Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 13


Which of the following is the successor of SSL?

B. IPSec

Correct Answer: D


This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach. Which of the following organization is being described?

A. Institute of Electrical and Electronics Engineers(IEEE)
B. International Security Industry Organization (ISIO)
C. Center for Disease Control (CDC)
D. Payment Card Industry (PCI)

Correct Answer: D


Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.

A. Stacheldraht
C. R-U-Dead-Yet? (RUDY)
D. MyDoom

Correct Answer: C


WPA2 uses AES for wireless data encryption at which of the following encryption levels?

A. 64 bit and CCMP
B. 128 bit and CRC
C. 128 bit and CCMP
D. 128 bi and TKIP

Correct Answer: C


You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet Which of the following IP addresses could be leased as a result of the new configuration?


Correct Answer: C


Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

A. Create a disk image of a clean Windows installation
B. Use the built-in Windows Update tool
C. Use a scan tool like Nessus
D. Check MITRE.org for the latest list of CVE findings

Correct Answer: C


You are analyzing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs. – What command you would use?

A. tshark –net mask
B. wireshark –capture –local –masked –range 24
C. sudo tshark –f “net”
D. wireshark –fetch “192.168.8/*”

Correct Answer: B


Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?

A. Heartbeat Attack
B. Spear Phishing Attack
C. Shellshock Attack
D. Watering Hole Attack

Correct Answer: D


What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

A. Behavioral based
B. Heuristics based
C. Honypot based
D. Cloud based

Correct Answer: D


Which of these options is the most secure procedure for storing backup tapes?

A. In a climate controlled facility offsite
B. In a cool dry environment
C. On a different floor in the same building
D. Inside the data center for faster retrieval in a fireproof safe

Correct Answer: A


Which security strategy requires using several, varying methods to protect IT systems against attacks?

A. Defense in depth
B. Covert channels
C. Exponential backoff algorithm
D. Three-way handshake

Correct Answer: A


Which utility will tell you in real time which ports are listening or in another state?

A. Netsat
B. Loki
C. Nmap
D. TCPView

Correct Answer: D


Which of the following statements regarding ethical hacking is incorrect?

A. An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services
B. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization’s systems
C. Ethical hacking should not involve writing to or modifying the target systems.
D. Testing should be remotely performed offsite.

Correct Answer: B


A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010

A. 10011101
B. 10001011
C. 10111100
D. 11011000

Correct Answer: B


Why containers are less secure than virtual machines?

A. Host OS on containers has a larger surface attack.
B. Containers are attached to the same virtual network.
C. Containers may fulfill disk space of the host.
D. A compromise container may cause a CPU starvation of the host.

Correct Answer: D


Which of the following is a component of a risk assessment?

A. Administrative safeguards
B. Physical security
C. Logical interface

Correct Answer: A


Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

C. biometrics
D. single sign on

Correct Answer: A


You are monitoring the network of your organizations. You notice that:

1. There are huge outbound connections from your Internal Network to External IPs
2. On further investigation, you see that the external IPs are blacklisted
3. Some connections are accepted, and some are dropped
4. You find that it is a CnC communication

Which of the following solution will you suggest?

A. Block the Blacklist IP’s @ Firewall
B. Update the Latest Signatures on your IDS/IPS
C. Clean the Malware which are trying to Communicate with the External Blacklist IP’s
D. Block the Blacklist IP’s @ Firewall as well as Clean the Malware which are trying to Communicate with the External Blacklist IP’s.

Correct Answer: D


Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

A. Scanning
B. Footprinting
C. Enumeration
D. System Hacking

Correct Answer: B


Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

A. Encrypt the backup tapes and transport them in a lock box.
B. Degauss the backup tapes and transport them in a lock box.
C. Hash the backup tapes and transport them in a lock box.
D. Encrypt the backup tapes and use a courier to transport them.

Correct Answer: A


A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?

A. tcp port = = 21
B. tcp. port = 23
C. tcp.port = = 21 | | tcp.port = =22
D. tcp.port ! = 21

Correct Answer: A


What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

A. Man-in-the-middle attack
B. Meet-in-the-middle attack
C. Replay attack
D. Traffic analysis attack

Correct Answer: B


What is the minimum number of network connections in a multihomed firewall?

A. 3
B. 2
C. 5
D. 4

Correct Answer: B