TEST V12 CEH EXAM QUESTIONS AND
ANSWERS UPDATED (2024/2025)
(VERIFIED ANSWERS)
Which type of virus can change its own code and then cipher itself multiple
times as it replicates? - ANS ✓Stealth virus
Samuel a security administrator, is assessing the configuration of a web
server. He noticed that the server permits sslv2 connections, and the same
private key certificate is used on a different server that allows sslv2
connections. This vulnerability makes the web server vulnerable to attacks
as the sslv2 server can leak key information. Which of the following attacks
can be performed by exploiting the above vulnerability? - ANS ✓DROWN
attack
John, a disgruntled ex-employee of an organization, contacted a
professional hacker to exploit the organization. In the attack process, the
professional hacker Installed a scanner on a machine belonging to one of
the vktims and scanned several machines on the same network to Identify
vulnerabilities to perform further exploitation. What is the type of
vulnerability assessment tool employed by John in the above scenario? -
ANS ✓Network-based scanner
Bob was recently hired by a medical company after it experienced a major
cyber security breach. Many patients are complaining that their personal
medical records are fully exposed on the Internet and someone can find
them with a simple Google search. Bob's boss is very worried because of
regulations that protect those data. Which of the following regulations is
mostly violated? - ANS ✓HIPPA/phl
What is the common name for a vulnerability disclosure program opened
by companies In platforms such as hackerone? - ANS ✓Bug bounty program
TEST V12
, 2
TEST
John wants to send Marie an email that includes sensitive information, and
he does not trust the network that he is connected to. Marie gives him the
idea of using PGP. What should John do to communicate correctly using this
type of encryption? - ANS ✓Use Marie's public key to encrypt the message.
Attacker Steve targeted an organization's network with the aim of
redirecting the company's web traffic to another malicious website. To
achieve this goal, Steve performed DNS cache poisoning by exploiting the
vulnerabilities In the DNS server software and modified the original IP
address of the target website to that of a fake website. What is the
technique employed by Steve to gather information for identity theft? - ANS
✓Pharming
Wilson, a professional hacker, targets an organization for financial benefit
and plans to compromise its systems by sending malicious emails. For this
purpose, he uses a tool to track the emails of the target and extracts
information such as sender identities, mall servers, sender IP addresses,
and sender locations from different public sources. He also checks if an
email address was leaked using the haveibeenpwned.com API. Which of the
following tools is used by Wilson in the above scenario? - ANS ✓infoga
While testing a web application in development, you notice that the web
server does not properly ignore the "dot dot slash" (../) character string
and instead returns the file listing of a folder structure of the server. What
kind of attack is possible in this scenario? - ANS ✓Directory traversal
Henry Is a cyber security specialist hired by blackeye - Cyber security
solutions. He was tasked with discovering the operating system (OS) of a
host. He used the Unkornscan tool to discover the OS of the target system.
As a result, he obtained a TTL value, which Indicates that the target system
is running a Windows OS. Identify the TTL value Henry obtained, which
indicates that the target OS is Windows. - ANS ✓128
Ethical backer jane Doe is attempting to crack the password of the head of
the it department of ABC company. She Is utilizing a rainbow table and
notices upon entering a password that extra characters are added to the
TEST V12
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller DoctorKen. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.
