CEH V12 2 Exam | Questions And Answers Latest {2024- 2025} A+ Graded | 100%
Verified
_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and
celebrities who have access to confidential and highly valuable information. - Whaling
By performing a penetration test, you gained access under a user account. During the test, you
established a connection with your own machine via the SMB service and occasionally entered your
login and password in plaintext. - .bash_history
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server,
DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS
server and redirect the direction www.google.com to his own IP address. Now when the employees of
the office want to go to Google they are being redirected to the attacker machine. What is the name of
this kind of attack? - DNS spoofing
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company.
After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive,
informing that her systems need to be serviced for proper functioning and that customer support will
send a computer technician. Jane promptly replied positively. Ralph entered Jane's company using this
opportunity and gathered sensitive information by scanning terminals for passwords, searching for
important documents in desks, and rummaging bins. - Impersonation
A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related
to the current time from the target host machine. Which of the following Zenmap options must the
analyst use to perform the ICMP timestamp ping scan? - -PP
Ricardo has discovered the username for an application in his target's environment. As he has a limited
amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He
compiles them into a list and then feeds that list as an argument into his password-cracking application.
What type of attack is Ricardo performing? - Dictionary
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed
a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited
many machines. Which one of the following tools the hacker probably used to inject HTML code? -
Ettercap
, You have been authorized to perform a penetration test against a website. You want to use Google
dorks to footprint the site but only want results that show file extensions. What Google dork operator
would you use? - filetype
Which of these is capable of searching for and locating rogue access points? - WIPS
Miley, a professional hacker, decided to attack a target organization's network. To perform the attack,
she used a tool to send fake ARP messages over the target network to link her MAC address with the
target system's IP address. By performing this, Miley received messages directed to the victim's MAC
address and further used the tool to intercept, steal, modify, and block sensitive communication to the
target system. What is the tool employed by Miley to perform the above attack? - BetterCAP
Which of the following Bluetooth hacking techniques refers to the theft of information from a wireless
device through Bluetooth? - Bluesnarfing
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many
patients are complaining that their personal medical records are fully exposed on the Internet and
someone can find them with a simple Google search. Bob's boss is very worried because of regulations
that protect those dat a. Which of the following regulations is mostly violated? - HIPPA/PHl
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email
messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network
with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based
on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This
cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the
algorithm employed by Harper to secure the email messages? - CAST-128
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not
encrypt email, leaving the information in the message vulnerable to being read by an unauthorized
person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by
SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over
TLS? - STARTTLS
What type of virus is most likely to remain undetected by antivirus software? - Stealth virus
Verified
_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and
celebrities who have access to confidential and highly valuable information. - Whaling
By performing a penetration test, you gained access under a user account. During the test, you
established a connection with your own machine via the SMB service and occasionally entered your
login and password in plaintext. - .bash_history
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server,
DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS
server and redirect the direction www.google.com to his own IP address. Now when the employees of
the office want to go to Google they are being redirected to the attacker machine. What is the name of
this kind of attack? - DNS spoofing
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company.
After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive,
informing that her systems need to be serviced for proper functioning and that customer support will
send a computer technician. Jane promptly replied positively. Ralph entered Jane's company using this
opportunity and gathered sensitive information by scanning terminals for passwords, searching for
important documents in desks, and rummaging bins. - Impersonation
A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related
to the current time from the target host machine. Which of the following Zenmap options must the
analyst use to perform the ICMP timestamp ping scan? - -PP
Ricardo has discovered the username for an application in his target's environment. As he has a limited
amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He
compiles them into a list and then feeds that list as an argument into his password-cracking application.
What type of attack is Ricardo performing? - Dictionary
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed
a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited
many machines. Which one of the following tools the hacker probably used to inject HTML code? -
Ettercap
, You have been authorized to perform a penetration test against a website. You want to use Google
dorks to footprint the site but only want results that show file extensions. What Google dork operator
would you use? - filetype
Which of these is capable of searching for and locating rogue access points? - WIPS
Miley, a professional hacker, decided to attack a target organization's network. To perform the attack,
she used a tool to send fake ARP messages over the target network to link her MAC address with the
target system's IP address. By performing this, Miley received messages directed to the victim's MAC
address and further used the tool to intercept, steal, modify, and block sensitive communication to the
target system. What is the tool employed by Miley to perform the above attack? - BetterCAP
Which of the following Bluetooth hacking techniques refers to the theft of information from a wireless
device through Bluetooth? - Bluesnarfing
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many
patients are complaining that their personal medical records are fully exposed on the Internet and
someone can find them with a simple Google search. Bob's boss is very worried because of regulations
that protect those dat a. Which of the following regulations is mostly violated? - HIPPA/PHl
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email
messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network
with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based
on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This
cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the
algorithm employed by Harper to secure the email messages? - CAST-128
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not
encrypt email, leaving the information in the message vulnerable to being read by an unauthorized
person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by
SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over
TLS? - STARTTLS
What type of virus is most likely to remain undetected by antivirus software? - Stealth virus
