CEH part 2 Flashcards
(180 cards)
Ethical hacker Jane Doe is attempting to crack the password of the head of the IT department of ABC company. She is utilizing a rainbow table and notices upon entering a password that extra characters are added to the
password after submitting. What countermeasure is the company using to protect against rainbow tables?
Password salting
Password hashing
Password key hashing
Account lockout
Password salting
Attacker Lauren has gained the credentials of an organization’s internal server system, and she was often logging
in during irregular times to monitor the network activities. The organization was skeptical about the login times and
appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find
incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities
exploited.
What is the incident handling and response (IH&R) phase, in which Robert has determined these issues?
Preparation
Eradication
Incident recording and assignment
Incident triage
Incident triage
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this process, he used a short-range communication protocol
based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer data infrequently at a low rate in a restricted area, within a range of 10–100 m. What is the short-range wireless communication technology George employed in the above scenario?
NB-IoT
MQTT
LPWAN
Zigbee
Zigbee
Taylor, a security professional, uses a tool to monitor her company’s website, analyze the website’s traffic, and
track the geographical location of the users visiting the company’s website.
Which of the following tools did Taylor employ in the above scenario?
WebSite-Watcher
Webroot
Web-Stat
WAFW00F
Web-Stat
Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. During further analysis, he found that those issues are not true vulnerabilities. What will you call these issues?
False positives
True negatives
False negatives
True positives
False positives
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the integrity of updating
and changing data. For this purpose, he uses a web service that uses HTTP methods such as PUT, POST, GET, and
DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application.
What is the type of web-service API mentioned in the above scenario?
RESTful API
REST API
JSON-RPC
SOAP API
RESTful API
Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the
intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL
https://xyz.com/feed.php?url=externalsite.com/feed/to to obtain a remote feed and altered the URL input to the local
host to view all the local resources on the target server.
What is the type of attack Jason performed in the above scenario?
Web cache poisoning attack
Web server misconfiguration
Server-side request forgery (SSRF) attack
Website defacement
Server-side request forgery (SSRF) attack
Widespread fraud at Enron, WorldCom, and Tyco led to the creation of a law that was designed to improve the
accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide
financial services to some organizations and came into effect in 2002. This law is known by what acronym?
PCI DSS
HIPAA
FedRAMP
SOX
SOX
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients
are complaining that their personal medical records are fully exposed on the Internet and someone can find them
with a simple Google search. Bob’s boss is very worried because of regulations that protect those data.
Which of the following regulations is mostly violated?
PII
ISO 2002
HIPPA/PHI
PCI DSS
HIPPA/PHI
Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port
scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and
determines that an RST packet is sent in response by the target host, indicating that the port is closed.
What is the port scanning technique used by Sam to discover open ports?
IDLE/IPID header scan
Xmas scan
TCP Maimon scan
ACK flag probe scan
TCP Maimon scan
A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before
issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities
of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities
such as native configuration tables, incorrect registry or file permissions, and software configuration errors.
What is the type of vulnerability assessment performed by Martin?
Credentialed assessment
Database assessment
Host-based assessment
Distributed assessment
Database assessment
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized
access to the target network. He remains in the network without being detected for a long time and obtains sensitive
information without sabotaging the organization.
Which of the following attack techniques is used by John?
Spear-phishing sites
Advanced persistent threat
Insider threat
Diversion theft
Advanced persistent threat
Jane, an ethical hacker, is testing a target organization’s web server and website to identify security loopholes. In
this process, she copied the entire website and its content on a local drive to view the complete profile of the site’s
directory structure, file structure, external links, images, web pages, and so on. This information helps Jane map the
website’s directories and gain valuable information.
What is the attack technique employed by Jane in the above scenario?
Website mirroring
Web cache poisoning
Session hijacking
Website defacement
Website mirroring
In this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating
and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as
the incremental transmit packet number and receive packet number are reset to their initial values. What is this
attack called?
Chop chop attack
Evil twin
KRACK
Wardriving
KRACK
If you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST, what do you know about the firewall you are scanning?
It is a non-stateful firewall.
There is no firewall in place.
It is a stateful firewall.
This event does not tell you anything about the firewall.
It is a stateful firewall.
Which iOS jailbreaking technique patches the kernel during the device boot so that it becomes jailbroken after
each successive reboot?
Semi-untethered Jailbreaking
Tethered jailbreaking
Semi-tethered Jailbreaking
Untethered jailbreaking
Untethered jailbreaking
Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote
location. To manage nodes in the network, he uses MIB, which contains formal descriptions of all network objects
managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and
Lseries.mib or by entering the DNS library name and Lseries.mib. He is currently retrieving information from an MIB
that contains object types for workstations and server services.
Which of the following types of MIB is accessed by Garry in the above scenario?
LNMIB2.MIB
MIB_II.MIB
DHCP.MIB
WINS.MIB
LNMIB2.MIB
Clark, a professional hacker, was hired by an organization to gather sensitive information about its competitors
surreptitiously. Clark gathers the server IP address of the target organization using Whois footprinting. Further, he
entered the server IP address as an input to an online tool to retrieve information such as the network range of the
target organization and to identify the network topology and operating system used in the network.
What is the online tool employed by Clark in the above scenario?
AOL
ARIN
DuckDuckGo
Baidu
ARIN
Jim is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between
the domains and avoid detection. Identify the behavior of the adversary in the above scenario.
Unspecified proxy activities
Use of DNS tunneling
Data staging
Use of command-line interface
Use of DNS tunneling
You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are
attempting to break into the wireless network with the SSID “Brakeme-Internal.” You realize that this network uses
WPA3 encryption. Which of the following vulnerabilities is a promising to exploit which might work?
Cross-site request forgery
Dragonblood
AP misconfiguration
Key reinstallation attack
Dragonblood
Henry is a cyber security specialist hired by BlackEye – Cyber Security Solutions. He was tasked with discovering
the operating system (OS) of a host. He used the Unicornscan tool to discover the OS of the target system. As a
result, he obtained a TTL value, which indicates that the target system is running a Windows OS.
Identify the TTL value Henry obtained, which indicates that the target OS is Windows.
128
64
255
138
128
Andrew is an Ethical Hacker who was assigned the task of discovering all the active devices hidden by a restrictive firewall in the IPv4 range in a given target network. Which of the following host discovery techniques must he use to perform the given task?
ARP ping scan
ACK flag probe scan
TCP Maimon scan
UDP scan
ARP ping scan
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company. After a few
days, Ralph contacted Jane while masquerading as a legitimate customer support executive, informing that her
systems need to be serviced for proper functioning and that customer support will send a computer technician. Jane
promptly replied positively. Ralph entered Jane’s company using this opportunity and gathered sensitive information
by scanning terminals for passwords, searching for important documents in desks, and rummaging bins. What is the
type of attack technique Ralph used on Jane?
Dumpster diving
Impersonation
Eavesdropping
Shoulder surfing
Impersonation
In an attempt to increase the security of your network, you implement a solution that will help keep your wireless
network undiscoverable and accessible only to those that know it.
How do you accomplish this?
Lock all users
Delete the wireless network
Remove all passwords
Disable SSID broadcasting
Disable SSID broadcasting