312-50: EC-Council Certified Ethical Hacker (CEH v12) - Mini

You got 48 of 62 possible points.

Question Results

Question: Score 1 of 1

You need to transfer sensitive data of the organization between industrial systems securely. For these purposes, you have decided to use short-
range wireless communication technology that meets the following requirements:

- Protocol based on the IEEE 203.15.4 standard;

Which of the following protocols will meet your requirements?

Response:

NB-IOT

MQTT

Zigbee

LPWAN

Question: Score 1 of 1
The primary advantage of an SPI firewall is what?

Response:

Maintaining session state

Blocking web attacks

Maintaining log information

Blocking zero-day attacks

Question: Score 1 of 1

___ is inherently insecure and does not provide strong authentication and encryption.

Response:

Wi-Fi open system authentication

Wi-Fi ad hoc authentication

Wi-Fi centralized server authentication

Wi-Fi shared key authentication

Question: Score 1 of 1

The cyber kill chain is essentially a cybersecurity model created by Lockheed Martin that traces the stages of a cyber-attack, identifies
vulnerabilities, and helps security teams to stop the attacks at every stage of the chain. At what stage does the intruder transmit the malware via a
phishing email or another medium?

Response:
 Weaponization

Installation

Actions on Objective

Delivery

Question: Score 0 of 1

Which of the following will allow you to prevent unauthorized network access to local area networks and other information assets by wireless
devices?

Response:

AISS

HIDS

NIDS

WIPS

Question: Score 1 of 1

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and
avoid detection.

Identify the behavior of the adversary in the above scenario.

Response:

Use of command-line interface

Unspecified proxy activities

Data staging

Question: Score 1 of 1

Widespread fraud at Enron, WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of
corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in
2002. This law is known by what acronym?

Response:

FedRAMP

PCI DSS

SOX

HIPAA

Question: Score 1 of 1

All the industrial control systems of your organization are connected to the Internet. Your management wants to empower the manufacturing
process, ensure the reliability of industrial networks, and reduce downtime and service disruption.

You have been assigned to find and install an OT security tool that further protects against security incidents such as cyber espionage, zero-day
attacks, and malware. Which of the following tools will you use to accomplish this task?

Response:

Flowmon
 BalenaCloud

Robotium

IntentFuzzer

Question: Score 1 of 1

There are multiple cloud deployment options depending on how isolated a customer’s resources are from those of other customers. Shared
environments share the costs and allow each customer to enjoy lower operations expenses. One solution is for a customer to join with a group of
users or organizations to share a cloud environment.

What is this cloud deployment option called?

Response:

Hybrid

Private

Public

Community

Question: Score 0 of 1

Sniffer turns the NIC of a system to the promiscuous mode so that it can listen to all the data transmitted on its segment. It can constantly read all
information entering the computer through the NIC by decoding the information encapsulated in the data packet.

Passive sniffing is one of the types of sniffing. Passive sniffing refers to:

Response:
 Sniffing through a router

Sniffing through a hub

Sniffing through a bridge

Sniffing through a switch

Question: Score 1 of 1

Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this
process, he encountered an IDS that detects SQL injection attempts based on predefined signatures.

To evade any comparison statement, he attempted placing characters such as “‘or ‘1’=’1′” in any basic injection statement such as “or 1=1.” Identify
the evasion technique used by Daniel in the above scenario.

Response:

IP fragmentation

Variation

Char encodin

Null byte

Question: Score 0 of 1

IoT is a network of devices with an IP address that has the capability of sensing, collecting, and sending data using embedded sensors. Identify the
layer in IoT architecture that helps to bridge the gap between two endpoints, such as a device and a client, and also carries out message routing,
message identification, and subscribing?

Response:
 Edge Technology Layer

Middleware Layer

Internet Layer

Access Gateway Layer

Question: Score 1 of 1

Session splicing is an IDS evasion technique that exploits how some IDSs do not reconstruct sessions before performing pattern matching on the
data. The idea behind session splicing is to split data between several packets, ensuring that no single packet matches any patterns within an IDS
signature. Which tool can be used to perform session splicing attacks?

Response:

tcpsplice

Hydra

Whisker

Burp

Question: Score 0 of 1

Which of the following type of viruses avoid detection changing their own code, and then cipher itself multiple times as it replicates?

Response:

Stealth virus
 Tunneling virus

Encryption virus

Cavity virus

Question: Score 1 of 1

Enumeration is defined as the process of extracting user names, machine names, network resources, shares, and services from a system. Which of
the following enumeration does an attacker use to obtain a list of computers that belong to a domain?

Response:

Netbios enumeration

NTP enumeration

SMTP enumeration

SNMP enumeration

Question: Score 1 of 1

Which of the following best describes the "white box testing" methodology?

Response:

The internal operation of a system is only partly accessible to the tester.

Only the internal operation of a system is known to the tester.

Only the external operation of a system is accessible to the tester.

Question: Score 0 of 1

You see the following text written down—port:502. What does that likely reference?

Response:

Shodan search

RIR query

p0f results

I/O search

Question: Score 1 of 1

John needs to choose a firewall that can protect against SQL injection attacks. Which of the following types of firewalls is suitable for this task?

Response:

Stateful firewall.

Hardware firewall.

Packet firewall.

Web application firewall.

Attacker uses various IDS evasion techniques to bypass intrusion detection mechanisms. At the same time, IDS is configured to detect possible
violations of the security policy, including unauthorized access and misuse. Which of the following evasion method depend on the Time-to-Live
(TTL) fields of a TCP/IP ?

Response:

Denial-of-Service Attack

Insertion Attack

Obfuscation

Unicode Evasion

Question: Score 1 of 1

You want to use ADS to hide spyware.exe behind a file named companydata.txt. Which command will do that?

Response:

c:\spyware.exe> c:\companydata.txt:spyware.exe

more <companydata.txt

more c:\spyware.exe> c:\companydata.txt:spyware.exe

type c:\spyware.exe> c:\companydata.txt:spyware.exe

Question: Score 1 of 1
You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network.
However, as you attempt to fingerprint all machines in the network using the nmap syntax below, it is not going through.

invictus@victim_server.~$ nmap -T4 -O 10.10.0.0/24 TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx. QUITTING! What seems to be
wrong?

Response:

This is a common behavior for a corrupted nmap application

The nmap syntax is wrong

OS Scan requires root privileges

The outgoing TCP/IP fingerprinting is blocked by the host firewall

Question: Score 1 of 1

What identifies malware by collecting data from protected computers while analyzing it on the provider’s infrastructure instead of locally?

Response:

Real-time protection

Behavioural-based detection

Heuristics-based detection

Cloud-based detection

Question: Score 1 of 1

You are investigating to determine the reasons for compromising the computers of your company's employees. You will find out that the machines
were infected through sites that employees often visit. When an employee opens a site, there is a redirect from a web page, and malware downloads
to the machine. Which of the following attacks did the attacker perform on your company's employees?

Response:

DNS rebinding

Clickjacking

MarioNet

Watering hole

Question: Score 1 of 1

Why would an attacker want access to the SPAN port of a switch?

Response:

The SPAN port mirrors all other port activity.

This port is inherently insecure and easy to compromise.

The SPAN port allows updates to the CAM table.

It provides administrative access.

Question: Score 1 of 1

802.11b uses how many channels in the United States?

Response:

4
 11

12

24

Question: Score 1 of 1

During the scan, you found a serious vulnerability, compiled a report and sent it to your colleagues. In response, you received proof that they fixed
this vulnerability a few days ago. How can you characterize this vulnerability?

Response:

False-negative

False-positive

True-false

False-true

Question: Score 1 of 1

David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to
evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable
systems to reduce the impact and severity of vulnerabilities.

Which phase of the vulnerability-management life cycle is David currently in?

Response:

Remediation
 Vulnerability scan

Verification

Risk assessment

Question: Score 1 of 1

An intrusion detection system (IDS) is a security software or hardware that inspects all network traffic for suspicious patterns that may indicate a
network or system security breach. Identify the alert raised by an IDS when no attack has taken place?

Response:

False Negative

True Positive

True Negative

False Positive

Question: Score 1 of 1

_____ is IEEE standard 1902.1. It is a wireless protocol that is two way.

Response:

RuBee

LoRa

Z-Wave
 Zigbee

Question: Score 1 of 1

Identify the Bluetooth hacking technique, which refers to the theft of information from a wireless device through Bluetooth?

Response:

Bluebugging

Bluesnarfing

Bluesmacking

Bluejacking

Question: Score 1 of 1

What flag identifies the network card you use with tcpdump?

Response:

-n

-c

-e

-i
Question: Score 1 of 1

The attacker tries to find the servers of the attacked company. He uses the following command:

nmap 192.168.1.64/28

The scan was successful, but he didn't get any results. Identify why the attacker could not find the server based on the following information:

The attacked company used network address 192.168.1.64 with mask 255.255.255.192. In the network, the servers are in the addresses192.168.1.122,
192.168.1.123 and 192.168.1.124.

Response:

He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.

He needs to add the command ""ip address"" just before the IP address.

He needs to change the address to 192.168.1.0 with the same mask.

The network must be down and the nmap command and IP address are ok.

Question: Score 0 of 1

With a(n) ____ attack, an attacker modifies the parameters of the SOAP message that is sent from the service consumer to the service provider to
initiate a SQL injection attack.

Response:

XAML injection

SQL injection via SOAP

XML injection

man-in-the-cloud
Question: Score 1 of 1

____ is a scanner just for IoT devices.

Response:

Foren6

RIoT

HackRF One

MultiPing

Question: Score 0 of 1

Ivan, the evil hacker, decided to attack the cloud services of the target organization. First of all, he decided to infiltrate the target's MSP provider by
sending phishing emails that distributed specially created malware. This program compromised users' credentials, and Ivan managed to gain
remote access to the cloud service.

Further, he accessed the target customer profiles with his MSP account, compressed the customer data, and stored them in the MSP. After this, he
used this information to launch further attacks on the target organization.

Which of the following cloud attacks did Ivan perform?

Response:

Cloud cryptojacking

Cloud hopper attack

Cloudborne attack

Man-in-the-cloud (MITC) attack

Which of the following type of hackers refers to an individual who works both offensively and defensively?

Response:

White Hat

Black Hat

Gray Hat

Suicide Hacker

Question: Score 0 of 1

What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?

Response:

The attacker forges a reply from the DNS resolver

The attacker makes a request to the DNS resolver

The attacker uses TCP to poison the DNS resolver

The attacker queries a nameserver using the DNS resolver

Question: Score 0 of 1
Black-hat hacker Ivan attacked a large DNS server. By poisoning the cache, he was able to redirect the online store's traffic to a phishing site. Users
did not notice the problem and believed that they were on the store's actual website, so they entered the data of their accounts and even bank cards.

Before the security system had time to react, Ivan collected a large amount of critical user data. Which option is best suited to describe this attack?

Response:

Spear-phishing

SPIT attack

Pharming

Phishing

Question: Score 1 of 1

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?

Response:

administration.config

php.ini

idq.dll

httpd.conf

Question: Score 1 of 1

A(n) ___ attack intercepts the redirection of HTTP to the secure HTTPS protocol and intercepts a request from the user to the server. The attacker
then establishes its own HTTPS that is ineffective and allows all communication to be read.
Response:

SSL stripping

Smishing

Brute-force

MITM

Question: Score 1 of 1

Based on the below log, which of the following sentences are true?

Mar 1, 2016, 7:33:28 AM 10.240.250.23 – 54373 10.249.253.15 – 22 tcp_ip

Response:

Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server

SSH communications are encrypted; it’s impossible to know who is the client or the server.

Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client

Question: Score 1 of 1

Identify the algorithm according to the following description: That wireless security algorithm was rendered useless by capturing packets and
discovering the passkey in seconds. This vulnerability was strongly affected to TJ Maxx company. This vulnerability led to a network invasion of the
company and data theft through a technique known as wardriving.

Response:
 Wired Equivalent Privacy (WEP)

Temporal Key Integrity Protocol (TKIP)

Wi-Fi Protected Access 2 (WPA2)

Wi-Fi Protected Access (WPA)

Question: Score 1 of 1

Implementing the security testing process early in the SDLC is the key to finding out and fixing the security bugs early in the SDLC lifecycle. The
security testing process can be performed in two ways, Automated or Manual web application security testing. Which of the proposed statements is
true?

Response:

Automatic testing requires a lot of money and is still very imperfect, so it cannot be used for security

Neural networks and artificial intelligence are already used in new tools and do not require additional actions

Manual testing is obsolete and should be completely replaced by automatic testing.

Automatic and manual testing should be used together to better cover potential problems

Question: Score 0 of 1

What actions should be performed before using a Vulnerability Scanner for scanning a network?

Response:

Firewall detection.
 TCP/UDP Port scanning.

TCP/IP stack fingerprinting.

Checking if the remote host is alive.

Question: Score 1 of 1

An attacker tries to infect as many devices connected to the Internet with malware as possible to get the opportunity to use their computing power
and functionality for automated attacks hidden from the owners of these devices. Which of the proposed approaches fits description of the
attacker's actions?

Response:

Creating a botnet

Using Banking Trojans

Mass distribution of Ransomware

APT attack

Question: Score 1 of 1

What is a type of or component of a Trojan horse that installs other malware files onto the target computer?

Response:

Crypter

Injector
 Dropper

Installer

Question: Score 1 of 1

Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend
servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/ feed.php?

url=externalsite.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server.

What is the type of attack Jason performed in the above scenario?

Response:

Web server misconfiguration

Web cache poisoning attack

Server-side request forgery (SSRF) attack

Website defacement

Question: Score 1 of 1

Identify wireless security protocol by description: This wireless security protocol allows 192-bit minimum-strength security protocols and
cryptographic tools to protect sensitive data, such as 256-bit Galois/Counter Mode Protocol (GCMP-256), 84-bit Hashed Message Authentication
Mode with Secure Hash Algorithm (HMAC-SHA384), and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit elliptic curve.

Response:

WPA2-Personal

WPA3-Personal
 WPA3-Enterprise

WPA2-Enterprise

Question: Score 1 of 1

Jack needs to analyze the files produced by several packet-capture programs such as Wireshark, tcpdump, EtherPeek and WinDump. Which of the
following tools will Jack use?

Response:

tcptrace

tcptraceroute

OpenVAS

Nessus

Question: Score 1 of 1

You use Docker architecture in your application to employ a client/server model. And you need to use a component that can process API requests
and handle various Docker objects, such as containers, volumes, images, and networks. Which of the following Docker components will you use for
these purposes?

Response:

Docker registries

Docker daemon

Docker client
 Docker objects

Question: Score 1 of 1

Alice needs to send a confidential document to her coworker, Bryan. Their company has public key infrastructure set up. Therefore, Alice both
encrypts the message and digitally signs it. Alice uses _______________ to encrypt the message, and Bryan uses _______________ to confirm the
digital signature.

Response:

Bryan’s public key; Alice’s public key

Alice’s public key; Alice’s public key

Bryan’s private key; Alice’s public key

Bryan’s public key; Bryan’s public key

Question: Score 1 of 1

What type of cryptography is used in IKE, SSL, and PGP?

Response:

Secret Key

Digest

Public Key

Hash
Question: Score 1 of 1

John is configuring Snort rules. He is adding actions. What would the action pass do?

Response:

Pass the packet to the alert system

Drop the packet

Log the packet but let it pass

Nothing

Question: Score 1 of 1

You have detected an abnormally large amount of traffic coming from local computers at night. You decide to find out the reason, do a few checks
and find that an attacker has exfiltrated user data. Also, you noticed that AV tools could not find any malicious software, and the IDS/IPS has not
reported on any non-whitelisted programs.

Which of the following type of malware did the attacker use to bypass your company’s application whitelisting?

Response:

Phishing malware

Logic bomb malware

Zero-day malware

Fileless malware
Question: Score 1 of 1

You need to assess the system used by your employee. During the assessment, you found that compromise was possible through user directories,
registries, and other system parameters. Also, you discovered vulnerabilities such as native configuration tables, incorrect registry or file
permissions, and software configuration errors.

Which of the following types of vulnerability assessments that you conducted?

Response:

Credentialed assessment

Distributed assessment

Database assessment

Host-based assessment

Question: Score 1 of 1

Which of the following application security testing method of white-box testing, in which only the source code of applications and their components
is scanned for determines potential vulnerabilities in their software and architecture?

Response:

MAST

IAST

DAST

SAST
Question: Score 1 of 1

Clarence is performing an Nmap scan of a database server, using nmap -sR -oX - T3 192.168.1.19. What is this scan?

Response:

Nothing; it is not valid.

An RPC scan with aggressive speed and no output

A TCP scan with normal speed and null flags

An RPC scan with normal speed and XML output

Question: Score 1 of 1

____ is cryptanalysis that is based on examining how minute changes in input alter the output.

Response:

Ciphertext only

Frequency analysis

Differential cryptanalysis

Linear cryptanalysis

Question: Score 0 of 1

Which of the following Metasploit Framework tool can be used to bypass antivirus?
Response:

msfcli

msfd

msfencode

msfpayload

Question: Score 1 of 1

Viktor, a professional hacker, targeted an organization’s network to sniff all the traffic. During this process, Viktor plugged in a rogue switch to an
unused port in the LAN with a priority lower than any other switch in the network so that he could make it a root bridge that will later allow him to
sniff all the traffic in the network. What is the attack performed by Viktor in the above scenario?

Response:

ARP spoofing attack

VLAN hopping attack

STP attack

DNS poisoning attack

Question: Score 0 of 1

____ is designed explicitly for systems that have low power and limited memory. It is used for street lighting, radiation monitoring, and smart cities.

Response:
 Zephyr

RIoT

RTOS

Contiki

Question: Score 0 of 1

Victoria is creating a virus that will be harmless and that can be used in penetration testing. Her virus, which she made using Visual Basic for
Applications, is embedded in an Excel file. What type of virus is this?

Response:

Macro virus

Companion virus

Sparse infector virus

File virus

Money Back Guarantee Testimonial FAQs Privacy Policy Terms and Conditions About Us Join Us Contact Us