Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 10


A company’s Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software?

A. Cross-site scripting vulnerability
B. Session management vulnerability
C. SQL injection vulnerability
D. Cross-site Request Forgery vulnerability

Correct Answer: A


An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS server and redirect the direction www.google.com to his own IP address. Now when the employees of the office wants to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?

A. MAC Flooding
B. Smurf Attack
C. DNS spoofing
D. ARP Poisoning

Correct Answer: C


Which results will be returned with the following Google search query?

site:Marketing.target.com accounting

A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.
B. Results matching all words in the query.
C. Results for matches on target.com and Marketing.target.com that include the word “accounting”
D. Results matching “accounting” in domain target.com but not on the site Marketing.target.com

Correct Answer: C


Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?

A. Malicious code is attempting to execute instruction a non-executable memory region.
B. A page fault is occuring, which forces the operating system to write data from the hard drive.
C. A race condition is being exploited, and the operating system is containing the malicious process.
D. Malware is executing in either ROM or a cache memory area.

Correct Answer: A


As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing. What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?

A. Service Level Agreement
B. Project Scope
C. Rules of Engagement
D. Non-Disclosure Agreement

Correct Answer: C


When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

A. False negative
B. True negative
C. True positive
D. False positive

Correct Answer: D


The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520. What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

A. Public
B. Private
C. Shared
D. Root

Correct Answer: B


Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands: What is she trying to achieve?

A. She is using ftp to transfer the file to another hacker named John.
B. She is using John the Ripper to crack the passwords in the secret.txt file
C. She is encrypting the file.
D. She is using John the Ripper to view the contents of the file.

Correct Answer: B


What is the correct process for the TCP three-way handshake connection establishment and connection termination?

A. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: FIN, ACK-FIN, ACK
B. Connection Establishment: ACK, ACK-SYN, SYN Connection Termination: FIN, ACK-FIN, ACK
C. Connection Establishment: FIN, ACK-FIN, ACK Connection Termination: SYN, SYN-ACK, ACK
D. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: ACK, ACK-SYN, SYN

Correct Answer: A


env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’
What is the Shellshock bash vulnerability attempting to do a vulnerable Linux host?

A. Removes the passwd file
B. Changes all passwords in passwd
C. Add new user to the passwd file
D. Display passwd content to prompt

Correct Answer: D


Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides ‘security through obscurity’. What technique is Ricardo using?

A. Encryption
B. Steganography
C. RSA algorithm
D. Public-key cryptography

Correct Answer: B


A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

A. Try to sell the information to a well-paying party on the dark web.
B. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.
C. Ignore it.
D. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.

Correct Answer: D


Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

A. nmap –p 445 –n –T4 –open
B. nmap –p 445 –max –Pn
C. nmap –sn –sF 445
D. nmap –s 445 –sU –T5

Correct Answer: A


It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short-range wireless connection. Which of the following terms best matches the definition?

A. Bluetooth
C. InfraRed
D. Radio-Frequency identification

Correct Answer: A


Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

A. Read the first 512 bytes of the tape
B. Perform a full restore
C. Read the last 512 bytes of the tape
D. Restore a random file

Correct Answer: B


A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

A. Attempts by attackers to access the user and password information stored in the company’s SQL database.
B. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.
C. Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.
D. Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.

Correct Answer: B


To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such an audit?

A. Protocol analyzer
B. Intrusion Detection System
C. Port scanner
D. Vulnerability scanner

Correct Answer: D


You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

A. Social engineering
B. Piggybacking
C. Tailgating
D. Eavesdropping

Correct Answer: A


Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information besides the company name. What should be the first step in security testing the client?

A. Reconnaissance
B. Escalation
C. Scanning
D. Enumeration

Correct Answer: A


A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

A. Accept
B. Delegate
C. Mitigate
D. Avoid

Correct Answer: B


OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

A. openssl s_client –site www.website.com:443
B. openssl_client –site www.website.com:443
C. openssl_client –connect www.website.com:443
D. openssl s_client –connect www.website.com:443

Correct Answer: D


Which of the following describes the characteristics of a Boot Sector Virus?

A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
D. Overwrites the original MBR and only executes the new virus code.

Correct Answer: C


John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort?

A. Increase his technical skills
B. Read the incident manual every time it occurs
C. Select someone else to check the procedures
D. Create an incident checklist

Correct Answer: D

You may also like:

Sarcastic Writer

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.

Related Posts