Certified Ethical Hacker (CEH) ACTUAL
Exam Questions and CORRECT Answers
In which type of attack are passwords never cracked?
A. Cryptography attacks
B. Brute-force attacks
C. Replay attacks
D. John the Ripper attacks - CORRECT ANSWER- C
If the password is 7 characters or less, then the second half of the LM hash is always:
A. 0xAAD3B435B51404EE
B. 0xAAD3B435B51404AA
C. 0xAAD3B435B51404BB
D. 0xAAD3B435B51404CC - CORRECT ANSWER- A
. What defensive measures will you take to protect your network from password brute-force
attacks? (Choose all that apply.)
A. Never leave a default password.
B. Never use a password that can be found in a dictionary.
C. Never use a password related to the hostname, domain name, or anything else that can
be found with Whois.
D. Never use a password related to your hobbies, pets, relatives, or date of birth.
E. Use a word that has more than 21 characters from a dictionary as the password. - CORRECT
ANSWER- A,B,C,D
Which of the following is the act intended to prevent spam emails?
A. 1990 Computer Misuse Act
B. Spam Prevention Act
,C. US-Spam 1030 Act
D. CANSPAM Act - CORRECT ANSWER- D
5. _____ is a Cisco IOS mechanism that examines packets on Layers 4 to 7.
A. Network-Based Application Recognition (NBAR)
B. Denial-of-Service Filter (DOSF)
C. Rule Filter Application Protocol (RFAP)
D. Signature-Based Access List (SBAL) - CORRECT ANSWER- A
6. What filter in Ethereal will you use to view Hotmail messages?
A. (http contains "e‑mail") && (http contains "hotmail")
B. (http contains "hotmail") && (http contains "Reply-To")
C. (http = "login.passport.com") && (http contains "SMTP")
D. (http = "login.passport.com") && (http contains "POP3") - CORRECT ANSWER- B
7. Who are the primary victims of SMURF attacks on the Internet?
A. IRC servers
B. IDS devices
C. Mail servers
D. SPAM filters - CORRECT ANSWER- A
8. What type of attacks target DNS servers directly?
A. DNS forward lookup attacks
B. DNS cache poisoning attacks
C. DNS reverse connection attacks
D. DNS reflector and amplification attack - CORRECT ANSWER- D
9. TCP/IP session hijacking is carried out in which OSI layer?
, A. Transport layer
B. Datalink layer
C. Network layer
D. Physical layer - CORRECT ANSWER- A
10. What is the term used in serving different types of web pages based on the user's IP
address?
A. Mirroring website
B. Website filtering
C. IP access blockade
D. Website cloaking - CORRECT ANSWER- D
11. True or False: Data is sent over the network as cleartext (unencrypted) when Basic
Authentication is configured on web servers.
A. True
B. False - CORRECT ANSWER- A
12. What is the countermeasure against XSS scripting?
A. Create an IP access list and restrict connections based on port number.
B. Replace < and > characters with < and > using server scripts.
C. Disable JavaScript in Internet Explorer and Firefox browsers.
D. Connect to the server using HTTPS protocol instead of HTTP. - CORRECT ANSWER- B
13. How would you prevent a user from connecting to the corporate network via their home
computer and attempting to use a VPN to gain access to the corporate LAN?
A. Enforce Machine Authentication and disable VPN access to all your employee accounts
from any machine other than corporate-issued PCs.
B. Allow VPN access but replace the standard authentication with biometric authentication.
Exam Questions and CORRECT Answers
In which type of attack are passwords never cracked?
A. Cryptography attacks
B. Brute-force attacks
C. Replay attacks
D. John the Ripper attacks - CORRECT ANSWER- C
If the password is 7 characters or less, then the second half of the LM hash is always:
A. 0xAAD3B435B51404EE
B. 0xAAD3B435B51404AA
C. 0xAAD3B435B51404BB
D. 0xAAD3B435B51404CC - CORRECT ANSWER- A
. What defensive measures will you take to protect your network from password brute-force
attacks? (Choose all that apply.)
A. Never leave a default password.
B. Never use a password that can be found in a dictionary.
C. Never use a password related to the hostname, domain name, or anything else that can
be found with Whois.
D. Never use a password related to your hobbies, pets, relatives, or date of birth.
E. Use a word that has more than 21 characters from a dictionary as the password. - CORRECT
ANSWER- A,B,C,D
Which of the following is the act intended to prevent spam emails?
A. 1990 Computer Misuse Act
B. Spam Prevention Act
,C. US-Spam 1030 Act
D. CANSPAM Act - CORRECT ANSWER- D
5. _____ is a Cisco IOS mechanism that examines packets on Layers 4 to 7.
A. Network-Based Application Recognition (NBAR)
B. Denial-of-Service Filter (DOSF)
C. Rule Filter Application Protocol (RFAP)
D. Signature-Based Access List (SBAL) - CORRECT ANSWER- A
6. What filter in Ethereal will you use to view Hotmail messages?
A. (http contains "e‑mail") && (http contains "hotmail")
B. (http contains "hotmail") && (http contains "Reply-To")
C. (http = "login.passport.com") && (http contains "SMTP")
D. (http = "login.passport.com") && (http contains "POP3") - CORRECT ANSWER- B
7. Who are the primary victims of SMURF attacks on the Internet?
A. IRC servers
B. IDS devices
C. Mail servers
D. SPAM filters - CORRECT ANSWER- A
8. What type of attacks target DNS servers directly?
A. DNS forward lookup attacks
B. DNS cache poisoning attacks
C. DNS reverse connection attacks
D. DNS reflector and amplification attack - CORRECT ANSWER- D
9. TCP/IP session hijacking is carried out in which OSI layer?
, A. Transport layer
B. Datalink layer
C. Network layer
D. Physical layer - CORRECT ANSWER- A
10. What is the term used in serving different types of web pages based on the user's IP
address?
A. Mirroring website
B. Website filtering
C. IP access blockade
D. Website cloaking - CORRECT ANSWER- D
11. True or False: Data is sent over the network as cleartext (unencrypted) when Basic
Authentication is configured on web servers.
A. True
B. False - CORRECT ANSWER- A
12. What is the countermeasure against XSS scripting?
A. Create an IP access list and restrict connections based on port number.
B. Replace < and > characters with < and > using server scripts.
C. Disable JavaScript in Internet Explorer and Firefox browsers.
D. Connect to the server using HTTPS protocol instead of HTTP. - CORRECT ANSWER- B
13. How would you prevent a user from connecting to the corporate network via their home
computer and attempting to use a VPN to gain access to the corporate LAN?
A. Enforce Machine Authentication and disable VPN access to all your employee accounts
from any machine other than corporate-issued PCs.
B. Allow VPN access but replace the standard authentication with biometric authentication.
