CEH V12 Questions || 100% Accurate Answers.
Attacker uses various IDS evasion techniques to bypass intrusion detection mechanisms. At the
same time, IDS is configured to detect possible violations of the security policy, including
unauthorized access and misuse. Which of the following evasion method depend on the Time-to-
Live (TTL) fields of a TCP/IP ? correct answers Insertion Attack
Which of the following is an encryption technique where data is encrypted by a sequence of
photons that have a spinning trait while traveling from one end to another? correct answers
Quantum cryptography
Determine the attack by the description:
Determine the attack by the description: The known-plaintext attack used against DES. This
attack causes that encrypting plaintext with one DES key followed by encrypting it with a second
DES key is no more secure than using a single key.
- correct answers Meet in the middle Attack
The evil hacker Antonio is trying to attack the IoT device. He will use several fake identities to
create a strong illusion of traffic congestion, affecting communication between neighboring
nodes and networks. What kind of attack does Antonio perform? correct answers Sybil Attack
Determine the attack according to the following scenario:
Benjamin performs a cloud attack during the translation of the SOAP message in the TLS layer.
He duplicates the body of the message and sends it to the server as a legitimate user. As a result
of these actions, Benjamin managed to access the server resources to unauthorized access.
correct answers Wrapping
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate network.
For this, he connects his router to the network and redirects traffic to intercept packets. What can
the administrator do to mitigate the attack? correct answers Add message authentication to the
routing table
, Which of the following option is a security feature on switches leverages the DHCP snooping
database to help prevent man-in-the-middle attacks? correct answers DAI
All the industrial control systems of your organization are connected to the Internet. Your
management wants to empower the manufacturing process, ensure the reliability of industrial
networks, and reduce downtime and service disruption. You have been assigned to find and
install an OT security tool that further protects against security incidents such as cyber
espionage, zero-day attacks, and malware.
Which of the following tools will you use to accomplish this task? correct answers Flowmon
Ivan, the evil hacker, decided to attack the cloud services of the target organization.
First of all, he decided to infiltrate the target's MSP provider by sending phishing emails that
distributed specially created malware. This program compromised users' credentials, and Ivan
managed to gain remote access to the cloud service. Further, he accessed the target customer
profiles with his MSP account, compressed the customer data, and stored them in the MSP. After
this, he used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Ivan perform? correct answers Cloude hopper
Percival, the evil hacker, found the contact number of cybersecuritycompany.org on the internet
and dialled the number, claiming himself to represent a technical support team from a vendor. He
informed an employee of cybersecuritycompany that a specific server would be compromised
and requested the employee to follow the provided instructions. Consequently, he prompted the
victim to execute unusual commands and install malicious files, which were then used to collect
and pass critical information to his machine.
Which of the following social engineering techniques did Percival use? correct answers Quid pro
quo
Identify wireless security protocol by description:
This wireless security protocol allows 192-bit minimum-strength security protocols and
cryptographic tools to protect sensitive data, such as 256-bit Galois/Counter Mode Protocol
(GCMP-256), 84-bit Hashed Message Authentication Mode with Secure Hash Algorithm
(HMAC-SHA384), and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit
elliptic curve. correct answers WPA3- Enterprise
Attacker uses various IDS evasion techniques to bypass intrusion detection mechanisms. At the
same time, IDS is configured to detect possible violations of the security policy, including
unauthorized access and misuse. Which of the following evasion method depend on the Time-to-
Live (TTL) fields of a TCP/IP ? correct answers Insertion Attack
Which of the following is an encryption technique where data is encrypted by a sequence of
photons that have a spinning trait while traveling from one end to another? correct answers
Quantum cryptography
Determine the attack by the description:
Determine the attack by the description: The known-plaintext attack used against DES. This
attack causes that encrypting plaintext with one DES key followed by encrypting it with a second
DES key is no more secure than using a single key.
- correct answers Meet in the middle Attack
The evil hacker Antonio is trying to attack the IoT device. He will use several fake identities to
create a strong illusion of traffic congestion, affecting communication between neighboring
nodes and networks. What kind of attack does Antonio perform? correct answers Sybil Attack
Determine the attack according to the following scenario:
Benjamin performs a cloud attack during the translation of the SOAP message in the TLS layer.
He duplicates the body of the message and sends it to the server as a legitimate user. As a result
of these actions, Benjamin managed to access the server resources to unauthorized access.
correct answers Wrapping
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate network.
For this, he connects his router to the network and redirects traffic to intercept packets. What can
the administrator do to mitigate the attack? correct answers Add message authentication to the
routing table
, Which of the following option is a security feature on switches leverages the DHCP snooping
database to help prevent man-in-the-middle attacks? correct answers DAI
All the industrial control systems of your organization are connected to the Internet. Your
management wants to empower the manufacturing process, ensure the reliability of industrial
networks, and reduce downtime and service disruption. You have been assigned to find and
install an OT security tool that further protects against security incidents such as cyber
espionage, zero-day attacks, and malware.
Which of the following tools will you use to accomplish this task? correct answers Flowmon
Ivan, the evil hacker, decided to attack the cloud services of the target organization.
First of all, he decided to infiltrate the target's MSP provider by sending phishing emails that
distributed specially created malware. This program compromised users' credentials, and Ivan
managed to gain remote access to the cloud service. Further, he accessed the target customer
profiles with his MSP account, compressed the customer data, and stored them in the MSP. After
this, he used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Ivan perform? correct answers Cloude hopper
Percival, the evil hacker, found the contact number of cybersecuritycompany.org on the internet
and dialled the number, claiming himself to represent a technical support team from a vendor. He
informed an employee of cybersecuritycompany that a specific server would be compromised
and requested the employee to follow the provided instructions. Consequently, he prompted the
victim to execute unusual commands and install malicious files, which were then used to collect
and pass critical information to his machine.
Which of the following social engineering techniques did Percival use? correct answers Quid pro
quo
Identify wireless security protocol by description:
This wireless security protocol allows 192-bit minimum-strength security protocols and
cryptographic tools to protect sensitive data, such as 256-bit Galois/Counter Mode Protocol
(GCMP-256), 84-bit Hashed Message Authentication Mode with Secure Hash Algorithm
(HMAC-SHA384), and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit
elliptic curve. correct answers WPA3- Enterprise
