Quiz: Certified Ethical Hacker Part 2

Vulnerability Database launched by NIST is:

Which of the followings is not a Vulnerability Scanning tool?

Which of the followings is not an example of Non-Electronic / Non-Technical Password Attacks?

Bob is cracking a password by using the list of known and common phrases until the password is accepted. Which type of attack is this?

An attacker is cracking the password by trying every possible combination of alpha-numeric characters. Which of the following types of Password Cracking is this?

Addition of characters in the password to make it one-way function is called:

Which of the following is a framework that can perform automated attacks on services, applications, port & unpatched software?

Cracking password with pre-computed hashes is called:

How can you mitigate Rainbow table attack?

Which of the following statements is the appropriate definition of malware?

Which of the followings does not belong to the virus?

Malware Static Analysis is:

Malware Dynamic Analysis is:

Which of the followings does not belongs to Trojan deployment?

_____________ is used to hide malicious program while creating Trojan.

____________ is used to bind malicious program while creating Trojan.

____________ is used to drop malicious program at the

Sniffing is performed over:

Sniffing without interfering is known as:

The port, which allows you to send a copy of packet over another port at layer 2 is called:

Wiretapping with legal authorization is called:

Which one of the followings is the best option to defend against ARP poisoning?

Which of the following Wireshark filters display packet from 10.0.0.1?

A phishing attack is performed over:

Basic Purpose of Social Engineering attacks are:

Which of the followings is not a type of Human-based Social Engineering?

Attack performed by a disgruntled employee of an organization is called:

To defend against a phishing attack, a necessary step is:

The technique of passing the restricted area by an unauthorized person with an authorized person is called:

The technique of passing the restricted area by an unauthorized person by following an authorized person is called:

When an attack denies the services and resources, and become unavailable for legitimate users, it is known as:

DoS attack in which flooding of the request overloads web application or web server is known as:

DoS Attack focused on hardware sabotage is known as:

DoS attack in which Intermediary and Secondary victims are also involved in the process of launching a DoS attack is known as:

Scanning technique with a list of potentially vulnerable machines is known as:

Scanning any IP address from IP address Space for vulnerabilities is called:

When an attacker directly exploits and copies the malicious code to the victim’s machine, this propagation is called:

When an attacker exploits the vulnerable system, and opens a connection to transfer malicious code, this propagation is called:

An automated process of detecting DoS/DDoS attacks by analysis of input signals is called:

Sequential Change-Point detection algorithm uses the ________________ technique to detect DoS/DDoS attack.

_______________ Filtering Standard is designed for Ingress filtering for multi-homed networks to limit the DDoS attacks.

The process of silently dropping the traffic (either incoming or outgoing traffic), so that the source is not notified about the discarding of the packet, is known as:

Which statement defines session hijacking more accurately?

Which of the followings do not belong to session hijacking attack?

In session hijacking, a technique is used to send packets via specific route, e., identical to victim’s path, this technique is known as:

Session Fixation is vulnerable to _______________.

HIDS is deployed to monitor activities on the _____________.

A computer system is placed in between public and private network, certain roles and responsibilities are assigned to this computer to perform. This System is known as:

Cisco ASA with FirePOWER Services is an example of:

The devices or system that are deployed to trap attackers attempting to gain unauthorized access to the system or network as they are deployed in an isolated environment and being monitored are known as: