CEHv12: Certified Ethical Hacker Practice Questions Part 7

What is the best defense a security engineer performs when he finds some vulnerability in a system caused by the weakness of the installed application?

An attacker completely changes the appearance of a website by replacing the original data and writing their own messages. What type of attack did he perform?

How do security engineers defend their applications from XSS Attacks?

Which of the following method is used to prevent SQL injection attacks?

The type of SQL injection attack in which the attacker has no error message from the system with which to work and the attacker sends a malicious SQL query to the database is called______.

The attacker performs a query like the below:
SELECT* FROM users WHERE name =’’ OR ‘1’ = ’1 ;
Which of the following type of SQL injection based on the query?

A network engineer configured a new access point using WPA2 from a security perspective. What is the best way to prevent an attacker from performing WPA2 cracking at the access point?

What is a technique to detect rogue AP using access point ability to detect neighboring APs operating in the nearby area?

Which of the following is a mobile hacking countermeasure?

To ensure the correct defensive implementation for the cloud security architecture in a cloud environment, what category of security control is used to minimize an accident’s consequences, probably by limiting the damage?

What is the best description of Mobile Device Management (MDM)?

Which of the following are NOT basic features of Mobile Device Management (MDM)?

Which of the following tool is used for Session Splicing?

Which of the following tool is used for Evasion IDS/Firewall?

Which tool does an attacker use to capture and read real-time data on a wireless network?

A tool consists of a detector, packet sniffer, WEP, and WAP/WAP2 – PSK cracker and analysis tool for 802.11 wireless networks. Which tool does an attacker use for cracking a password?

Which of the following Nmap options is used to perform the Stealth Scan technique?

A penetration tester scans the target system using Nmap and gets a result like the picture below. Which option did he use for scanning?

Which of the following tool would a penetration tester use to perform a vulnerability assessment on the system?

Which of the following tool is used to perform website mirroring?

Hyena is a tool for managing and securing the windows operating system and uses a windows explorer-style interface for all operations. It shows shares and user login names for windows servers and domain controllers. What is the purpose of using this tool?

What tool would a network administrator use to perform SNMP enumeration on their network?

Which of the following DoS tool is a High-speed multi-threaded HTTP Flood and is designed to perform attacks on up to 256 target URLs at the same time?

The system administrator wants to ensure appropriate patches are installed on the system to fix bugs and vulnerabilities. He needs to detect missing security patches and choose what patches need to install on the system. Which of the following tool can be used to help a system administrator?

Which tool does an attacker use to gain access to the web server with the exploitation of a known vulnerability?

A company performs penetration testing for small and medium-size businesses in the local area. The main objective of testing is to assess all vulnerabilities in web applications used by the company. Which of the following tools to find the vulnerability?

Which tool does a network administrator use to detect SQL Injection Attacks by using the below-mentioned configuration?

Which of the following Android app allows you to sniff and intercept web session profiles over Wi-Fi?

A penetration tester is conducting a port scan on a specific host and finds several ports opened. Based on the Nmap results below, which of the following system used on the target machine?

The company asks you to perform penetration testing to improve security on its network. Therefore, they did not provide any information besides the company name. What should be the first step in security testing the client?

A web server got attacked using obstructed URL.

How would you prevent these attacks?

The penetration tester attempts to insert the following test script into the search area on the company’s website,
< script>alert(“this is Penetration Testing”)
After that, a pop-up box appears on the screen when the tester presses the search button. Which type of vulnerability has been detected in the web application?

OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS V1) network protocols and related cryptography standards required by them. Choose the correct command to connect to a secure server.

The OWASP Top 10 is a standard awareness document for developers and web application security. Which of the following is the most critical security risk based on the OWASP top 10?

An employee reported to the IT staff that someone had unauthorized access to their computer. The IT staff takes action to disconnect the computer and power it down. What step in incident handling is performed here?

Hashing means generating a value or values from a text using a mathematical function. Which of the following is assured by the use of hash?

Which of the following tool a network administrator use to monitor TCP/UDP ports that are in a listening state or another state?

A network security engineer wants to perform daily scans to monitor the internal network and look for unauthorized devices. He writes a script that will use to scan the network every day. Which of the following programming language would most likely be used?

Which of the following programming language gets vulnerable to buffer overflow attacks?

Which of the following is the correct command to perform an XMAS Scan using Nmap?

What is the purpose of removing unnecessary ISAPI filters?

Which of the following stage in Web Server attack methodology has the purpose of knowing about the Web Server’s remote access capabilities, port and services, and other aspects of its security?

OS Fingerprinting is the process of gathering information about the operating system the target machine uses. Which of the following tool that used for passive OS fingerprinting?

Which of the following is NOT included in wireless Hacking Methodology?

What is the purpose of Wireless Access Control?

Which of the following is an example of Two-factor authentication?

Security analyst wants to capture website traffic in Wireshark. He wants to display all TCP packets using port 80. What should a display filter be used by The Security Analyst?

Which of the following incident handling process phases is to ensure employees are appropriately trained regarding the possibility of a data breach, develop incident response scenarios, and evaluate incident response plans?

IP address spoofing is a hijacking technique in which an attacker obtains a computer’s IP address, alters the packet headers, and sends request packets to a target machine, pretending to be a legitimate host. Which IP spoofing detection technique succeeds when the attacker is in the same subnet?

Based on the OSI Reference Model, which layer performs TCP/IP Session Hijacking?

What steps should a security analyst take after discovering some vulnerability on a company’s website?

The syntax below is used for creating a database account on DBMS. Which of the following DBMS type based on the exhibit?

The NIST has developed the secure Hash Algorithm (SHA), specified the Secure Hash Standard (SHS), and published it as a federal information processing standard (FIPS PUB 180). What is the block size used by SHA2-512?

Which of the following advanced google search operators allows an attacker to show lists of web pages that are similar to a specified web page?

A penetration tester wants to scan a company’s network. The network address is 192.168.1.64 with mask 255.255.255.192 with IP address servers 192.168.1.123 and 192.168.1.124. The tester scans the network using Nmap with the command: “nmap 192.168.1.64/29,” but not shown server in the scanning process. What should he do?

Which of the following type of viruses usually infects the files created by Microsoft products?

The attackers attempt to perform session hijacking. Which of the following method of session hijacking that attackers perform based on the picture below?

Domain Name System (DNS) has a few types of records. One type of them is AAAA Record. What is the purpose of the AAAA Record?

The system administrator wants to check a Linux machine’s file containing users’ passwords. Which of the following is a file that stores users’ passwords in Linux?

Which of the following is a file in the Linux directory that is used to store information such as logs, spool files, and temporary email files?

The system administrator set this configuration in the system:

What kind of system is the system administrator working with?

The system administrator considers analyzing server logs in Linux machines. Which of the following is the best command line tool that can be used to open log files via the terminal?

Based on the NITS cloud computing reference architecture, there are five significant actors in the cloud deployment. What actors independently examine cloud service controls to express an opinion thereon?

Which of the following is a countermeasure against SMTP Enumeration?

Which of the following type of cloud computing offers application software to subscribers on-demand over the Internet, and the provider charges for it on a pay-per-use basis?

Your company plans to migrate from on-premises to a public cloud service. What are the advantages of using a public cloud? (Choose two)

The NIST cloud computing reference architecture describes the primary actors, their activities, and functions in cloud computing. Which of the following best description of Cloud Carrier?

Your company implements information security control in the cloud. They use a strong authentication mechanism to prevent unauthorized access to the cloud system. Which of the following security control categories are performed by the company?

Footprinting is the first step of an attack on information systems in which an attacker collect information about the target network to identify the various way to attack the system. Which of the following are the active footprinting techniques? (Choose two)

An attacker wants to obtain information about who owned the specific domain, DNS, and other information related to that domain. Which of the following tool can be used by the attacker?

Which of the following google hacking technique used to find the files with a specific file extension?

An attacker secretly stands behind the victim and observers the employee’s activity on the computer to gain some credential information such as a username and password. Which of the following type of attacks the attacker performed?

Bob uses the Hping tool as a security analyst to scan the company network. He wants to perform UDP Scan for a specific target. Which command should be used?

Refer to the exhibit. Which of the following Nmap options that used?

Which of the following Nmap options performs the TCP Connect Scan technique?

Finding the target operating system is important for an attacker to compromise and target the network/machine. Parameters like Time to Live (TTL) and TCP window size in the IP header can be analyzed to get information about the operating system. Which of the following are the correct values of TTL and TCP Window size in the Windows machine? (Choose two)

As a penetration tester, you scan ports on the public server and find some ports open. One of the ports is UDP 137. What type of services are run on this server?

Which of the following tools are used for NetBIOS enumeration? (Choose two)

A Network administrator wants to perform LDAP enumeration on their network. Which of these tools would provide this action?

Which of the following countermeasures against LDAP Enumeration?

The vulnerability management life cycle is an important process that helps find and remediate security weaknesses before they are exploited. Which of the following step involved in creating baseline phases? (Choose two)

CVSS is a published standard that provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Three metrics are used in CVSS assessments to gauge vulnerabilities. The best Explanation of base metric is which of the following?

Which of the following tools is used for vulnerability analysis? (Choose two)

An attacker performs a password attack on the target using the brute-forcing technique. What type of password attack that performed?

A keylogger is a hardware or software program that secretly records each keystroke on the user’s keyboard. What are the types of hardware keystroke loggers? (Choose two)

Which of the following type of viruses are programmed in such a way that they rewrite themselves completely each time they infect a new executable file?

Standalone malicious programs that replicate, execute, and spread across network connections independently, without human intervention. Causing servers and individual computer systems to become overloaded and stop responding. Which of the following malware matches the description?

Which of the following are static malware analysis techniques? (Choose two)

In the penetration testing process, a tester does not know the network or application running on the company. What type of penetration testing is performed?

Which of the following standards is associated with the payment card industry?

Company XYZ uses a permissive policy to protect its own business. What is the best description of this policy?

The employee cannot access essential data on the company server. The failure of the company network caused it. What is the information security problem the company faces?

Which of the following controls ensures data integrity? (Choose two)

Which type of hacker attacks the system using tools and knowledge found on the internet?

Social engineers exploit human behavior (manners, enthusiasm toward work, laziness, innocence, etc.) to gain access to the targeted company’s information resources. Which of the following defense strategy against social engineering attacks such as dumpster diving? (Choose two)

An attacker launches a phishing attack with the target being a high-profile executive with valuable information. Which type of phishing attack is being discussed?

An attacker launches a DoS attack by spoofing the source IP address with the victim’s IP address and sends many ICMP ECHO request packets to an IP broadcast network. It causes all the hosts on the broadcast network to respond to the received ICMP ECHO requests. Which type of DoS attack was performed?

Which tools are used to launch a denial of service attack? (Choose two)

The DoS detection technique uses the Cumulative Sum (Cusum) algorithm to identify and locate the DoS attacks. The algorithm calculates actual versus expected local average deviations in the traffic time series. Which of the following DoS detection techniques is being discussed?

Which of the following is the best description of session hijacking?