CEH v12 Solved 100% Correct 2024
Which of the following modbus-cli commands is used by attackers to manipulate the register values in a target PLC device?
A. modbus write <Target IP> 101 1 1 1 1 1 1 1 1 1 1 modbus write <Target IP> %M100 1 1 1 1 1 1 1 1 1 1
B. modbus write <Target IP> %MW100 2 2 2 2 2 2 2 2 modbus write <Target IP> 400101 2 2 2 2 2 2 2 2
C. modbus read <Target IP> 101 10 modbus read <Target IP> %M100 10
D. modbus read <Target IP> 101 10 modbus read <Target IP> %M100 10 - ANS-B
In which of the following security risks does an API accidentally expose internal variables or objects because of improper binding and filtering based on a whitelist, allowing attackers with unauthorized access to modify object properties?
A. Broken object-level authorization
B. Broken object-level authorization
C. Broken object-level authorization
D. Injection - ANS-B
Identify the type of cluster computing in which work is distributed among nodes to avoid overstressing a single node and periodic health checks are performed on each node to identify node failures and reroute the incoming traffic to another node.
A.Fail-over
B.Load balancing
C.Highly available
D.High-performance computing - ANS-B
Which of the following is an attack technique where the only information available to the attacker is some plaintext blocks along with the corresponding ciphertext and algorithm used to encrypt and decrypt the text?
A. Ciphertext-only attack
B. Adaptive chosen-plaintext attack
C. Chosen-plaintext attack
D. Known-plaintext attack - ANS-A.
Which of the following communication protocols is a variant of the Wi-Fi standard that provides an extended range, making it useful for communications in rural areas, and offers low data rates?
A. HaLow
B. Z-Wave
C. 6LoWPAN D. QUIC - ANS-C
Which of the following is a technique used by an attacker to gather valuable system-
level data such as account details, OS, software version, server names, and database schema details? A.Whois
B.Session hijacking
C.Web server footprinting
D.Vulnerability scanning - ANS-C
Which of the following RFCrack commands is used by an attacker to perform an incremental scan on a target IoT device while launching a rolling-code attack?
A.python RFCrack.py -b -v 5000000
B.python RFCrack.py-j -F 314000000
C.python RFCrack.py -r -M MOD_2FSK -F 314350000
D.python RFCrack.py -i - ANS-A
Clark, a professional hacker, was attempting to capture packet flow on a target organization's network. After exploiting certain vulnerabilities in the network, Clark placed his Raspberry Pi device between the server and an authorized device to make all the network traffic pass through his device so that he can easily sniff and monitor the packet flow. Using this technique, Clark successfully bypassed NAC controls connected
to the target network.
Which of the following techniques did Clark employ in the above scenario?
A. Using reverse ICMP tunnels
B. Using pre-authenticated device
C. Double tagging
D. Session splicing - ANS-D
Which of the following encryption algorithms is a large tweakable symmetric-key block cipher with equal block and key sizes of 256, 512, or 1024 and involves only three operations, that is, addition-rotation-XOR?
A. RC4
B. Twofish
C. RC5
D. Threefish - ANS-D
Which of the following steganography techniques is used by attackers for hiding the message with a large amount of useless data and mixing the original data with the unused data in any order?
Which of the following modbus-cli commands is used by attackers to manipulate the register values in a target PLC device?
A. modbus write <Target IP> 101 1 1 1 1 1 1 1 1 1 1 modbus write <Target IP> %M100 1 1 1 1 1 1 1 1 1 1
B. modbus write <Target IP> %MW100 2 2 2 2 2 2 2 2 modbus write <Target IP> 400101 2 2 2 2 2 2 2 2
C. modbus read <Target IP> 101 10 modbus read <Target IP> %M100 10
D. modbus read <Target IP> 101 10 modbus read <Target IP> %M100 10 - ANS-B
In which of the following security risks does an API accidentally expose internal variables or objects because of improper binding and filtering based on a whitelist, allowing attackers with unauthorized access to modify object properties?
A. Broken object-level authorization
B. Broken object-level authorization
C. Broken object-level authorization
D. Injection - ANS-B
Identify the type of cluster computing in which work is distributed among nodes to avoid overstressing a single node and periodic health checks are performed on each node to identify node failures and reroute the incoming traffic to another node.
A.Fail-over
B.Load balancing
C.Highly available
D.High-performance computing - ANS-B
Which of the following is an attack technique where the only information available to the attacker is some plaintext blocks along with the corresponding ciphertext and algorithm used to encrypt and decrypt the text?
A. Ciphertext-only attack
B. Adaptive chosen-plaintext attack
C. Chosen-plaintext attack
D. Known-plaintext attack - ANS-A.
Which of the following communication protocols is a variant of the Wi-Fi standard that provides an extended range, making it useful for communications in rural areas, and offers low data rates?
A. HaLow
B. Z-Wave
C. 6LoWPAN D. QUIC - ANS-C
Which of the following is a technique used by an attacker to gather valuable system-
level data such as account details, OS, software version, server names, and database schema details? A.Whois
B.Session hijacking
C.Web server footprinting
D.Vulnerability scanning - ANS-C
Which of the following RFCrack commands is used by an attacker to perform an incremental scan on a target IoT device while launching a rolling-code attack?
A.python RFCrack.py -b -v 5000000
B.python RFCrack.py-j -F 314000000
C.python RFCrack.py -r -M MOD_2FSK -F 314350000
D.python RFCrack.py -i - ANS-A
Clark, a professional hacker, was attempting to capture packet flow on a target organization's network. After exploiting certain vulnerabilities in the network, Clark placed his Raspberry Pi device between the server and an authorized device to make all the network traffic pass through his device so that he can easily sniff and monitor the packet flow. Using this technique, Clark successfully bypassed NAC controls connected
to the target network.
Which of the following techniques did Clark employ in the above scenario?
A. Using reverse ICMP tunnels
B. Using pre-authenticated device
C. Double tagging
D. Session splicing - ANS-D
Which of the following encryption algorithms is a large tweakable symmetric-key block cipher with equal block and key sizes of 256, 512, or 1024 and involves only three operations, that is, addition-rotation-XOR?
A. RC4
B. Twofish
C. RC5
D. Threefish - ANS-D
Which of the following steganography techniques is used by attackers for hiding the message with a large amount of useless data and mixing the original data with the unused data in any order?
