Certified Ethical Hacker v10 Practice Exam
How does a denial-of-service (DoS) attack operate?
A. A hacker prevents users from accessing a service.
Melissa is a virus that targeted Microsoft Windows platforms. To which category does this virus belong?
A. Macro
The category of hijacking a session by intercepting, modifying and injecting packets between client and server is described as:
A. Network Hijacking
Capturing traffic in a hub environment where a sniffer is usually placed in "promiscuous mode" and listens only is:
A. Passive Sniffing
Which of the following describes the function of EIP: Extended Instruction Pointer?
A. Points to the code that you are currently executing
Which encryption method is not based on a block cipher?
A. RC4
Which of the following attacks exploit OS/application installations that contain scripts or tools meant to help administrators be more efficient, but allow hackers access to powerful tools already installed on the host?
A. Shrink Wrap Code Attacks
Software or hardware which captures packets off the network is called:
A. Sniffer
An example of Defense In Depth is the combined use of a screening router, a network firewall, a network IDS and a host-based firewall.
A. TRUE
Attackers will usually encode their exploits and payloads to prevent detection by clear text signatures.
A. TRUE
Gray Hat Hackers use their skills for both offensive and defensive purposes that are not illegal or malicious and have approval to operate.
A. TRUE
Patch management ensures appropriate patches are installed on all systems.
A. TRUE
Port scanning tools enable a hacker to learn about services running on a host.
A. TRUE
SHA takes a message of arbitrary length as input and produces a 160-bit fingerprint or message digest.
A. TRUE
The HIPPA Privacy Rule regulates the use and disclosure of protected health information.
A. TRUE
Bills for unused services are a sign of identity theft.
A. True
DHCP starvation is a type of denial-of-service attack.
A. True
Drawing of symbols in public places to publicize an open Wi-Fi wireless network is called what?
A. WarChalking
A WiFi network scanner which scans, identifies, and filters hundreds of nearby access points is called?
A. inSSIDer
Which nmap command option performs a scan using the initial TCP handshake but sends an RST instead of ACK?
A. sS SYN Stealth Scan
Which of the following is a business threat category?
ALL OF THE ABOVE
The difference between signature detection and anomaly detection is:
B. Anomaly detection relies on finding differences and signature detection relies on known attacks.
A large collection of compromised hosts that are used to conduct DDoS attacks and other malicious actions are known as:
B. BotNets
The spoofing technique that causes the victim system to lose track of the proper sequence number required to continue a secure connection is called:
B. Desynchronization
A digital signature is a message that is encrypted with the public key instead of the private key.
B. FALSE
A penetration test is the evaluation of the vulnerabilities of an information system or network.
B. FALSE
During the vulnerability assessment phase of the vulnerability assessment lifecycle, inference-based techniques use information such as the type of operating system to identify vulnerabilities.
B. FALSE
Fuzzing is a security software for Windows capable of detecting and preventing buffer overflows.
B. FALSE
If organizations take advantage of the anonymity of cryptocurrencies such as Bitcoin they are protected from ransomeware attacks.
B. FALSE
In a public key infrastructure the public key is used to unencrypt a message and sign messages.
B. FALSE
Which of the following is a collection of tools to facilitate session hijacking, including libraries for sending or receiving data?
B. Hjksuite
All of the following are SMTP commands EXCEPT:
B. PARSE
Which of the following best describes a rootkit?
B. Programs that have the ability to hide themselves and cover traces of a hackers activities.
Which hashing function uses 160-bit digest?
B. SHA 1
All of the following are examples of evasion techniques EXCEPT:
B. Sender Target
An email which claims to be from a legitimate source and attempts to solicit information or convince a senior executive to take some sort of action is known as:
B. Whaling
System-user passwords are typically stored:
C. As hashes in a system password file.
A virus that does not increase the size of the infected file by hiding in the "open space" of a file is what type of virus?
C. Cavity
Which of the following is the most effective countermeasure to password cracking?
C. Compose a strong password based on a phrase that results in a random combination of letters and numbers and symbols
The act of scanning a firewall to determine what ports it has open, and to determine if these open ports actually connect to a legitimate host on the inside of the network, is called?
C. Firewalking
Which of the following analyzes an operating system and all the applications on the network to discover any security flaws that are present?
C. GFI LAN Guard
Which of the following is an application programming interface used to access the Google search engine?
C. Google API
What does the term Hacktivism mean?
C. Hackers who are hacking for a cause.
All of the following can help protect yourself from Google Hacking EXCEPT:
C. Keep default pages and samples
Which of the following is a collection of Internet information gathering and network troubleshooting utilities?
C. NetScanTools Pro
Which of the following established a code of fair information practice that governed the collection, maintenance, use, and dissemination of personally identifiable information (PII)?
C. Privacy Act of 1974
The Risk Management process includes all of the following steps EXCEPT:
C. Risk Vulnerability
Overwhelming an application with traffic is what kind of application attack?
C. SYN flood
Individuals who download and use scripts/exploit tools with no real understanding of the concepts being employed in causing an effect are called?
C. Script Kiddies
The act of altering configuration files and the expected operation of a service is known as what kind of attack?
C. Service Reconfiguration
All of the following are denial-of-service categories EXCEPT:
C. Stabilization
Which of the following was created in response to the September 11, 2001, terrorist attacks?
C. U.S. Patriot Act
OWASP's Top 10 IoT Vulnerabilities are provided to help developers, manufacturers, enterprises and consumers make well-informed decisions when building and using IoT devices. A user recently learns of a vulnerability in their web camera's software, which allows an attacker to log in using default admin credentials to view the camera's video feed. Which of OWASP's Top 10 IoT Vulnerabilities does this BEST fall under?
C. Weak, guessable, or hardcoded passwords
Which of the following defines a Wrapper, in the context of Trojans?
D. A tool that allows you to bind an executable of choice to an innocent looking file.
Which of the following should organizations create as part of incident response planning?
D. All of the Above
Social engineering can be used to accomplish:
D. All of the above
Which of the following best represents the symptoms a host may have when infected by a virus or worm?
D. All of the above
Which of the following is a "clean computing habit" for users?
D. All of the above
Which of the following is a common proxy tool?
D. All of the above
Which of the following is a common tool used for LDAP enumeration?
D. All of the above
An attacker tries to access restricted directories and execute commands on the webserver by using the URL to change directories is called what type of attack?
D. Directory Traversal
The vulnerabilities on OWASP's Top 10 IoT Vulnerabilities are categorized by what two factors?
D. Rate of occurrence and severity level
An IDS alert where an intrusion did not occur and an alarm was not raised is a:
D. True Negative
What is a self-replicating program that does NOT require user intervention to spread?
D. Worm
ARP (Address Resolution Protocol) does not translate IP addresses to MAC addresses.
FALSE