Certified Ethical Hacker v10 Practice Exam

¡Supera tus tareas y exámenes ahora con Quizwiz!

How does a denial-of-service (DoS) attack operate?

A. A hacker prevents users from accessing a service.

Melissa is a virus that targeted Microsoft Windows platforms. To which category does this virus belong?

A. Macro

The category of hijacking a session by intercepting, modifying and injecting packets between client and server is described as:

A. Network Hijacking

Capturing traffic in a hub environment where a sniffer is usually placed in "promiscuous mode" and listens only is:

A. Passive Sniffing

Which of the following describes the function of EIP: Extended Instruction Pointer?

A. Points to the code that you are currently executing

Which encryption method is not based on a block cipher?

A. RC4

Which of the following attacks exploit OS/application installations that contain scripts or tools meant to help administrators be more efficient, but allow hackers access to powerful tools already installed on the host?

A. Shrink Wrap Code Attacks

Software or hardware which captures packets off the network is called:

A. Sniffer

An example of Defense In Depth is the combined use of a screening router, a network firewall, a network IDS and a host-based firewall.

A. TRUE

Attackers will usually encode their exploits and payloads to prevent detection by clear text signatures.

A. TRUE

Gray Hat Hackers use their skills for both offensive and defensive purposes that are not illegal or malicious and have approval to operate.

A. TRUE

Patch management ensures appropriate patches are installed on all systems.

A. TRUE

Port scanning tools enable a hacker to learn about services running on a host.

A. TRUE

SHA takes a message of arbitrary length as input and produces a 160-bit fingerprint or message digest.

A. TRUE

The HIPPA Privacy Rule regulates the use and disclosure of protected health information.

A. TRUE

Bills for unused services are a sign of identity theft.

A. True

DHCP starvation is a type of denial-of-service attack.

A. True

Drawing of symbols in public places to publicize an open Wi-Fi wireless network is called what?

A. WarChalking

A WiFi network scanner which scans, identifies, and filters hundreds of nearby access points is called?

A. inSSIDer

Which nmap command option performs a scan using the initial TCP handshake but sends an RST instead of ACK?

A. sS SYN Stealth Scan

Which of the following is a business threat category?

ALL OF THE ABOVE

The difference between signature detection and anomaly detection is:

B. Anomaly detection relies on finding differences and signature detection relies on known attacks.

A large collection of compromised hosts that are used to conduct DDoS attacks and other malicious actions are known as:

B. BotNets

The spoofing technique that causes the victim system to lose track of the proper sequence number required to continue a secure connection is called:

B. Desynchronization

A digital signature is a message that is encrypted with the public key instead of the private key.

B. FALSE

A penetration test is the evaluation of the vulnerabilities of an information system or network.

B. FALSE

During the vulnerability assessment phase of the vulnerability assessment lifecycle, inference-based techniques use information such as the type of operating system to identify vulnerabilities.

B. FALSE

Fuzzing is a security software for Windows capable of detecting and preventing buffer overflows.

B. FALSE

If organizations take advantage of the anonymity of cryptocurrencies such as Bitcoin they are protected from ransomeware attacks.

B. FALSE

In a public key infrastructure the public key is used to unencrypt a message and sign messages.

B. FALSE

Which of the following is a collection of tools to facilitate session hijacking, including libraries for sending or receiving data?

B. Hjksuite

All of the following are SMTP commands EXCEPT:

B. PARSE

Which of the following best describes a rootkit?

B. Programs that have the ability to hide themselves and cover traces of a hackers activities.

Which hashing function uses 160-bit digest?

B. SHA 1

All of the following are examples of evasion techniques EXCEPT:

B. Sender Target

An email which claims to be from a legitimate source and attempts to solicit information or convince a senior executive to take some sort of action is known as:

B. Whaling

System-user passwords are typically stored:

C. As hashes in a system password file.

A virus that does not increase the size of the infected file by hiding in the "open space" of a file is what type of virus?

C. Cavity

Which of the following is the most effective countermeasure to password cracking?

C. Compose a strong password based on a phrase that results in a random combination of letters and numbers and symbols

The act of scanning a firewall to determine what ports it has open, and to determine if these open ports actually connect to a legitimate host on the inside of the network, is called?

C. Firewalking

Which of the following analyzes an operating system and all the applications on the network to discover any security flaws that are present?

C. GFI LAN Guard

Which of the following is an application programming interface used to access the Google search engine?

C. Google API

What does the term Hacktivism mean?

C. Hackers who are hacking for a cause.

All of the following can help protect yourself from Google Hacking EXCEPT:

C. Keep default pages and samples

Which of the following is a collection of Internet information gathering and network troubleshooting utilities?

C. NetScanTools Pro

Which of the following established a code of fair information practice that governed the collection, maintenance, use, and dissemination of personally identifiable information (PII)?

C. Privacy Act of 1974

The Risk Management process includes all of the following steps EXCEPT:

C. Risk Vulnerability

Overwhelming an application with traffic is what kind of application attack?

C. SYN flood

Individuals who download and use scripts/exploit tools with no real understanding of the concepts being employed in causing an effect are called?

C. Script Kiddies

The act of altering configuration files and the expected operation of a service is known as what kind of attack?

C. Service Reconfiguration

All of the following are denial-of-service categories EXCEPT:

C. Stabilization

Which of the following was created in response to the September 11, 2001, terrorist attacks?

C. U.S. Patriot Act

OWASP's Top 10 IoT Vulnerabilities are provided to help developers, manufacturers, enterprises and consumers make well-informed decisions when building and using IoT devices. A user recently learns of a vulnerability in their web camera's software, which allows an attacker to log in using default admin credentials to view the camera's video feed. Which of OWASP's Top 10 IoT Vulnerabilities does this BEST fall under?

C. Weak, guessable, or hardcoded passwords

Which of the following defines a Wrapper, in the context of Trojans?

D. A tool that allows you to bind an executable of choice to an innocent looking file.

Which of the following should organizations create as part of incident response planning?

D. All of the Above

Social engineering can be used to accomplish:

D. All of the above

Which of the following best represents the symptoms a host may have when infected by a virus or worm?

D. All of the above

Which of the following is a "clean computing habit" for users?

D. All of the above

Which of the following is a common proxy tool?

D. All of the above

Which of the following is a common tool used for LDAP enumeration?

D. All of the above

An attacker tries to access restricted directories and execute commands on the webserver by using the URL to change directories is called what type of attack?

D. Directory Traversal

The vulnerabilities on OWASP's Top 10 IoT Vulnerabilities are categorized by what two factors?

D. Rate of occurrence and severity level

An IDS alert where an intrusion did not occur and an alarm was not raised is a:

D. True Negative

What is a self-replicating program that does NOT require user intervention to spread?

D. Worm

ARP (Address Resolution Protocol) does not translate IP addresses to MAC addresses.

FALSE


Conjuntos de estudio relacionados

HESI RN Case Study - Cystic Fibrosis Peds

View Set

Ch 27: Heart Failure & Circulatory Shock

View Set

NURS360 HESI Adolescents level 2 (A's)

View Set

Culinary Essentials: Quickbreads Unit

View Set

Fundamental of Management Quiz 7

View Set