CEH Module 6: System Hacking | Latest
Update | 2024/2025 | Graded A+
What does privilege escalation mean in system hacking?
✔✔ Privilege escalation refers to exploiting a vulnerability to gain higher access rights than
originally granted.
What is a common method for gaining access to a system?
✔✔ Exploiting vulnerabilities in software or using social engineering techniques are common
methods for gaining access.
What is the purpose of a rootkit?
✔✔ A rootkit is used to maintain unauthorized access to a system while hiding its presence from
detection.
What is a backdoor in the context of system hacking?
✔✔ A backdoor is a method of bypassing normal authentication to gain access to a system.
How can hackers cover their tracks after compromising a system?
1
,✔✔ Hackers may delete logs, modify timestamps, or use rootkits to hide their activities and
presence on the system.
What is a keylogger?
✔✔ A keylogger is a type of software that records keystrokes made by a user to capture sensitive
information like passwords.
What is the difference between active and passive reconnaissance?
✔✔ Active reconnaissance involves directly interacting with the target system, while passive
reconnaissance involves gathering information without direct interaction.
What role does social engineering play in system hacking?
✔✔ Social engineering exploits human psychology to trick individuals into revealing
confidential information or credentials.
What is the function of a Trojan horse in system hacking?
✔✔ A Trojan horse disguises itself as legitimate software to trick users into installing it,
allowing attackers access to the system.
2
,What is the significance of a "zero-day" exploit?
✔✔ A zero-day exploit takes advantage of a previously unknown vulnerability, which has not
yet been patched by the software vendor.
What are some common methods for cracking passwords?
✔✔ Common methods include brute-force attacks, dictionary attacks, and rainbow table attacks.
What is the purpose of a honeypot in cybersecurity?
✔✔ A honeypot is a decoy system designed to attract and analyze potential attackers.
What does the term "session hijacking" refer to?
✔✔ Session hijacking involves taking over a user session after the user has authenticated,
allowing the attacker to impersonate the user.
What is an exploit?
✔✔ An exploit is a piece of code or software that takes advantage of a vulnerability in a system
to perform unauthorized actions.
3
, How can system administrators protect against system hacking?
✔✔ System administrators can implement strong access controls, regular patch management,
and security awareness training to protect against hacking.
What is the purpose of penetration testing?
✔✔ Penetration testing simulates an attack on a system to identify vulnerabilities and assess
security measures.
What does the term "keyspace" refer to in password cracking?
✔✔ Keyspace refers to the total number of possible combinations that can be used in a
password, based on its length and complexity.
What is a denial-of-service (DoS) attack?
✔✔ A denial-of-service attack aims to make a system or service unavailable to its intended users
by overwhelming it with traffic.
What is the purpose of using encryption in system security?
✔✔ Encryption protects data by converting it into a format that is unreadable without the
appropriate decryption key.
4
Update | 2024/2025 | Graded A+
What does privilege escalation mean in system hacking?
✔✔ Privilege escalation refers to exploiting a vulnerability to gain higher access rights than
originally granted.
What is a common method for gaining access to a system?
✔✔ Exploiting vulnerabilities in software or using social engineering techniques are common
methods for gaining access.
What is the purpose of a rootkit?
✔✔ A rootkit is used to maintain unauthorized access to a system while hiding its presence from
detection.
What is a backdoor in the context of system hacking?
✔✔ A backdoor is a method of bypassing normal authentication to gain access to a system.
How can hackers cover their tracks after compromising a system?
1
,✔✔ Hackers may delete logs, modify timestamps, or use rootkits to hide their activities and
presence on the system.
What is a keylogger?
✔✔ A keylogger is a type of software that records keystrokes made by a user to capture sensitive
information like passwords.
What is the difference between active and passive reconnaissance?
✔✔ Active reconnaissance involves directly interacting with the target system, while passive
reconnaissance involves gathering information without direct interaction.
What role does social engineering play in system hacking?
✔✔ Social engineering exploits human psychology to trick individuals into revealing
confidential information or credentials.
What is the function of a Trojan horse in system hacking?
✔✔ A Trojan horse disguises itself as legitimate software to trick users into installing it,
allowing attackers access to the system.
2
,What is the significance of a "zero-day" exploit?
✔✔ A zero-day exploit takes advantage of a previously unknown vulnerability, which has not
yet been patched by the software vendor.
What are some common methods for cracking passwords?
✔✔ Common methods include brute-force attacks, dictionary attacks, and rainbow table attacks.
What is the purpose of a honeypot in cybersecurity?
✔✔ A honeypot is a decoy system designed to attract and analyze potential attackers.
What does the term "session hijacking" refer to?
✔✔ Session hijacking involves taking over a user session after the user has authenticated,
allowing the attacker to impersonate the user.
What is an exploit?
✔✔ An exploit is a piece of code or software that takes advantage of a vulnerability in a system
to perform unauthorized actions.
3
, How can system administrators protect against system hacking?
✔✔ System administrators can implement strong access controls, regular patch management,
and security awareness training to protect against hacking.
What is the purpose of penetration testing?
✔✔ Penetration testing simulates an attack on a system to identify vulnerabilities and assess
security measures.
What does the term "keyspace" refer to in password cracking?
✔✔ Keyspace refers to the total number of possible combinations that can be used in a
password, based on its length and complexity.
What is a denial-of-service (DoS) attack?
✔✔ A denial-of-service attack aims to make a system or service unavailable to its intended users
by overwhelming it with traffic.
What is the purpose of using encryption in system security?
✔✔ Encryption protects data by converting it into a format that is unreadable without the
appropriate decryption key.
4
