CEH V12 Questions WITH CORRECT
|\ |\ |\ |\ |\
ANSWERS
Attacker uses various IDS evasion techniques to bypass intrusion
|\ |\ |\ |\ |\ |\ |\ |\ |\
detection mechanisms. At the same time, IDS is configured to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
detect possible violations of the security policy, including
|\ |\ |\ |\ |\ |\ |\ |\
unauthorized access and misuse. Which of the following evasion |\ |\ |\ |\ |\ |\ |\ |\ |\
method depend on the Time-to-Live (TTL) fields of a TCP/IP ? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Insertion Attack |\ |\ |\
Which of the following is an encryption technique where data is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
encrypted by a sequence of photons that have a spinning trait
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
while traveling from one end to another? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
✔✔Quantum cryptography |\
Determine the attack by the description: |\ |\ |\ |\ |\
Determine the attack by the description: The known-plaintext
|\ |\ |\ |\ |\ |\ |\ |\
attack used against DES. This attack causes that encrypting
|\ |\ |\ |\ |\ |\ |\ |\ |\
plaintext with one DES key followed by encrypting it with a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
second DES key is no more secure than using a single key.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
- - CORRECT ANSWERS ✔✔Meet in the middle Attack
|\ |\ |\ |\ |\ |\ |\ |\
The evil hacker Antonio is trying to attack the IoT device. He will
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
use several fake identities to create a strong illusion of traffic
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
congestion, affecting communication between neighboring nodes
|\ |\ |\ |\ |\ |\
and networks. What kind of attack does Antonio perform? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Sybil Attack |\ |\ |\
,Determine the attack according to the following scenario: |\ |\ |\ |\ |\ |\ |\
Benjamin performs a cloud attack during the translation of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
SOAP message in the TLS layer. He duplicates the body of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
message and sends it to the server as a legitimate user. As a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
result of these actions, Benjamin managed to access the server
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
resources to unauthorized access. - CORRECT ANSWERS |\ |\ |\ |\ |\ |\ |\
✔✔Wrapping
Black hat hacker Ivan wants to implement a man-in-the-middle
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack on the corporate network. For this, he connects his router
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to the network and redirects traffic to intercept packets. What
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
can the administrator do to mitigate the attack? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Add message authentication to the routing table |\ |\ |\ |\ |\ |\ |\
Which of the following option is a security feature on switches
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
leverages the DHCP snooping database to help prevent man-in-
|\ |\ |\ |\ |\ |\ |\ |\
the-middle attacks? - CORRECT ANSWERS ✔✔DAI |\ |\ |\ |\ |\
All the industrial control systems of your organization are
|\ |\ |\ |\ |\ |\ |\ |\ |\
connected to the Internet. Your management wants to empower |\ |\ |\ |\ |\ |\ |\ |\ |\
the manufacturing process, ensure the reliability of industrial
|\ |\ |\ |\ |\ |\ |\ |\
networks, and reduce downtime and service disruption. You have
|\ |\ |\ |\ |\ |\ |\ |\ |\
been assigned to find and install an OT security tool that further
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
protects against security incidents such as cyber espionage, zero-
|\ |\ |\ |\ |\ |\ |\ |\
day attacks, and malware.
|\ |\ |\
Which of the following tools will you use to accomplish this task?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
- CORRECT ANSWERS ✔✔Flowmon
|\ |\ |\ |\
, Ivan, the evil hacker, decided to attack the cloud services of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target organization.|\ |\
First of all, he decided to infiltrate the target's MSP provider by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
sending phishing emails that distributed specially created
|\ |\ |\ |\ |\ |\ |\
malware. This program compromised users' credentials, and Ivan
|\ |\ |\ |\ |\ |\ |\ |\
managed to gain remote access to the cloud service. Further, he
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
accessed the target customer profiles with his MSP account,
|\ |\ |\ |\ |\ |\ |\ |\ |\
compressed the customer data, and stored them in the MSP. After
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this, he used this information to launch further attacks on the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target organization.|\ |\
Which of the following cloud attacks did Ivan perform? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Cloude hopper |\ |\ |\
Percival, the evil hacker, found the contact number of
|\ |\ |\ |\ |\ |\ |\ |\ |\
cybersecuritycompany.org on the internet and dialled the |\ |\ |\ |\ |\ |\ |\
number, claiming himself to represent a technical support team
|\ |\ |\ |\ |\ |\ |\ |\ |\
from a vendor. He informed an employee of
|\ |\ |\ |\ |\ |\ |\ |\
cybersecuritycompany that a specific server would be |\ |\ |\ |\ |\ |\ |\
compromised and requested the employee to follow the provided |\ |\ |\ |\ |\ |\ |\ |\
instructions. Consequently, he prompted the victim to execute
|\ |\ |\ |\ |\ |\ |\ |\ |\
unusual commands and install malicious files, which were then
|\ |\ |\ |\ |\ |\ |\ |\ |\
used to collect and pass critical information to his machine.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following social engineering techniques did Percival
|\ |\ |\ |\ |\ |\ |\ |\ |\
use? - CORRECT ANSWERS ✔✔Quid pro quo
|\ |\ |\ |\ |\ |\
Identify wireless security protocol by description:
|\ |\ |\ |\ |\
This wireless security protocol allows 192-bit minimum-strength
|\ |\ |\ |\ |\ |\ |\
security protocols and cryptographic tools to protect sensitive
|\ |\ |\ |\ |\ |\ |\ |\
data, such as 256-bit Galois/Counter Mode Protocol (GCMP-256),
|\ |\ |\ |\ |\ |\ |\ |\
84-bit Hashed Message Authentication Mode with Secure Hash
|\ |\ |\ |\ |\ |\ |\ |\
Algorithm (HMAC-SHA384), and Elliptic Curve Digital Signature
|\ |\ |\ |\ |\ |\ |\
|\ |\ |\ |\ |\
ANSWERS
Attacker uses various IDS evasion techniques to bypass intrusion
|\ |\ |\ |\ |\ |\ |\ |\ |\
detection mechanisms. At the same time, IDS is configured to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
detect possible violations of the security policy, including
|\ |\ |\ |\ |\ |\ |\ |\
unauthorized access and misuse. Which of the following evasion |\ |\ |\ |\ |\ |\ |\ |\ |\
method depend on the Time-to-Live (TTL) fields of a TCP/IP ? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Insertion Attack |\ |\ |\
Which of the following is an encryption technique where data is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
encrypted by a sequence of photons that have a spinning trait
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
while traveling from one end to another? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
✔✔Quantum cryptography |\
Determine the attack by the description: |\ |\ |\ |\ |\
Determine the attack by the description: The known-plaintext
|\ |\ |\ |\ |\ |\ |\ |\
attack used against DES. This attack causes that encrypting
|\ |\ |\ |\ |\ |\ |\ |\ |\
plaintext with one DES key followed by encrypting it with a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
second DES key is no more secure than using a single key.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
- - CORRECT ANSWERS ✔✔Meet in the middle Attack
|\ |\ |\ |\ |\ |\ |\ |\
The evil hacker Antonio is trying to attack the IoT device. He will
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
use several fake identities to create a strong illusion of traffic
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
congestion, affecting communication between neighboring nodes
|\ |\ |\ |\ |\ |\
and networks. What kind of attack does Antonio perform? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Sybil Attack |\ |\ |\
,Determine the attack according to the following scenario: |\ |\ |\ |\ |\ |\ |\
Benjamin performs a cloud attack during the translation of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
SOAP message in the TLS layer. He duplicates the body of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
message and sends it to the server as a legitimate user. As a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
result of these actions, Benjamin managed to access the server
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
resources to unauthorized access. - CORRECT ANSWERS |\ |\ |\ |\ |\ |\ |\
✔✔Wrapping
Black hat hacker Ivan wants to implement a man-in-the-middle
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack on the corporate network. For this, he connects his router
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to the network and redirects traffic to intercept packets. What
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
can the administrator do to mitigate the attack? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Add message authentication to the routing table |\ |\ |\ |\ |\ |\ |\
Which of the following option is a security feature on switches
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
leverages the DHCP snooping database to help prevent man-in-
|\ |\ |\ |\ |\ |\ |\ |\
the-middle attacks? - CORRECT ANSWERS ✔✔DAI |\ |\ |\ |\ |\
All the industrial control systems of your organization are
|\ |\ |\ |\ |\ |\ |\ |\ |\
connected to the Internet. Your management wants to empower |\ |\ |\ |\ |\ |\ |\ |\ |\
the manufacturing process, ensure the reliability of industrial
|\ |\ |\ |\ |\ |\ |\ |\
networks, and reduce downtime and service disruption. You have
|\ |\ |\ |\ |\ |\ |\ |\ |\
been assigned to find and install an OT security tool that further
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
protects against security incidents such as cyber espionage, zero-
|\ |\ |\ |\ |\ |\ |\ |\
day attacks, and malware.
|\ |\ |\
Which of the following tools will you use to accomplish this task?
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
- CORRECT ANSWERS ✔✔Flowmon
|\ |\ |\ |\
, Ivan, the evil hacker, decided to attack the cloud services of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target organization.|\ |\
First of all, he decided to infiltrate the target's MSP provider by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
sending phishing emails that distributed specially created
|\ |\ |\ |\ |\ |\ |\
malware. This program compromised users' credentials, and Ivan
|\ |\ |\ |\ |\ |\ |\ |\
managed to gain remote access to the cloud service. Further, he
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
accessed the target customer profiles with his MSP account,
|\ |\ |\ |\ |\ |\ |\ |\ |\
compressed the customer data, and stored them in the MSP. After
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this, he used this information to launch further attacks on the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target organization.|\ |\
Which of the following cloud attacks did Ivan perform? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Cloude hopper |\ |\ |\
Percival, the evil hacker, found the contact number of
|\ |\ |\ |\ |\ |\ |\ |\ |\
cybersecuritycompany.org on the internet and dialled the |\ |\ |\ |\ |\ |\ |\
number, claiming himself to represent a technical support team
|\ |\ |\ |\ |\ |\ |\ |\ |\
from a vendor. He informed an employee of
|\ |\ |\ |\ |\ |\ |\ |\
cybersecuritycompany that a specific server would be |\ |\ |\ |\ |\ |\ |\
compromised and requested the employee to follow the provided |\ |\ |\ |\ |\ |\ |\ |\
instructions. Consequently, he prompted the victim to execute
|\ |\ |\ |\ |\ |\ |\ |\ |\
unusual commands and install malicious files, which were then
|\ |\ |\ |\ |\ |\ |\ |\ |\
used to collect and pass critical information to his machine.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following social engineering techniques did Percival
|\ |\ |\ |\ |\ |\ |\ |\ |\
use? - CORRECT ANSWERS ✔✔Quid pro quo
|\ |\ |\ |\ |\ |\
Identify wireless security protocol by description:
|\ |\ |\ |\ |\
This wireless security protocol allows 192-bit minimum-strength
|\ |\ |\ |\ |\ |\ |\
security protocols and cryptographic tools to protect sensitive
|\ |\ |\ |\ |\ |\ |\ |\
data, such as 256-bit Galois/Counter Mode Protocol (GCMP-256),
|\ |\ |\ |\ |\ |\ |\ |\
84-bit Hashed Message Authentication Mode with Secure Hash
|\ |\ |\ |\ |\ |\ |\ |\
Algorithm (HMAC-SHA384), and Elliptic Curve Digital Signature
|\ |\ |\ |\ |\ |\ |\
