CEHv12: Certified Ethical Hacker Practice Questions Part 8

Based on the exhibit. Which of the following methods of session hijacking that attackers perform?

Which of the following is the type of Network-level hijacking? (Choose two)

Security Engineers use a honeypot to trap attackers trying to penetrate an organization’s network. These honeypots simulated all services and applications. Which of the following honeypot types is described?

Bob, as a system administrator, notices some issues on the server. He tried to analyze the server and found that the server had been compromised, but no alert occurred from IDS. What type of alert should have occurred for this kind of situation?

Which OSI layers does the packet filtering firewall work on?

A Security engineer wants to use a honeypot to trap an attacker who wants to penetrate an organization’s network. Which tool can be used? (Choose two)

Which of the best description of the Directory Traversal Attack?

You can gather valuable system-level data such as account details, OS, software versions, server names, and database schema details by performing web server footprinting. Which tool should be used for web server footprinting? (Choose two)

What is the best description of In-Band SQL Injection?

The exhibit show syntax for creating a database account. Which of the types of DBMS shown?

Which tools are used to detect SQL Injection attacks? (Choose two)

Which antennas are commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

Which is the best description of the encryption algorithm AES?

By using another AP, a hacker attacks the Access point and places it near the corporate target network. Which type of attack is performed?

What is the purpose of doing the steps below?
Step 1: Register with WIGLE and download map packs of your area to view the plotted access points on a geographic map.
Step 2: Connect the antenna and GPS device to the laptop via a USB serial adapter, and board a car.
Step 3: Install and launch NetStumbler and WIGLE client software and turn on the GPS device speeds
Step 4: Drive the car at speeds of 35 mph or below (At higher, the Wi-Fi antenna will not be able to detect Wi-Fi spots).
Step 5: Capture and save the NetStumbler log files that contain the GPS coordinates of the access points.
Step 6: Upload this log file to WIGLE, automatically plotting the points onto a map.

An attacker uses the following steps:
Step 1: The attacker sniffs the victim’s wireless parameters (the MAC address, ESSID number of channels/BSSID),
Step 2: The attacker then sends a DEAUTH request to the victim with the spoofed source address of the victim’s AP.
Step 3: On receiving the request, the victim’s computer is de-authenticated and searches all channels for a new valid AP.
Step 4: The attacker then sets a forged AP on a new channel with the original MAC address (BSSID) and ESSID of the victim’s AP, connecting the victim to the forged AP.
Step 5: After the victim’s successful association with the forged AP, the attacker spoofs the victim to connect to the original AP.
Step 6: The attacker sits between the access point and the victim and listens to all the traffic.
Which type of attack did an attacker perform?

When an attacker sends an oversized ping packet to a victim’s device, which of the following Bluetooth attack causing a buffer overflow?

Which is the best practice to defend against wireless attack? (Choose two)

Aircrack-ng Suite is a network software suite consisting of a detector, packet sniffer, WEP, and WPA/WPA 2 – PSK cracker and analysis tool for 802.11 wireless networks. Which of the following tool used for traffic generation fake authentication packet replay and ARP request injection?

Which of the following are the top OWASP Mobile risks? (Choose two)

The enormous usage of mobile devices has grabbed the attention of attackers. Mobile devices access many of the resources that traditional computers use. Mobile devices also have unique features that add new attack vectors and protocols. Which of the following are mobile attack vectors? (Choose three)

Why should a company use Mobile Device Management (MDM)? Choose two

Which of the following is the mobile protection tool?

The company uses cloud services that offer application software over the Internet. The provider charges it on a pay-per-use basis by subscription, advertising, or sharing among multiple users. Which of the following type of cloud computing services is used?

A company chooses migration the network infrastructure to public cloud services. What are the advantages of using a public cloud? (Choose two)

Based on NIST reference architecture, which of the following actors manages the computing infrastructure intended to provide services (directly or via a cloud broker) to interested parties via network access?

In a cloud environment, we must ensure the correct placement of security control implementation. Which of the following security control in the cloud environment that used to strengthen the system against incidents, probably by minimizing or eliminating vulnerabilities?

What are the advantages of using symmetric Encryption? (Choose two)

In cryptography, a cipher is an algorithm for performing encryption and decryption. What are the types of classical ciphers? (Choose two)

SHA1 It is a 160-bit hash function that resembles the former MD 5 algorithm developed by Ron Rivest. It produces a 160-bit digest from a message with a maximum length of (264 – 1) bits. What is the block size used by SHA1?

In Public Key Infrastructure, which of the following components acts as the certificate authority’s verifier?

Which of the following protocol used to ensure security in transferring files across the network?

A network administrator noticed from the employees that one computer in the finance department could not access the internet. He needs to check the computer is accessible from the network by using a ping command. Which of the following protocol is used when running a ping command?

Which protocol would be used for remote GUI access to the Windows machine?

The attacker makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions. Which type of cryptography attack is being described?

________________ is the process of checking the services running on the target computer by sending a sequence of messages in an attempt to break in.

Which type of the following scanning techniques is based on the Nmap result?

Which IDS evasion technique is used by attackers to encode the attack packet payload so the destination host can only decode the packet, not an IDS?

Which of the following is the best description of banner grabbing?

Attackers use OpenSSH (OpenBSD Secure Shell) to encrypt and tunnel all traffic from a local machine to a remote machine to avoid detection by perimeter security controls. What is the type of evasion method that the attacker performs?

How to detect a honeypot that runs on VMWare?

It is a process to ensure an appropriate patch is installed on systems, such as bug fixing, security patches, and fixing a known vulnerability. Which of the following is the best term based on the description?

How do security engineers defend their applications from XSS Attacks?

Which of the following are the SQL Injection countermeasures (Choose two)

After the data breach, a security engineer continues finding and eliminating the root cause and ensuring all system is updated and patched. What step in incident handling is performed?

To hack wireless networks, an attacker follows a hacking methodology. This process provides systematic steps to attack a target wireless network successfully. A wireless hacking methodology helps an attacker to reach the goal of hacking a target wireless network. Which is the first step in this methodology?

Which of the following stages in web server attack methodology does the attacker copy a website and its content onto another server for offline browsing?

In the Domain Name System (DNS), which type of record is for the IPv4 address?

The finance department uses network address 10.10.10.0/28. Network administrators restrict this network from accessing the outside network. The employee in the finance department tried to ping 10.10.10.20 and failed to connect. Why did this happen?

A company uses 10.20.29.0/27 for the local network. Which of the following subnet masks is in this network?

An attacker sniffs the network by injecting ARP packets. He injects a broadcast frame to conduct a MiTM attack. Which of the following is a destination MAC address of the broadcast frame?

Bob, as a pen-tester, uses a virus detection method by reading the entire disk and recording integrity data that acts as a signature for the files and system sectors. Which type of virus detection method did Bob use in this context?

Most attacks come from an insider who has direct access to the company system. Who is an insider?

A system administrator wants to identify malicious attempts on the systems. Which of the following is designed for this context?

In the Linux system, you want to view firewall logs to evaluate network traffic. It would be best if you searched the specific logs quickly and efficiently. Which command-line utility are you most likely to use?

Which of the following are examples of certification authorities? (Choose two)

The attacker gets access to the company network using wireless media. It happened because weak wireless security was implemented. Which type of wireless security was used?

Which of the following are Intrusion Detection System (IDS) tools for Mobile? (Choose two)

Firewalls protect computers against viruses, privacy threats, objectionable content, hackers, and malicious software when connected to the Internet. Which of the following are examples of a firewall solution? (Choose two)

Alice, as a pen-tester, wants to perform vulnerability scanning on a company network. What tools should Alice use? (Choose two)

Which of the following tools protects the network from a Denial-of-Service (DoS) Attack?

Patch management is a defense against vulnerabilities that cause security weakness or corrupt data. It is a process of scanning for network vulnerabilities, detecting missed security patches and hotfixes, and then deploying the relevant patches as soon as they are available to secure the network. What is the example tool for patch management? (Choose two)

These tools scan for vulnerabilities in a target server and web applications, send alerts on hacking attempts, scan for malware in the web server, and perform many more security assessment activities. Which of the following tools is described? (Choose two)

Finding a Wi-Fi network or device is the first step in wireless hacking methodology. An attacker performs Wi-Fi discovery to locate a target wireless network. Wi-Fi discovery procedures include footprinting the wireless networks and finding the appropriate target network that is in range to launch the attack. Which of the following tool should be used?

A pen-tester is attacking wireless networks using fake authentication and ARP request injection. A pen-tester should use which tool?

Which of the following tools performs Bluetooth hacking? (Choose two)

Which wireless standard has bandwidth up to 54 Mbps with a frequency spectrum of around 2.4 GHz?

What does ICMP type code 3 mean?

nmap -sL 10.10.10.200-220
The NMAP command above performs which of the following?

A security engineer performs daily internal network scans to look for unauthorized devices. He decided to write a script to scan the network for unauthorized devices every morning at 10:00 am. Which of the following programming languages would be used?

Which operating system assists you in masking your IP address to visit websites without being tracked or identified while keeping your activity and identity protected?

A Network engineer needs a tool for intrusion prevention and detection, sniffing the network, and recording network activity. What tool should be recommended?

It is the process of replacing unwanted bits in an image and its source files with secret data. Which of the following term is being described?

A firewall is a software- or hardware-based system located at the network gateway that protects the resources of a private network from unauthorized access by users on other networks. Which firewall is an architecture designed to host servers that offer public services?

As a Network Administrator for XYZ Company, you get a complaint from an employee that some websites are no longer accessible. You try to analyze the problem by testing the connection using the ping command and find them reachable. But they are not accessible when using URLs. What may be the problem?

Which type of firewall filters packets present at the application layer of the OSI model?

What is the best description of the grey box penetration testing?

The asymmetric key system is an encryption method using a key pair, one public key available to anyone and one private key held only by the key owner that helps to provide confidentiality, integrity, authentication, and nonrepudiation in data management. Which of the following is an example of an asymmetric encryption implementation?

Which of the following steps should an attacker take to ensure the compromised target cannot trace back to the source of the problem?

____________ is the technique where random strings of characters are added to the password before calculating their hashes.

An employee informed the IT staff that the computer could not access the Internet using a wireless access point. When the IT staff examines the IP address and default gateway, they are in the same IP address. Which of the following occurred?

Which of the following tools is used to launch a SQL injection attack?

Which is used to deny network access to local area networks and secure them from unauthorized wireless devices. Which is being described?

Which of the following is a tool for covering the track?

Which protocol is used for securing channels between two devices, typically in VPNs?

A hacker is trying to compromise a company’s computer system. To launch additional attacks, he needs to know what operating system that computer uses. What process would help him?

Windows and Linux have similar methods for creating the group. Each group has individual file permissions, and each user is assigned to a group based on their work. Which type of access control is used?

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Physical Security is always the top priority in securing anything. Information Security is also considered important and the first layer of protection. Which of the following is NOT the action to ensure physical Security?

Which protocol is used by smart cards to securely transfer certificates?

Which of the following is a valid list of risk assessment data-gathering activities?

For OS detection in Nmap, which of the following command-line switches would you use?

A security consultant is attempting to get a significant contract, including penetration testing and reporting. The company considering bids requires proof of work, so the consultant prints out numerous completed audits. As a result, which of the following is most likely to happen?

When a malicious person compels the user’s browser to send an authenticated request to a server, what form of vulnerability/attack is it?

From the given options, which of the following defines a hashing algorithm?

Employees will be able to connect to the company’s internal network using a secure remote access solution, which a security engineer will deploy. Which of the following strategies can be used to reduce the risk of a man-in-the-middle attack?

Which of the following instructions, when run on a Linux system, will launch the Nessus client in the background so that the Nessus server may be configured?

If an attacker uses the command:
SELECT*FROM user WHERE name = ‘x’ AND userid IS NULL; –‘;
Which type of SQL injection attack is being carried out by the attacker?

In a switched environment network, a hacker posing as a heating and air conditioning specialist was able to install a sniffer program. What kind of technique may the hacker employ to sniff all of the network’s packets?

Least privilege is a security concept in which a user must be ____________.