Page |1
Certified Ethical Hacker Questions and
Correct Answers/ Latest Update / Already
Graded
What threat type is a spouse, friend, or even client of an employee
who uses the employee's credentials to gain access?
Ans: Insider affiliate
Which port numbers are used for SNMP?
Ans: 161 and 162
Which port number is used for SSH?
Ans: 22
What is the darknet?
Ans: Network, software or service available outside of normal
internet traffic and search engines
Which type of password attack attempts every combination of
characters?
Ans: Brute force
All rights reserved © 2025/ 2026 |
, Page |2
Which type of attack splits the attack payload into many small
packets?
Ans: Session splicing
192.168.6.255/24 an example of which kind of reserved IP address?
Ans: A broadcast address
Which Common Criteria component defines how thoroughly the
product is tested?
Ans: Evaluation Assurance Level (EAL)
In which phase of an attack is the record of the attack wiped or
obscured?
Ans: Clearing Tracks
Which version of the SPAN switch configuration sends traffic from
multiple ports on multiple switches to a single switch port where the
IDS is located?
Ans: Remote SPAN (RSPAN)
All rights reserved © 2025/ 2026 |
, Page |3
What does an ICMP Type 3/Code 6 error message indicate?
Ans: Destination unreachable, because the router has no route
to the network on which the destination resides
In the command telnet 192.168.5.5 23, what does the number 23 stand
for?
Ans: Port number
What is the term for the tool or process used to exploit a threat?
Ans: Threat vector
Which program replaced ipchains in Linux 2.4x?
Ans: iptables
At which layer of the OSI model does an IP spoofing attack occur?
Ans: Network (Layer 3)
How do you prevent rule files from loading when snort is started?
Ans: Open the snort.config file and comment out all of the
rules you do not wish to use
All rights reserved © 2025/ 2026 |
, Page |4
Which file contains the options for the configuration of the Snort tool?
Ans: snort.config
Which type of NAT uses a one-to-many mapping model?
Ans: Port Address Translation (PAT)
Which Common Criteria component defines a standard set of security
requirements for a specific type of product?
Ans: Protection profile
Which security control can prevent data access by a hacker interacting
and modifying HTML on a web server?
Ans: File permissions
Which file system is susceptible to an attack that uses alternative data
streams?
Ans: NTFS
Which encryption algorithm is susceptible to a factorization attack?
All rights reserved © 2025/ 2026 |
Certified Ethical Hacker Questions and
Correct Answers/ Latest Update / Already
Graded
What threat type is a spouse, friend, or even client of an employee
who uses the employee's credentials to gain access?
Ans: Insider affiliate
Which port numbers are used for SNMP?
Ans: 161 and 162
Which port number is used for SSH?
Ans: 22
What is the darknet?
Ans: Network, software or service available outside of normal
internet traffic and search engines
Which type of password attack attempts every combination of
characters?
Ans: Brute force
All rights reserved © 2025/ 2026 |
, Page |2
Which type of attack splits the attack payload into many small
packets?
Ans: Session splicing
192.168.6.255/24 an example of which kind of reserved IP address?
Ans: A broadcast address
Which Common Criteria component defines how thoroughly the
product is tested?
Ans: Evaluation Assurance Level (EAL)
In which phase of an attack is the record of the attack wiped or
obscured?
Ans: Clearing Tracks
Which version of the SPAN switch configuration sends traffic from
multiple ports on multiple switches to a single switch port where the
IDS is located?
Ans: Remote SPAN (RSPAN)
All rights reserved © 2025/ 2026 |
, Page |3
What does an ICMP Type 3/Code 6 error message indicate?
Ans: Destination unreachable, because the router has no route
to the network on which the destination resides
In the command telnet 192.168.5.5 23, what does the number 23 stand
for?
Ans: Port number
What is the term for the tool or process used to exploit a threat?
Ans: Threat vector
Which program replaced ipchains in Linux 2.4x?
Ans: iptables
At which layer of the OSI model does an IP spoofing attack occur?
Ans: Network (Layer 3)
How do you prevent rule files from loading when snort is started?
Ans: Open the snort.config file and comment out all of the
rules you do not wish to use
All rights reserved © 2025/ 2026 |
, Page |4
Which file contains the options for the configuration of the Snort tool?
Ans: snort.config
Which type of NAT uses a one-to-many mapping model?
Ans: Port Address Translation (PAT)
Which Common Criteria component defines a standard set of security
requirements for a specific type of product?
Ans: Protection profile
Which security control can prevent data access by a hacker interacting
and modifying HTML on a web server?
Ans: File permissions
Which file system is susceptible to an attack that uses alternative data
streams?
Ans: NTFS
Which encryption algorithm is susceptible to a factorization attack?
All rights reserved © 2025/ 2026 |
