Certified Ethical Hacker CEH v10 Part 2

Vulnerability Database launched by NIST is:

Which of the following is not a Vulnerability Scanning tool?

Which of the following is not an example of Non-Electronic / Non-Technical Password
Attacks?

Bob is cracking a password using the list of known and common phrases until the
password is accepted. Which type of attack is this?

An attacker is cracking the password by trying every possible combination of alpha-
numeric characters, which of the following type of Password Cracking is this?

Addition of characters in the password to make it one-way function is called

Which of the following is a framework that can perform automated attacks on
services, applications, port & unpatched software?

Cracking password with precomputed hashes is

How can you mitigate Rainbow table attack?

Which of the following statement is the appropriate definition of malware?

Which of the following does not belongs to the virus?

Malware Static Analysis is

Malware Dynamic Analysis

Which of the following does not belongs to Trojan deployment?

Following is used to hide malicious program while creating Trojan

Following is used to bind malicious program while creating Trojan

Following is used to drop malicious program at the target

Sniffing is performed over

Sniffing without interfering is known as

The port which allows you to send a copy of packet over another port at layer 2 is
called

Wiretapping with legal authorization is called

Which is the best option to defend against ARP poisoning

A phishing attack is performed over

Basic Purpose of Social Engineering attacks are

Which of the following is not a type of Human-based Social Engineering?

Attack performed by a disgruntled employee of an organization is called

To defend against phishing attack, the necessary step is

The technique of passing restricted area of an unauthorized person with an authorized
person is called

The technique of passing restricted area of an unauthorized person by following an
authorized person is called

Which of the following Wireshark filter displays packet from 10.0.0.1?

An attack, which denied the services, and resources become unavailable for legitimate
users is known as

DoS attack in which flooding of the request overloads web application or web server is
known as

DoS Attack focused on hardware sabotage is known as

DoS attack in which intermediary and Secondary victims are also involved in the
process of launching a DoS attack is known as:

Scanning technique with a list of potentially vulnerable machines is known as

Scanning any IP address from IP address Space for vulnerabilities is called

When an attacker directly exploits and Copy the malicious code to the victim’s
machine, the propagation is:

When an attacker exploits the vulnerable system, and open a connection to transfer
malicious code, the propagation is called

An automated process of detecting DoS/DDoS attacks by analysis of input signals is
called

Sequential Change-Point detection algorithm uses the following technique to detect
DoS/DDoS attack

Following Filtering Standard is designed for Ingress filtering for multi-homed
networks to limit the DDoS attacks.

The process of silently dropping the traffic (either incoming or outgoing traffic) so
that the source is not notified about discarding of the packet.

Which statement defines session hijacking most accurately?

Which of the following does not belongs to Session hijacking attack?

In Session hijacking, a technique is used to send packets via specific route, i.e.,
identical to victim’s path, this technique is known as

Session Fixation is vulnerable to

HIDS is deployed to monitor activities on the following

A computer system is placed in between public and private network, certain roles and
responsibilities are assigned to this computer to perform. This System is known as

Cisco ASA with FirePOWER Services is an example of

The devices or system that are deployed to trap attackers attempting to gain
unauthorized access to the system or network as they are deployed in an isolated
environment and being monitored are known as