Certified Ethical Hacker (CEH) Questions
and Answers | Latest Update | 2024/2025
| 100% Pass
How do attackers use steganography to conceal malicious data?
Attackers use steganography to hide malicious code within seemingly harmless files, such as
images or audio, to bypass detection.
W...
Certified Ethical Hacker (CEH) Questions
and Answers | Latest Update | 2024/2025
| 100% Pass
How do attackers use steganography to conceal malicious data?
✔✔ Attackers use steganography to hide malicious code within seemingly harmless files, such as
images or audio, to bypass detection.
What is the significance of time-based password authentication in enhancing security?
✔✔ Time-based password authentication adds an additional layer of security by generating
passwords that are only valid for a limited time, reducing the risk of compromise.
How can an attacker leverage DNS tunneling for data exfiltration?
✔✔ DNS tunneling is used to disguise malicious traffic as normal DNS queries, allowing
attackers to extract data from a network without detection.
How does an attacker perform a watering hole attack?
✔✔ A watering hole attack involves compromising a website frequently visited by the target,
embedding malware to infect users who visit the site.
1
,What is a common countermeasure for mitigating man-in-the-browser attacks?
How do attackers evade detection with polymorphic malware?
✔✔ Polymorphic malware changes its code each time it executes, making it harder for signature-
based detection systems to identify.
Why is memory analysis important during an incident investigation?
✔✔ Memory analysis can uncover artifacts such as running processes, malware traces, and
network connections that are not stored on disk, providing critical evidence.
What is the role of command and control (C2) servers in botnet attacks?
✔✔ C2 servers manage infected machines (bots) in a botnet, allowing attackers to issue
commands, exfiltrate data, or launch attacks remotely.
What does fuzz testing involve in vulnerability discovery?
✔✔ Fuzz testing involves providing random or unexpected inputs to a program to identify
potential vulnerabilities by observing how it handles the input.
2
,How does an attacker use SQL injection to retrieve unauthorized data from a database?
✔✔ SQL injection allows an attacker to manipulate database queries by injecting malicious SQL
code into an input field, retrieving or modifying data.
What are some signs that a system may have been compromised by rootkit malware?
✔✔ Signs include hidden processes, missing system files, unusual system performance, and
tampered security software.
What is the impact of DNS spoofing in a network attack?
✔✔ DNS spoofing redirects users to malicious websites by altering DNS records, enabling
attackers to steal sensitive data or install malware.
How does an attacker use session hijacking to gain unauthorized access?
✔✔ Session hijacking involves stealing a user’s session token, allowing the attacker to
impersonate the user and gain access to their accounts or services.
How does a reverse shell work in a cyber attack?
3
, ✔✔ A reverse shell allows an attacker to gain control over a compromised machine by making
the machine initiate a connection back to the attacker’s server.
How does a blue team defend against privilege escalation attacks?
✔✔ The blue team defends by implementing least privilege access, monitoring system logs, and
patching vulnerabilities that could be exploited for privilege escalation.
What is the impact of a cross-site request forgery (CSRF) attack on web applications?
✔✔ CSRF tricks a user into performing unwanted actions on a web application where they are
authenticated, allowing attackers to alter data or execute actions.
How do attackers use spear-phishing for highly targeted attacks?
✔✔ Spear-phishing involves sending tailored, malicious emails to specific individuals, often
using personal information to trick them into revealing credentials or downloading malware.
What is the significance of log correlation in threat detection?
✔✔ Log correlation combines data from various sources to identify patterns, anomalies, or
malicious activity that might go unnoticed in isolated logs.
4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller SterlingScores. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.38. You're not tied to anything after your purchase.