Ethical Hacking Test #1
What type of network attack relies on guessing a TCP header's initial sequence number, or ISN? a. ARP spoofing c. DoS b. Session hijacking d. Man-in-the-middle
b. Session hijacking
What type of testing procedure involves the tester(s) analyzing the company's security policy and procedures, and reporting any vulnerabilities to management? a. penetration test b. security test c. hacking test d. ethical hacking test
B. Security test
A DDoS attack is launched against a host from a single server or workstation. T/F
False
In the TCP/IP stack, the Transport layer includes network services and client software. T/F
False
Malware programs cannot be detected by antivirus programs. T/F
False
Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law. T/F
False
Which HTTP method requests that the entity is stored under the Request-URI? a. GET c. POST b. PUT d. HEAD
b. PUT
What IPv4 address class has the IP address 221.1.2.3? a. Class A c. Class C b. Class B d. Class D
c. Class C
What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted? a. Fraud and Abuse Act c. Electronic Communication Privacy Act b. Interception Abuse Act d. The Computer Fraud Act
c. Electronic Communication Privacy Act
What type of general commands allow a security tester to pull information from a Web server using a web browser? a. TFTP c. HTTP b. DNS d. ARP
c. HTTP
What tactic is being used when an attacker trailing closely behind an employee enters a restricted area without any security credentials by utilizing their proximity to another employee with security clearance? a. Shoulder surfing c. Piggybacking b. Footprinting d. Dumpster diving
c. Piggybacking
A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following? a. virus c. worm b. Trojan d. shell
c. worm
What common term is used by security testing professionals to describe vulnerabilities in a network? a. bytes c. bots b. packets d. holes
d. holes
Which type of social engineering attack attempts to discover personal information through the use of email? a. email surfing c. spamming b. footprinting d. phishing
d. phishing
A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker? a. mail fraud c. ransoming b. heuristics d. social engineering
d. social engineering
Which process utilizes the knowledge of human nature to get information from people to use for executing an attack on a computer network? a. fingerprinting c. zone transferring b. footprinting d. social engineering
d. social engineering
Wget is a *nix system command that can be used to retrieve HTTP, HTTPS, and FTP files over the Internet. T/F
True
Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network. T/F
True
Network attacks can often begin by gathering information from a company's Web site. T/F
True
No matter what medium connects computers on network-copper wires, fiber-optic cables, or a wireless setup; the same protocol must be running on all computers if communication is going to function correctly. T/F
True
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity? a. ICMP c. TCP b. UDP d. ARP
a. ICMP
What layer, in the TCP/IP stack, is responsible for routing a packet to a destination address? a. Internet c. Transport b. Network d. Application
a. Internet
The acronym IDS stands for which of the following? a. Intrusion Detection System c. Information Destruction System b. Information Dissemination System d. Intruder Dispersal System
a. Intrusion Detection System
What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth? a. Man-in-the-Middle c. Middle-Capture b. Ping of Death d. DDOS
a. Man-in-the-Middle
What professional security certification requires applicants to demonstrate hands-on abilities to earn their certificate? a. Offensive Security Certified Professional b. Certified Ethical Hacker c. Certified Information Systems Security Professional d. CompTIA Security+
a. Offensive Security Certified Professional
What layer, in the TCP/IP protocol stack, is responsible for encapsulating data into segments? a. Transport layer c. Application layer b. Internet layer d. Network layer
a. Transport layer
Which utility is used to gather IP and domain information? a. Whois c. Metis b. Netcat d. Dig
a. Whois
The virus signature file is maintained by what type of software? a. antivirus c. remote control b. keylogger d. firewall
a. antivirus
Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing? a. backdoor c. worm b. shell d. macro virus
a. backdoor
What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted? a. black box b. white box c. red box d. silent box
a. black box
When a programmer exploits written code that doesn't check for a defined amount of memory space they are executing which of the following attacks? a. buffer overflow c. DDoS b. DoS d. session hijacking
a. buffer overflow
Penetration testing can create ethical, technical, and privacy concerns for a company's management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed? a. create a contractual agreement c. create a virtual demonstration b. create a lab demonstration d. create a slide presentation
a. create a contractual agreement
What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack? a. eavesdropping c. injecting b. overflowing d. capturing
a. eavesdropping
What is the passive process of finding information on a company's network called? a. footprinting c. calling b. searching d. digging
a. footprinting
What penetration model should a company use if they only want to allow the penetration tester(s) partial or incomplete information regarding their network system? a. gray box c. black box b. white box d. red box
a. gray box
Which type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file? a. macro c. keylogger b. rootkit d.adware
a. macro
What derogatory title do experienced hackers, who are skilled computer operators, give to inexperienced hackers? a. script kiddies b. repetition monkeys c. packet sniffers d. crackers
a. script kiddies
Which technique can be used to read PINs entered at ATMs or at other areas when a pin code is entered? a. shoulder surfing c. zone transferring b. footprinting d. piggybacking
a. shoulder surfing
When an attacker chooses to combine social engineering with exploiting vulnerabilities carried out by e-mail, what type of attack is being performed? a. spear phishing c. personal b. email surfing d. email phishing
a. spear phishing
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network? a. 128 address c. 224 address b. 127 address d. 255 address
b. 127 address
What port does the Domain Name System, or DNS service use? a. 25 c. 69 b. 53 d. 80
b. 53
What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network? a. Port Scanning Policy c. ISP Security Policy b. Acceptable Use Policy d. Hacking Policy
b. Acceptable Use Policy
Which of the following sometimes displays a banner that notifies the user of its presence? a. Spyware c. Webware b. Adware d. Malware
b. Adware
Which HTTP method is used with a proxy that can dynamically switch to a tunnel connection, such as Secure Socket Layer (SSL)? a. HEAD c. PUT b. CONNECT d. GET
b. CONNECT
What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system? a. Viruses c. Macro viruses b. Keyloggers d. Shells
b. Keyloggers
What tool can be used to read and write data to ports over a network? a. Whois c. Metis b. Netcat d. Dig
b. Netcat
In the TCP/IP stack, what layer is concerned with physically moving bits across the network's medium? a. Internet c. Transport b. Network d. Application
b. Network
What TCP flag is responsible for delivering data directly and immediately to an application? a. ACK flag c. RST flag b. PSH flag d. SYN flag
b. PSH flag
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer? a. TCP c. FTP b. UDP d. POP3
b. UDP
What utility can be used to intercept detailed information from a company's Web site? a. JavaAttack c. Trace b. Zed Attack Proxy d. WebAnalysis
b. Zed Attack Proxy
When a security professional is presented with a contract drawn up by a company's legal department, which allows them to "hack" the company's network, they should proceed by performing what precautionary step? a. consult the company's lawyer c. sign the contract b. consult their lawyer d. begin testing immediately
b. consult their lawyer
Which of the following is a text file generated by a Web server and stored on a user's browser? a. index c. server index b. cookie d. web file
b. cookie
What name is given to people who break into computer systems with the sole purpose to steal or destroy data? a. packet monkeys c. script kiddies b. crackers d. bots
b. crackers
What social engineering tactic can be utilized to acquire old notes that may contain written passwords or other items that document important information? a. shoulder-surfing c. piggybacking b. dumpster diving d. desk surfing
b. dumpster diving
What term best describes a person who hacks computer systems for political or social reasons? a. cracktivist b. hacktivist c. sniffer d. script kiddy
b. hacktivist
Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect? a. toolbox c. shell b. rootkit d. macro virus
b. rootkit
What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail? a. shell c. keylogger b. virus d. rootkit
b. virus
When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following? a. viruses c. macros b. zombies d. cyborgs
b. zombies
What is the decimal equivalent of the binary number 11000001? a. 128 c. 193 b. 164 d. 201
c. 193
Which HTTP error informs you the server understands the request but refuses to comply? a. 401 Unauthorized c. 403 Forbidden b. 404 Not Found d. 409 Conflict
c. 403 Forbidden
What port does the Trivial File Transfer Protocol, or TFTP service use? a. 25 c. 69 b. 53 d. 80
c. 69
What acronym represents the U.S. Department of Justice new branch that addresses computer crime? a. GIAC c. CHIP b. OPST d. CEH
c. CHIP
What connection-oriented protocol is utilized by the Transport layer? a. HTTPS c. TCP b. UDP d. SSL
c. TCP
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header? a. Internet c. Transport b. Network d. Application
c. Transport
To see additional parameters that can be used with the Netcat command, what should you type at the command prompt? a. nc -lookup c. nc -h b. nc -z d. nc -up
c. nc -h
What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity? a. ISN c. port b. IP d. SYN
c. port
What type of virus is used to lock a user's system, or cloud accounts until the system's owner complies by paying the attacker a monetary fee? a. keylogger c. ransomware b.rootkit d. macro
c. ransomware
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing? a. kiddies b. packets c. scripts d. tasks
c. scripts
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system? a. health c. vulnerability b. technical d. network
c. vulnerability
Which process enables you to see all the host computers on a network and basically give you a diagram of an organization's network? a. Web bugs c. zone transfers b. footprints d. namedroppers
c. zone transfers
What port does the Hypertext Transfer Protocol, or HTTP service use? a. 25 c. 69 b. 53 d. 80
d. 80
What layer protocols operate as the front end to the lower-layer protocols in the TCP/IP stack? a. Internet c. Transport b. Network d. Application
d. Application
What layer, in the TCP/IP stack, do applications and protocols, such as HTTP and Telnet, operate? a. Internet c. Transport b. Network d. Application
d. Application
What security certification did the "The International Council of Electronic Commerce Consultants" (EC-Council) develop? a. Security+ b. OSSTMM Professional Security Tester (OPST) c. Certified Information Systems Security Professional (CISSP) d. Certified Ethical Hacker (CEH)
d. Certified Ethical Hacker (CEH)
Which utility can extract meta-data and documents on a Website to reveal the document creator's network login, e-mail address, IP address, and other important information? a. Samba c. SamSpade b. Bugnosis d. FOCA
d. FOCA
What HTTP method is the same as the GET method, but retrieves only the header information of an HTML document, not the document body? a. CONNECT c. POST b. PUT d. HEAD
d. HEAD
What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets? a. IP c. UDP b. TCP d. ISN
d. ISN
What TCP flag is responsible for synchronizing the beginning of a session? a. URG flag c. PSH flag b. ACK flag d. SYN flag
d. SYN flag
Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party? a. A DoS attack c. A buffer overflow attack b. Ping of Death d. Session hijacking
d. Session hijacking
If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use? a. Adware c. Malware b. Spybot d. Spyware
d. Spyware
What subject area is not one of the 22 domains tested during the CEH exam? a. Sniffers c. Footprinting b. Social engineering d. Trojan hijacking
d. Trojan hijacking
What type of malicious computer programs present themselves as useful computer programs or applications? a. macro viruses c. Spyware programs b. worms d. Trojan programs
d. Trojan programs
What 1-pixel x 1-pixel image file is referenced in an tag, and usually works with a cookie to collect information about the person visiting the Website? a. image bug c. bugnosis detector b. zone transfer d. Web bug
d. Web bug
When an individual attempts to discover as much information legally possible about their competition, what information gathering technique are they performing? a. competitive study c. basic information b. packet study d. competitive intelligence
d. competitive intelligence
Which type of attack cripples the network and prevents legitimate users from accessing network resources? a. buffer overflow c. social engineering b. session hijacking d. denial-of-service
d. denial-of-service
Penetration testers and security testers need technical skills to perform their duties effectively. T/F
True
What specific term does the U.S. Department of Justice use to label all illegal access to computer or network systems? a. Hacking b. Cracking c. Security testing d. Packet sniffing
A. Hacking
What port does the Simple Mail Transfer Protocol, or SMTP service use? a. 25 c. 69 b. 53 d. 80
a. 25
How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix? a. 254 c. 65,000 b. 512 d. 16 million
a. 254
What port is typically reserved and utilized by the Secure Hypertext Transfer Protocol to create a secure connection to a Web server? a. 443 c. 434 b. 80 d. 408
a. 443
