true Both A and B are true Only C is true

Both A and B are true

In webserver password cracking techniques, The attacker tries every combination of character until the password is broken, such type of attack is known as. Select one: Brute force attack Dictionary attacks Guessing attack Hybrid attack

Brute force attack

Sam receives an email with an attachment, he downloads the file and finds that it is infected with virus which overwrites a part of the host file with a constant content without increasing the length of the file and preserving its functionality. Which type of virus that the file was infected by? Cavity Viruses Shell Viruses File Extension Viruses Cluster Viruses

Cavity Viruses

Which of the following service uses the port TCP/UDP 53 to enumerate DNS Zone Transfer SNMP Trap NetBIOS Name Service Global Catalog Service

DNS Zone Transfer

Jack, a skillful hacker targeted a major banking services firm located in Japan, using the LOIC (Low Orbit Ion Cannon) tool, Jack made the number of HTTP requests rise to a high level, which made the victim's server with the number of requests and resulted in failure of server responding to the request and crashed. Which type of attack Jack performed in the above scenario? Social engineering attack MITM attack Packet Injection attack DoS and DDoS

DoS and DDoS

Identify the type of IDS alert that occurs when an IDS fails to react to an actual attack event True Positive True Negative False Negative False Positive

False Negative

The testing that is also called black box testing, which require no knowledge of the inner design of the code is called Fuzzing Test Function Test Static Test Dynamic Test

Function Test

In the Command Injection attacks, the following type of attack is used to deface a website virtually. Select one HTML Embedding Shell Injection Website Embedding HTML injection

HTML Embedding

In a computer based social engineering, a person receives emails that issues warnings to the user on the new viruses, worms or Trojan that may harm the user's system. These kind of computer based social engineering is known as Spam Email Chain Letters Hoax Letters Instant Chat Messenger

Hoax Letters

 Identify the type of vulnerability assessment used to determine the vulnerabilities in a workstation or server by performing configuration level check through the command line. Active Assessment Network Assessments Host-Based Assessment Application Assessment

Host-Based Assessment

Which type of attack that search for the web server login passwords by using the alphabetical letters, symbols and number is called Password Guessing Dictionary Attack Brute Force Attack Hybrid Attack

Hybrid Attack

ICMP scanning involves in checking for the live systems, which can be done by sending the following ping scan request to a host. If the host is live, then it will return a reply. ICMP Echo Reply ICMP Echo Ping ICMP Echo Request ICMP Echo host

ICMP Echo Request

Identify the type of cloud computing, which provides virtual machines and other abstracted hardware and operating systems which may be controlled through a service API Software-as-a-Service (SaaS) Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS) Virtual Service

Infrastructure-as-a-Service (IaaS)

 Which of the following term is defined as the process of installing a modified set of kernel patches that allows running third-party applications not signed by the OS vendor? Tracking Hijacking Blackjacking Jailbreaking

Jailbreaking

Which type of rootkit is used to hide the information about the attacker by replacing original system calls with fake ones? Application Level Rootkit Library Level Rootkit Boot Loader Level Rootkit Hardware/Firmware Rootkit

Library Level Rootkit

In which of the following mobile platform vulnerabilities, unsolicited text/email messages sent to mobile devices from known/ unknown phone numbers/email IDs. Mobile Phishing SMS Spam SMS Phishing Mobile Spam

Mobile Spam

 Attacker uses the '%00' character prior to a string in order to bypass detection mechanism. Identify the type of evasion technique used by the attacker. Case Variation URL Encoding Null Byte Obfuscated Codes

Null Byte

Silicon Pvt Ltd is a reputed company, which is having around 1000's employees working in their company. One day, one of the employees approached the authorized person of the organization claiming that he/she forgot their ID badge and requested the person to allow through a secure door. Whereas the authorized person believed that the person forgot the ID badge and helped the person to go through the entrance by swiping with his/her ID badge. Later on that authorized person realized that the person is a non-employee of the organization and he/she is an intruder who intentionally entered into the company. From the above scenario, which of the following comes under the Human-based Social Engineering? Tailgating Piggybacking Reverse Social Engineering None of the above

Piggybacking

Identify the ports that are allowed by the firewall in an organization Port 443 and Port 69 Port 80 and Port 69 Port 80 and Port 110 Port 80 and Port 443

Port 80 and Port 443

Vulnerability management life cycle is an important process that helps in finding and remediating security weaknesses before they are exploited. Identify the phase that involves the remediation. Pre-Assessment Phase Vulnerability Assessment Phase Risk Assessment Phase Post Assessment Phase

Post Assessment Phase

Which of the following executing application allows an attacker to modify the registry and to change local admin passwords? RemoteExec PDQ Deploy DameWare Remote Support Keyloggers

RemoteExec

Which of the following attack allows Android users to attain privileged control access with in Android's subsystem Rooting Jailbreaking SMiShing App Sandboxing

Rooting

Which of the following cryptographic attack technique involves extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture Chosen-ciphertext Attack Ciphertext-only Attack Adaptive Chosen-plaintext Attack Rubber Hose Attack

Rubber Hose Attack

Using which port the attacker can compromise the entire network, and receive a copy of every packet that passes through a switch SPAN Port TAP Port UDP port TCP port

SPAN Port

Roy is a senior penetration tester working in a Gensolutions Inc, a US based company. The company uses the Oracle database to store all its data. It also uses Oracle DataBase Vault in order to restrict user from accessing the confidential data from their database. One day Roy was asked to find all the possible vulnerabilities of the company's Oracle Database Vault. Roy tried different kinds of attacks to penetrate into the company's Oracle DB Valut and succeeded. Which of the following attack helped Roy to bypass Gensolutions Oracle DB Vault? Select one Denial of service attack SQL Injection Session Hijacking Sniffing

SQL Injection

From the following TCP Communication Flags identity the flag which Initiates a connection between different hosts. SYN FIN ACK PSH

SYN

In the Permanent Denial-of-service, the attacker will uses the 'Bricking a system' method, in order to __________ Send fraudulent hardware updates to the victims Launch a massive denial of service attacks and compromise websites Exploit weaknesses in programming source code Send malicious email attached to the victim

Send fraudulent hardware updates to the victims

The attacker uses the following attack, in order to listen to the conversation between the user and the server and captures the authentication token of the user. With this authentication token, the attacker replays the request to the server with the captured authentication token and gains unauthorized access to the server Session Replay attack Session Fixation attacks Session hijacking using proxy servers Client side attacks

Session Replay attack

At which phase of the Session Fixation attack does the attacker obtains a legitimate session ID by establishing a connection with the target web server. Entrance phase Session set-up phase Fixation phase Final phase

Session set-up phase

In which type of Social engineering technique does an attacker secretly observers the target to gain critical information such as passwords, credit card information, etc. Eavesdropping Shoulder surfing Dumpster diving Impersonation on social networking sites

Shoulder surfing

From the following, identify the attack in which an attacker exploit default configuration and settings of off-the-self libraries and code. Operating System Attack Misconfiguration Attacks Application-Level Attack Shrink-Wrap Code Attacks

Shrink-Wrap Code Attacks

 Cloud Pent Testing is not allowed for one of the following Cloud Computing type, as it might impact on the infrastructure Platform-as-a-Service (PaaS) Software-as-a-Service (SaaS) Hybrid-as-a-Service(HaaS) Infrastructure-as-a-Service (IaaS)

Software-as-a-Service (SaaS)

 From the following identify the technique through which an attacker distributes malware on the web by sending a malware attached email and tricking the victim to click the attachment. Social Engineered Click-jacking Spearphishing Sites Spam Emails Drive-by Downloads

Spam Emails

Identify the following technique, in which the attacker use drones to detect open wireless networks WarChalking WarFlying WarWalking WarDriving

WarFlying

Footprinting and Reconnaissance: Which of the following is NOT an example of Passive Reconnaissance? Google Hacking Newsgroups Website copying Whois queries

Website copying