Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 12


Which of the following is assured by the use of a hash?

A. Authentication
B. Confidentially
C. Availability
D. Integrity

Correct Answer: D


Risks=Threats x Vulnerabilities is referred to as the:

A. BIA equation
B. Disaster recovery formula
C. Risk equation
D. Threat assessment

Correct Answer: C


The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

A. Network Sniffer
B. Vulnerability Scanner
C. Intrusion Prevention Server
D. Security Incident and Event Monitoring

Correct Answer: D


You have just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job?

A. Establish attribution to suspected attackers
B. Interview all employees in the company to rule out possible insider threats
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
D. Start the wireshark application to start sniffing network traffic.

Correct Answer: C


The purpose of a _______is to deny network access to local area networks and other information assets by unauthorized wireless devices.

A. Wireless Analyzer
B. Wireless Jammer
C. Wireless Access Point
D. Wireless Access Control List

Correct Answer: D


What does the –oX flag do in an Nmap scan?

A. Perform an Xmas scan
B. Perform an eXpress scan
C. Output the results in truncated format to the screen
D. Output the results in XML format to a file

Correct Answer: D


During an Xmas scan, what indicates a port is closed?

D. No return response

Correct Answer: A


While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

A. Clickjacking
B. Cross-Site Scripting
C. Cross-Site Request Forgery
D. Web form input validation

Correct Answer: C


Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: -Verifies success or failure of an attack – Monitors system activities – Detects attacks that a network-based IDS fails to detect. – Near real-time detection and response – Does not require additional hardware – Lower entry cost. Which type of IDS is best suited for Tremp’s requirements?

A. Network-based IDS
B. Open source-based IDS
C. Host-based IDS
D. Gateway-based IDS

Correct Answer: C


Which of the following parameters describe LM Hash:
I – The maximum password length is 14 characters
II – There are no distinctions between uppercase and lowercase
III – The password is split into two 7-byte halves

B. I
C. I, II, and III
D. I and II

Correct Answer: C


Which of the following is not a Bluetooth attack?

A. Bluesnarfing
B. Bluedriving
C. Bluesmacking
D. Bluejacking

Correct Answer: B


The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP’s Top Ten Project Most Critical Web Application Security Risks?

A. Cross Site Scripting
B. Injection
C. Path disclosure
D. Cross Site Request Forgery

Correct Answer: B


A pen-tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

A. Winprom
B. Libpcap
C. Winpsw
D. Winpcap

Correct Answer: D


Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is very hard to understand the code and that all codes differ from the typical java script. What is the name of this technique to hide the code and extend analysis time?

A. Steganography
B. Code encoding
C. Obfuscation
D. Encryption

Correct Answer: C


During the security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

A. Create a procedures document
B. Terminate the audit
C. Conduct compliance testing
D. Identify and evaluate existing practices

Correct Answer: D


You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 21 (msg:““FTP on the network!””;)

A. A firewall IPTable
B. FTP Server rule
C. A Router IPTable
D. An Intrusion Detection System

Correct Answer: D


While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap –Pn –p –sl kiosk.adobe.com www.riaa.com kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using “-sl” with Nmap?

A. Conduct stealth scan
B. Conduct ICMP scan
C. Conduct IDLE scan
D. Conduct silent scan

Correct Answer: C


What is the process of logging, recording, and resolving events that take place in an organization?

A. Incident Management Process
B. Security Policy
C. Internal Procedure
D. Metrics

Correct Answer: A


During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic?

A. Circuit
B. Stateful
C. Application
D. Packet Filtering

Correct Answer: C


The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

A. $1320
B. $440
C. $100
D. $146

Correct Answer: D


Which of the following is an extremely common IDS evasion technique in the web world?

A. Unicode Characters
B. Subnetting
C. Port Knocking
D. Spyware

Correct Answer: A


You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?


Correct Answer: B


What is a “Collision attack” in cryptography?

A. Collision attacks try to get the public key
B. Collision attacks try to break the hash into three parts to get the plaintext value
C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
D. Collision attacks try to find two inputs producing the same hash

Correct Answer: D