Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
440 views18 pages

CEH Exam Study Guide

This document contains questions and answers related to preparing for the Certified Ethical Hacking (CEH) exam. It covers topics such as reconnaissance, port numbers, malware types, network scanning techniques, firewall architectures, network protocols, and web application attacks. The questions are multiple choice and test knowledge of hacking methodology, tools (e.g. Wireshark, Nmap, Snort), and cybersecurity concepts.

Uploaded by

hamzah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
440 views18 pages

CEH Exam Study Guide

This document contains questions and answers related to preparing for the Certified Ethical Hacking (CEH) exam. It covers topics such as reconnaissance, port numbers, malware types, network scanning techniques, firewall architectures, network protocols, and web application attacks. The questions are multiple choice and test knowledge of hacking methodology, tools (e.g. Wireshark, Nmap, Snort), and cybersecurity concepts.

Uploaded by

hamzah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

CEH Preparation

In order to compromise or to hack a system or network the hackers go through various phases of
the hacking. What is the first hacking phase that hackers perform to gather information about a
target prior to launching an attack?
Answer: Reconnaissance

Which of the following port NTP uses as its primary means of communication?
Answer: UDP port 123

Which of the following virus evade the anti-virus software by intercepting its requests to the
operating system?

Answer: Stealth/Tunneling virus

Which of the following options represents a conceptual characteristic of an anomaly-based IDS


over a signature-based IDS?

Answer: Can identify unknown attacks

In Wireshark, the packet bytes panes show the data of the current packet in which format?

Answer: Hexadecimal

Which of the following is considered as one of the most reliable forms of TCP scanning?

Answer: TCP Connect/Full Open Scan

Which type of malware spreads from one system to another and replicate itself without any
human interaction

Answer: Worm

Which of the following is the BEST way to defend against network sniffing?

Answer: Using encryption protocols to secure network communications

Which of these is capable of searching for and locating rogue access points?

Answer: WIPS
Which of the following techniques practiced by an attacker exploits human behavior to make your
network vulnerable to attacks?

Answer: Social Engineering

Which of the following types of jailbreaking allows user-level access but does not allow iboot-level
access?

Answer: Userland Exploit

The "white box testing" methodology enforces what kind of restriction?

Answer: The internal operation of a system is completely known to the tester.

Identify the web application attack where the attackers exploit vulnerabilities in dynamically
generated web pages to inject client-side script into web pages viewed by other users.

Answer: Cross-Site Scripting (XSS)

Which of the following firewall architecture is designed to host servers that offer public services?

Answer: Screened subnet

You need a tool that can do network intrusion prevention and intrusion detection, function as a
network sniffer, and record network activity. What tool would you most likely select?

Answer: Snort

What type of message does the client send to the server in order to begin this negotiation?

Answer: SYN

In Wireshark, the packet bytes panes show the data of the current packet in which format?

Answer: Hexadecimal

What would you enter, if you wanted to perform a stealth scan using Nmap?

Answer: nmap -sS

________ Testing is an adaptive SQL Injection testing technique used to discover coding errors by
inputting massive amounts of random data and observing the changes in the output
Answer: Fuzzing

Which protocol is used for setting up secure channels between two devices, typically in VPNs?

Answer: IPSEC

You might also like