CEH Quiz 1
Which of the following best describes a vulnerability?
no countermeasure available
A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?
notify the web site owner so that corrective action be taken as soon as possible to patch the vunerability
Which of the following is the most important step for an ethical hacker before performing pen testing?
obtain the written permission to hack from the company
What should you do if a friend asks you to perform a penetration test as a favor outside of your normal job of being a pentester for a consulting company?
obtain your employers permission to perform a test outside of your normal work
Footprinting: i) speeds up the hacking process ii) minimizes the chance of detection
only ii) is true
Bob has gone to an electronic retail store website to gather information of the top management especially their CEO and CFO names, email addresses and their phone numbers. Which of the following best describes this activity?
reconnaissance
Footprinting is an activity performed during the ______________________
reconnaissance phase
Which results will be returned with the following Google search query? site:target.com - site:Marketing.target.com accounting
results matching "accounting" in domain target.com but not on the site marketing.target.com
Which of the following best describes an unskilled individual who uses scripts and tools developed by others to attack websites?
script kiddie
Which of the following describes the level at which a business or an organization can defend against and withstand a cyberattack?
security posture
You send a receptionist an email that has pdf attached. The pdf has a malicious link in it. When the receptionist opens the email, he clicks on the link and is infected with malware that gives you access to his network. What type of testing method did you use for this attack?
social engineering
Which of the following tactics is used in social engineering attacks? [Select all that apply]
social validation authority
What is a hacktivist?
someone who engages in blackhat hacking for purely political reasons, not necessarily for personal gain
What is a script kiddie?
someone who uses applications and scripts that other people developed in order to engage in computing attacks
As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing. What document describes the specifics of the testing, the associated violations, and essentially protects both the organizations interest and your liabilities as a tester?
terms of engagement
An organization has just experienced a breach. The investigator/incident handler attempts to correlate the information in all of the logs, the sequence of many of the logged events don't match up or line up properly. What is likely the cause?
the attacker altered or erased the events from the logs
The white box testing methodology enforces what kind of restriction?
the internal operation of a system is completely known to the tester
The "gray box testing" methodology enforces what kind of restriction?
the internal operation of a system is only partly accessible to the tester
A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd How can he use it?
the password file does not contain the passwords themselves
A disgruntled employee is a potential:
threat
How can a DoS attack be prevented?
traffic filtering
An application that is designed to look like a known legitimate application or a benign file, but is actually malicious in nature is considered what type of malware?
trojan
Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document. Upon execution, a window appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA/local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?
trojan
An ethical hacker may be prosecuted in certain cases.
true
Hacktivist is a term used for individuals who claim to be hacking for a political or social cause. (T or F0
true
White-box testing is a security audit method performed starting with internal knowledge of the systems. (T or F)
true
What is Google Hacking?
using the google search engine to acquire information that's useful for information security attacks
Security assessment categories include which of the following? [Select all that apply]
white hat assessments vulnerability assessments security audits
An ethical hacker starts attempting an attack with zero prior knowledge about the network. What is that?
white hat attempting black box test
Which footprinting tool or technique can be used to find information about the domain registration, which may include names and addresses of technical points of contact?
whois
Which of these is a common tool used for footprinting and information gathering:
whois sam spade nslookup
An employee receives an email with the following body. Is this a likely phishing attempt? "Dear Matt, we suspect a security breach happened earlier this week. In order to prevent further damage, we need to verify everyone's VPN passwords. Please reply to this email with your VPN login information. Please do this right away, otherwise, you may lose access. Thanks! Sincerely, IT Department"
yes because it contains an urgent request for sensitive information
Which Linux folder holds the password and shadow files?
/etc
Modern Linux systems log all authentication attempts in a discrete file. This is located at which of the following locations.?
/var/log/auth.log
A newly discovered flaw in a software application would be considered which kind of security vulnerability?
0-day vunerability
You've been hired to test security for a business headquartered in Japan. Which regional registry would be the best place to go for network range determination?
APNIC
Your lab partner is trying to find out more information about a competitor's website. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registries. Which one would you suggest she looks in first?
ARIN
An ethical hacking report includes:
All of these
Which of these would be useful to a hacker during the 'scanning' phase of ethical hacking:
All of these
DoS is an attack on which of the following?
Availability
Botnets have proven to be ideal tools for launching _______ attacks.
DDoS
One of the key initial steps when performing a penetration test is what?
Ensuring permission and legal sign off
Google will only pull the information that is meant for public use out of webpages. (T or F)
False
Which of these would initiate countermeasures against security breach attempts:
IPS
Which of these is not a valid Google search command:
Insite
In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities. Example: allintitle: root passwd
Reconnaissance
A hacker may be both good and bad (depending on the situation). (T or F)
True
The popular search engine Google can act as a tool of the attacker. (T or F)
True
Which Google hack would display all pages that have the phrase "SQL" and "Version" in their titles?
allintitle:SQL version
Which one of these is not a valid Google search operator?
allinurl filetype intitle
Vulnerability mapping occurs after which phase of a penetration test?
analysis of host scanning
DoS is an attack on what?
availability
An attack on data integrity would be which of the following?
bit flip
You have acquired the certifications and talents of an Ethical Hacker. You deface the website of a local actor you resent. Which of the following applies?
black hat activity
A collection of a large number of compromised machines under the control of a master is known as a _____.
botnet
Which of these is a basic element of security:
confidentiality integrity availability
Which of the following term best describes a hacker who uses hacking skills for destructive purposes?
cracker
A background program that resides on a computer and services requests is called a(n):
daemon
What kind of loss is the most crucial?
data
Which computer crime is often carried out by insiders?
data diddling
Typically, as security increases, the system's functionality and ease of use _________ for the users.
decreases
Prior to initiating system hacking the CEH has performed three operations. All of these are operations which must be completed prior to hacking EXCEPT?
documenting
As a CISO (Chief Information Security Officer) you are looking to hire a team of penetration testers. Which of these would you select:
ethical hackers
Dumpster Diving is NOT passive reconnaissance.
false
Multiple Google search operators (hacks) cannot be combined in one line. (T or F)
false
apacheinurl' search operator allows for searching of apache servers using Google. (T or F)
false
Which of the following can an attacker acquire with Google Hacking?
files containing passwords in ciphertext, cleartext, or plaintext error messages specific vulnerability information
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
full disk encryption
Which of the following types of penetration testing requires partial knowledge of the target system or network?
gray box
Which of these tests focuses on auditing the level of access given to the employees or contractors in order to see if those privileges can be escalated:
gray box
If you are called to attack a system as an everyday 'user' of that system, you would call the test what?
grey box
Which of the following types of penetration testing requires partial knowledge of the target system or network?
grey box
Alyssa is performing a penetration test on an enterprise network. Upon gaining access to an administrator's workstation, she discovers a document containing plaintext passwords to the administrator's personal bank accounts. What should Alyssa do?
immediately report this finding to the administrator
During a routine assessment you discover information that suggests the customer is involved in human trafficking.
immediately stop work and contact the proper legal authorities
Which of these attackers are the greatest threat to any organization?
insiders
Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
internal, blackbox
What is a DoS attack?
its a way to gain access to or shut down servers by overloading them with network data
Which of the following programs is usually targeted at Microsoft Office products?
macro virus
