CEHv12 Simulated Exam - Set B / Most
Recent Version / Focused Questions and
Verified Answers / Guaranteed Pass /
Already Rated A+
Which of the following is the regulation that specifies the
requirements for establishing, implementing, maintaining, and
continually improving an information security management system
within the context of an organization?
A: The Federal Information Security Management Act (FISMA)
B: ISO/IEC 27001:2013
C: The Digital Millennium Copyright Act (DMCA)
D: Sarbanes Oxley Act (SOX)
B: ISO/IEC 27001:2013
A hacker is attempting to see which protocols are supported by target
machines or network. Which NMAP switch would the hacker use?
A: -sO
B: -sT
C: -sS
D: -sU
A: -sO
Jim, a professional hacker, launched an APT attack on an
organization. He was successful in entering the target network and
extending access in the target network. He is now maintaining access
with the use of customized malware and repackaging tools.
Which of the following phases of the APT lifecycle involves
maintaining access to the target system, starting from evading
endpoint security devices, until there is no further use of the data and
assets?
A: Preparation
B: Cleanup
C: Initial intrusion
D: Persistence
,D: Persistence
A hacker is attempting to use nslookup to query domain name service
(DNS). The hacker uses the nslookup interactive mode for the search.
Which command should the hacker type into the command shell to
request the appropriate records?
A: Locate type=ns
B: Request type=ns
C: Set type=ns
D: Transfer type=ns
C: Set type=ns
An attacker uses the following SQL query to perform an SQL injection
attackSELECT * FROM users WHERE name - '' OR '1'='1';Identify the
type of SQL injection attack performed
A: Tautology
B: Illegal/logically incorrect query
C: UNION SQL injection
D: End-of-line comment
A: Tautology
Denis is looking at an older system that uses DES encryption. A
colleague has told him that DES is insecure due to its short key size.
What is the key length used for DES?
A: 56
B: 64
C: 128
D: 256
A: 56
Which of the following tools is designed to capture a WPA/WPA2
handshake and act as an ad-hoc AP?
A: Airmon-ng
B: Airbase-ng
C: Airolib-ng
D: Airodump-ng
B: Airbase-ng
,select
An attacker sniffs encrypted traffic from the network and is
subsequently able to decrypt it. Which cryptanalytic technique can
the attacker use now in his attempt to discover the encryption key?
A: Birthday attack
B: Known plaintext attack
C: Meet in the middle attack
D: Chosen ciphertext attack
D: Chosen ciphertext attack
Which of the following attacks helps an attacker bypass a same-origin
policy's security constraints, allowing a malicious web page to
communicate or make arbitrary requests to local domains?
A: MarioNet attack
B: Watering hole attack
C: Clickjacking attack
D: DNS rebinding attack
D: DNS rebinding attack
Which of the following techniques is used by an attacker to access all
of an application's functionalities and employs an intercepting proxy
to monitor all requests and responses?
A: Web spidering/crawling
B: Banner grabbing
C: Attacker-directed spidering
D: DNS interrogation
A: Web spidering/crawling
Which of the following hping command performs UDP scan on port
80?
A: hping3 -2 <IP Address> -p 80
B: hping3 -1 <IP Address> -p 80
C: hping3 -A <IP Address> -p 80
D: hping3 -F -P -U <IP Address> -p 80
A: hping3 -2 <IP Address> -p 80
Which of the following vulnerability assessment phases involves
tasks such as system rescanning, dynamic analysis, and attack
, surface reviewing?
A: Verification
B: Remediation
C: Monitoring
D: Risk assessment
A: Verification
In which of the following methods does an attacker leverage headers
such as Host in the HTTP request message to crack passwords?
A: Brute-forcing
B: Password guessing
C: Attack password reset mechanism
D: "Remember Me" exploit
C: Attack password reset mechanism
Which of the following types of antennas is useful for transmitting
weak radio signals over very long distances - on the order of 10
miles?
A: Omnidirectional
B: Parabolic grid
C: Unidirectional
D: Bidirectional
B: Parabolic grid
Which of the following attack techniques uses the cryptanalytic time-
memory trade-off and requires less time than other techniques?
A: Rainbow table attack
B: Distributed network attack
C: Toggle-case attack
D: PRINCE attack
A: Rainbow table attack
Which type of assessment tools are used to find and identify
previously unknown vulnerabilities in a system?
A: Depth assessment tools
B: Scope assessment tools
Recent Version / Focused Questions and
Verified Answers / Guaranteed Pass /
Already Rated A+
Which of the following is the regulation that specifies the
requirements for establishing, implementing, maintaining, and
continually improving an information security management system
within the context of an organization?
A: The Federal Information Security Management Act (FISMA)
B: ISO/IEC 27001:2013
C: The Digital Millennium Copyright Act (DMCA)
D: Sarbanes Oxley Act (SOX)
B: ISO/IEC 27001:2013
A hacker is attempting to see which protocols are supported by target
machines or network. Which NMAP switch would the hacker use?
A: -sO
B: -sT
C: -sS
D: -sU
A: -sO
Jim, a professional hacker, launched an APT attack on an
organization. He was successful in entering the target network and
extending access in the target network. He is now maintaining access
with the use of customized malware and repackaging tools.
Which of the following phases of the APT lifecycle involves
maintaining access to the target system, starting from evading
endpoint security devices, until there is no further use of the data and
assets?
A: Preparation
B: Cleanup
C: Initial intrusion
D: Persistence
,D: Persistence
A hacker is attempting to use nslookup to query domain name service
(DNS). The hacker uses the nslookup interactive mode for the search.
Which command should the hacker type into the command shell to
request the appropriate records?
A: Locate type=ns
B: Request type=ns
C: Set type=ns
D: Transfer type=ns
C: Set type=ns
An attacker uses the following SQL query to perform an SQL injection
attackSELECT * FROM users WHERE name - '' OR '1'='1';Identify the
type of SQL injection attack performed
A: Tautology
B: Illegal/logically incorrect query
C: UNION SQL injection
D: End-of-line comment
A: Tautology
Denis is looking at an older system that uses DES encryption. A
colleague has told him that DES is insecure due to its short key size.
What is the key length used for DES?
A: 56
B: 64
C: 128
D: 256
A: 56
Which of the following tools is designed to capture a WPA/WPA2
handshake and act as an ad-hoc AP?
A: Airmon-ng
B: Airbase-ng
C: Airolib-ng
D: Airodump-ng
B: Airbase-ng
,select
An attacker sniffs encrypted traffic from the network and is
subsequently able to decrypt it. Which cryptanalytic technique can
the attacker use now in his attempt to discover the encryption key?
A: Birthday attack
B: Known plaintext attack
C: Meet in the middle attack
D: Chosen ciphertext attack
D: Chosen ciphertext attack
Which of the following attacks helps an attacker bypass a same-origin
policy's security constraints, allowing a malicious web page to
communicate or make arbitrary requests to local domains?
A: MarioNet attack
B: Watering hole attack
C: Clickjacking attack
D: DNS rebinding attack
D: DNS rebinding attack
Which of the following techniques is used by an attacker to access all
of an application's functionalities and employs an intercepting proxy
to monitor all requests and responses?
A: Web spidering/crawling
B: Banner grabbing
C: Attacker-directed spidering
D: DNS interrogation
A: Web spidering/crawling
Which of the following hping command performs UDP scan on port
80?
A: hping3 -2 <IP Address> -p 80
B: hping3 -1 <IP Address> -p 80
C: hping3 -A <IP Address> -p 80
D: hping3 -F -P -U <IP Address> -p 80
A: hping3 -2 <IP Address> -p 80
Which of the following vulnerability assessment phases involves
tasks such as system rescanning, dynamic analysis, and attack
, surface reviewing?
A: Verification
B: Remediation
C: Monitoring
D: Risk assessment
A: Verification
In which of the following methods does an attacker leverage headers
such as Host in the HTTP request message to crack passwords?
A: Brute-forcing
B: Password guessing
C: Attack password reset mechanism
D: "Remember Me" exploit
C: Attack password reset mechanism
Which of the following types of antennas is useful for transmitting
weak radio signals over very long distances - on the order of 10
miles?
A: Omnidirectional
B: Parabolic grid
C: Unidirectional
D: Bidirectional
B: Parabolic grid
Which of the following attack techniques uses the cryptanalytic time-
memory trade-off and requires less time than other techniques?
A: Rainbow table attack
B: Distributed network attack
C: Toggle-case attack
D: PRINCE attack
A: Rainbow table attack
Which type of assessment tools are used to find and identify
previously unknown vulnerabilities in a system?
A: Depth assessment tools
B: Scope assessment tools
