Certified Ethical Hacker Practice Questions Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session. Upon receiving the user’s request, Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?aLTEr attackJamming signal attackWardrivingKRACK attack David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?RemediationVerificationRisk assessmentVulnerability scan Which of the following Bluetooth hacking techniques refers to the theft of information from a wireless device through Bluetooth?BluesmackingBluesnarfingBluejackingBluebugging You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use?inurlsiteextfiletype Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB, which contains formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mib or by entering the DNS library name and Lseries.mib. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario?LNMIB2.MIBDHCP.MIBMIB_II.MIBWINS.MIB Based on the below log, which of the following sentences are true? Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ipApplication is FTP and 10.240.250.23 is the client and 10.249.253.15 is the serverApplication is SSH and 10.240.250.23 is the server and 10.249.253.15 is the clientSSH communications are encrypted; it’s impossible to know who is the client or the serverApplication is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server What piece of hardware on a computer’s motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?CPUUEFIGPUTPM Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP requests and leased all the DHCP addresses available in the DHCP scope until the server could not issue any more IP addresses. This led to a DoS attack, and as a result, legitimate employees were unable to access the client’s network. Which of the following attacks did Abel perform in the above scenario?Rogue DHCP server attackVLAN hoppingSTP attackDHCP starvation What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?httpd.confadministration.configphp.inidq.dll Henry is a cyber security specialist hired by BlackEye – Cyber Security Solutions. He was tasked with discovering the operating system (OS) of a host. He used the Unicornscan tool to discover the OS of the target system. As a result, he obtained a TTL value, which indicates that the target system is running a Windows OS. Identify the TTL value Henry obtained, which indicates that the target OS is Windows.12825564138 Scenario: Joe turns on his home computer to access personal online banking. When he enters the URL www.bank.com, the website is displayed, but it prompts him to re-enter his credentials as if he has never visited the site before. When he examines the website URL closer, he finds that the site is not secure and the web address appears different. What type of attack he is experiencing?DHCP spoofingDoS attackARP cache poisoningDNS hijacking This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-256, HMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?WPA3-PersonalWPA3-EnterpriseWPA2-EnterpriseWPA2-Personal Clark, a professional hacker, was hired by an organization to gather sensitive information about its competitors surreptitiously. Clark gathers the server IP address of the target organization using Whois footprinting. Further, he entered the server IP address as an input to an online tool to retrieve information such as the network range of the target organization and to identify the network topology and operating system used in the network. What is the online tool employed by Clark in the above scenario?DuckDuckGoAOLARINBaidu Ethical hacker Jane Doe is attempting to crack the password of the head of the IT department of ABC company. She is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect against rainbow tables?Account lockoutPassword hashingPassword key hashingPassword salting What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?The attacker queries a nameserver using the DNS resolver.The attacker uses TCP to poison the DNS resolver.The attacker makes a request to the DNS resolver.The attacker forges a reply from the DNS resolver. What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?AndroidManifest.xmlclasses.dexAPK.inforesources.asrc Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?Port 50Port 23Port 53Port 80 While browsing his Facebook feed, Matt sees a picture one of his friends posted with the caption, “Learn more about your friends!”, as well as a number of personal questions. Matt is suspicious and texts his friend, who confirms that he did indeed post it. With assurance that the post is legitimate, Matt responds to the questions on the post. A few days later, Matt’s bank account has been accessed, and the password has been changed. What most likely happened?Matt inadvertently provided the answers to his security questions when responding to the postMatt inadvertently provided his password when responding to the postMatt’s computer was infected with a keyloggerMatt’s bank-account login information was brute forced In the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?4.0-6.03.9-6.93.0-6.94.0-6.9 Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection. What is the APT lifecycle phase that Harry is currently executing?Initial intrusionPersistenceCleanupPreparation If you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST, what do you know about the firewall you are scanning?It is a non-stateful firewallThere is no firewall in placeIt is a stateful firewallThis event does not tell you anything about the firewall Samuel, a professional hacker, monitored and intercepted already established traffic between Bob and a host machine to predict Bob’s ISN. Using this ISN, Samuel sent spoofed packets with Bob’s IP address to the host machine. The host machine responded with a packet having an incremented ISN. Consequently, Bob’s connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by Samuel in the above scenario?TCP/IP hijackingBlind hijackingUDP hijackingForbidden attack Alice needs to send a confidential document to her coworker, Bryan. Their company has public key infrastructure set up. Therefore, Alice both encrypts the message and digitally signs it. Alice uses _______________ to encrypt the message, and Bryan uses _______________ to confirm the digital signature.Bryan’s public key; Bryan’s public keyAlice’s public key; Alice’s public keyBryan’s private key; Alice’s public keyBryan’s public key; Alice’s public key Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve’s profile picture and the description given for his profile, and she initiated a conversation with him soon after accepting the request. After a few days, Steve started asking about her company details and eventually gathered all the essential information regarding her company. What is the social engineering technique Steve employed in the above scenario?BaitingPiggybackingDiversion theftHoney trap Jane, an ethical hacker, is testing a target organization’s web server and website to identify security loopholes. In this process, she copied the entire website and its content on a local drive to view the complete profile of the site’s directory structure, file structure, external links, images, web pages, and so on. This information helps Jane map the website’s directories and gain valuable information. What is the attack technique employed by Jane in the above scenario?Session hijackingWebsite mirroringWebsite defacementWeb cache poisoning Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as “’or ‘1’=‘1’” in any basic injection statement such as “or 1=1.” Identify the evasion technique used by Daniel in the above scenario.Char encodingIP fragmentationVariationNull byte Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the integrity of updating and changing data. For this purpose, he uses a web service that uses HTTP methods such as PUT, POST, GET, and DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application. What is the type of web-service API mentioned in the above scenario?RESTful APIJSON-RPCSOAP APIREST API Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario?Forbidden attackCRIME attackSession donation attackSession fixation attack A DDoS attack is performed at layer 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, the target servers opens multiple connections and keeps waiting for the requests to complete. Which attack is being described here?DesynchronizationSlowloris attackSession splicingPhlashing An attacker redirects the victim to malicious websites by sending them a malicious link by email. The link appears authentic but redirects the victim to a malicious web page, which allows the attacker to steal the victim’s data. What type of attack is this?VishingPhishingDDoSSpoofing Time is Up!