Examen

CEH V12 Exam Version 2 (Latest 2024/ 2025 Update) Qs & As | Grade A| 100% Correct (Verified Answers)

Puntuación

Vendido

Páginas

Grado

A+

Subido en

17-09-2024

Escrito en

2024/2025

CEH V12 Exam Version 2 (Latest 2024/ 2025 Update) Qs & As | Grade A| 100% Correct (Verified Answers) Q: Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual reconnaissance scans to obtain basic information about their network. When analyzing the results of her Whois search, Becky notices that the IP was allocated to a location in Le Havre, France. Which regional Internet registry should Becky go to for detailed information? A. ARIN B. LACNIC C. APNIC D. RIPE Answer: RIPE Q: Harry, a professional hacker, targets the IT infrastructure of an organiza- tion. After preparing for the attack, he attempts to enter the target network us- ing techniques such as sending spear-phishing emails and exploiting vulnera- bilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection. What is the APT lifecycle phase that Harry is currently executing? A. Initial intrusion B. Persistence C. Cleanup D. Preparation Answer: Initial Intrusion Q: Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process, Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch in the network so that he could make it a root bridge that will later allow him to sniff all the traffic in the network. What is the attack performed by Robin in the above scenario? A. ARP spoofing attack B. STP attack C. DNS poisoning attack D. VLAN hopping attack Answer: STP attack Q: An attacker utilizes a Wi-Fi Pineapple to run an access point with a le- gitimate-looking SSID for a nearby business in order to capture the wireless password. What kind of attack is this? A. MAC spoofing attack B. War driving attack C. Phishing attack D. Evil-twin attack Answer: Evil-twin attack Q: CyberTech Inc. recently experienced SQL injection attacks on its official website. The company appointed Bob, a security professional, to build and incorporate defensive strategies against such attacks. Bob adopted a practice whereby only a list of entities such as the data type, range, size, and value, which have been approved for secured access, is accepted. What is the defensive technique employed by Bob in the above scenario? A. Whitelist validation B. Output encoding C. Blacklist validation D. Enforce least privileges Answer: Whitelist validation Q: Joe works as an IT administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider. In the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario? A. Cloud consumer B. Cloud broker C. Cloud auditor D. Cloud carrier Answer: Cloud carrier Q: Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this vir- tual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session. Upon receiving the user's request, Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario? A. aLTEr attack B. Jamming signal attack C. Wardriving D. KRACK attack Answer: aLTEr attack Q: John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anony- mously query the LDAP service for sensitive information such as usernames, addresses, departmental details, and server names to launch further attacks on the target organization. What is the tool employed by John to gather information from the LDAP service? A. ike-scan B. Zabasearch C. JXplorer D. EarthExplorer Answer: JXplorer Q: Annie, a cloud security engineer, uses the Docker architecture to employ a client/server model in the application she is working on. She utilizes a component that can process API requests and handle various Docker objects, such as containers, volumes, images, and networks. What is the component of the Docker architecture used by Annie in the above scenario? A. Docker objects B. Docker daemon C. Docker client D. Docker registries Answer: Docker daemon Q: Bob, an attacker, has managed to access a target IoT device. He employed an online tool to gather information related to the model of the IoT device and the certifications granted to it. Which of the following tools did Bob employ to gather the above information? A. FCC ID search B. Google image search C. D. EarthExplorer Answer: FCC ID search Q: What piece of hardware on a computer's motherboard generates encryp- tion keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible? A. CPU B. UEFI C. GPU D. TPM Answer: TPM Q: Gilbert, a web developer, uses a centralized we

Mostrar más Leer menos

Institución

CEH V12

Grado

CEH V12

Ups! No podemos cargar tu documento ahora. Inténtalo de nuevo o contacta con soporte.

Informar violación de derechos de autor

Escuela, estudio y materia

Institución: CEH V12
Grado: CEH V12

Información del documento

Subido en: 17 de septiembre de 2024
Número de páginas: 44
Escrito en: 2024/2025
Tipo: Examen
Contiene: Preguntas y respuestas

Temas

certified ethical hacker v12 ceh v12
ceh v12 exam version 2 latest update
gilbert a web developer uses a centr
becky has been hired by a client from dubai to per

Vista previa del contenido

CEHIV12IExamIVersionI2I(LatestI2024/
I2025IUpdate)IQsI&IAsI|IGradeIA|I100%I
CorrectI(VerifiedIAnswers)

Q:IBeckyIhasIbeenIhiredIbyIaIclientIfromIDubaiItoIperformIaIpenetrationItestIagainstIoneIof
ItheirIremoteIoffices.IWorkingIfromIherIlocationIinIColumbus,IOhio,IBeckyIrunsIherIusualIrec
onnaissanceIscansItoIobtainIbasicIinformationIaboutItheirInetwork.IWhenIanalyzingItheIresults
IofIherIWhoisIsearch,IBeckyInoticesIthatItheIIPIwasIallocatedItoIaIlocationIinILeIHavre,IFranc
e.IWhichIregionalIInternetIregistryIshouldIBeckyIgoItoIforIdetailedIinformation?
A.IARIN
B.ILACNIC
I
C.IAPNIC
D.IRIPE

Answer:
IRIPE

Q:IHarry,IaIprofessionalIhacker,ItargetsItheIITIinfrastructureIofIanIorganiza-
Ition.IAfterIpreparingIforItheIattack,IheIattemptsItoIenterItheItargetInetworkIus-
IingItechniquesIsuchIasIsendingIspear-phishingIemailsIandIexploitingIvulnera-
IbilitiesIonIpubliclyIavailableIservers.IUsingItheseItechniques,IheIsuccessfullyIdeployedImalwa
reIonItheItargetIsystemItoIestablishIanIoutboundIconnection.IWhatIisItheIAPTIlifecycleIphaseIt
hatIHarryIisIcurrentlyIexecuting?
A.IInitialIintrusion
B.IPersistence
C.ICleanup
D.IPreparation

Answer:
IInitialIIntrusion

,Q:IRobin,IaIprofessionalIhacker,ItargetedIanIorganization'sInetworkItoIsniffIallItheItraffic.ID
uringIthisIprocess,IRobinIpluggedIinIaIrogueIswitchItoIanIunusedIportIinItheILANIwithIaIprior
ityIlowerIthanIanyIotherIswitchIinItheInetworkIsoIthatIheIcouldImakeIitIaIrootIbridgeIthatIwill
IlaterIallowIhimItoIsniffIallItheItrafficIinItheInetwork.IWhatIisItheIattackIperformedIbyIRobinIi
nItheIaboveIscenario?
A.IARPIspoofingIattack
B.ISTPIattack
C.IDNSIpoisoningIattack
D.IVLANIhoppingIattack

Answer:
ISTPIattack

Q:IAnIattackerIutilizesIaIWi-FiIPineappleItoIrunIanIaccessIpointIwithIaIle-Igitimate-
lookingISSIDIforIaInearbyIbusinessIinIorderItoIcaptureItheIwirelessIpassword.IWhatIkindIofIat
tackIisIthis?
A.IMACIspoofingIattack
B.IWarIdrivingIattack
C.IPhishingIattack
D.IEvil-twinIattack

Answer:
IEvil-twinIattack

Q:ICyberTechIInc.IrecentlyIexperiencedISQLIinjectionIattacksIonIitsIofficialIwebsite.ITheIco
mpanyIappointedIBob,IaIsecurityIprofessional,ItoIbuildIandIincorporateIdefensiveIstrategiesIag
ainstIsuchIattacks.IBobIadoptedIaIpracticeIwherebyIonlyIaIlistIofIentitiesIsuchIasItheIdataItype,
Irange,Isize,IandIvalue,IwhichIhaveIbeenIapprovedIforIsecuredIaccess,IisIaccepted.IWhatIisIthe
IdefensiveItechniqueIemployedIbyIBobIinItheIaboveIscenario?
A.IWhitelistIvalidation
I
B.IOutputIencoding
C.IBlacklistIvalidation
D.IEnforceIleastIprivileges

Answer:
IWhitelistIvalidation

,Q:IJoeIworksIasIanIITIadministratorIinIanIorganizationIandIhasIrecentlyIsetIupIaIcloudIcomp
utingIserviceIforItheIorganization.IToIimplementIthisIservice,IheIreachedIoutItoIaItelecomIcom
panyIforIprovidingIInternetIconnectivityIandItransportIservicesIbetweenItheIorganizationIandIt
heIcloudIserviceIprovider.IInItheINISTIcloudIdeploymentIreferenceIarchitecture,IunderIwhichIc
ategoryIdoesItheItelecomIcompanyIfallIinItheIaboveIscenario?
A.ICloudIconsumer
B.ICloudIbroker
C.ICloudIauditor
D.ICloudIcarrier

Answer:
ICloudIcarrier

Q:IBobby,IanIattacker,ItargetedIaIuserIandIdecidedItoIhijackIandIinterceptIallItheirIwirelessIc
ommunications.IHeIinstalledIaIfakeIcommunicationItowerIbetweenItwoIauthenticIendpointsItoI
misleadItheIvictim.IBobbyIusedIthisIvir-
ItualItowerItoIinterruptItheIdataItransmissionIbetweenItheIuserIandIrealItower,IattemptingItoIhi
jackIanIactiveIsession.IUponIreceivingItheIuser'sIrequest,IBobbyImanipulatedItheItrafficIwithIt
heIvirtualItowerIandIredirectedItheIvictimItoIaImaliciousIwebsite.
WhatIisItheIattackIperformedIbyIBobbyIinItheIaboveIscenario?
A.IaLTErIattack
B.IJammingIsignalIattack
C.IWardriving
D.IKRACKIattack

Answer:
IaLTErIattack

Q:IJohn,IaIprofessionalIhacker,ItargetedIanIorganizationIthatIusesILDAPIforIaccessingIdistrib
utedIdirectoryIservices.IHeIusedIanIautomatedItoolItoIanony-
ImouslyIqueryItheILDAPIserviceIforIsensitiveIinformationIsuchIasIusernames,Iaddresses,Idepa
rtmentalIdetails,IandIserverInamesItoIlaunchIfurtherIattacksIonItheItargetIorganization.
WhatIisItheItoolIemployedIbyIJohnItoIgatherIinformationIfromItheILDAP
service?
A.Iike-scan

, B.IZabasearch
C.IJXplorer
D.IEarthExplorer

Answer:
IJXplorer
I

Q:IAnnie,IaIcloudIsecurityIengineer,IusesItheIDockerIarchitectureItoIemployIaIclient/serverI
modelIinItheIapplicationIsheIisIworkingIon.ISheIutilizesIaIcomponentIthatIcanIprocessIAPIIreq
uestsIandIhandleIvariousIDockerIobjects,IsuchIasIcontainers,Ivolumes,Iimages,IandInetworks.I
WhatIisItheIcomponentIofItheIDockerIarchitectureIusedIbyIAnnieIinItheIaboveIscenario?
A.IDockerIobjectsIB.IDockerIdaemonIC.IDockerIclient
D.IDockerIregistries

Answer:
IDockerIdaemon

Q:IBob,IanIattacker,IhasImanagedItoIaccessIaItargetIIoTIdevice.IHeIemployedIanIonlineItool
ItoIgatherIinformationIrelatedItoItheImodelIofItheIIoTIdeviceIandItheIcertificationsIgrantedItoIi
t.IWhichIofItheIfollowingItoolsIdidIBobIemployItoIgatherItheIaboveIinformation?
A.IFCCIIDIsearch
B.IGoogleIimageIsearch
C.Isearch.com
D.IEarthExplorer

Answer:
IFCCIIDIsearch

Q:IWhatIpieceIofIhardwareIonIaIcomputer'sImotherboardIgeneratesIencryp-
ItionIkeysIandIonlyIreleasesIaIpartIofItheIkeyIsoIthatIdecryptingIaIdiskIonIaInewIpieceIofIhard
wareIisInotIpossible?
A.ICPUIB.IUEFIIC.IGPU
D.ITPM

Answer:

$10.99

Accede al documento completo:

100% de satisfacción garantizada

Inmediatamente disponible después del pago

Tanto en línea como en PDF

No estas atado a nada

Conoce al vendedor

nurse_steph

3.9

(1673)

Documento también disponible en un lote

Conoce al vendedor

nurse_steph Rasmussen College

Ver perfil

Seguir

Vendido

9356

Miembro desde

5 año

Número de seguidores

5135

Documentos

7547

Última venta

3 horas hace

Exams, Study guides, Reviews, Notes

All study solutions.

3.9

1673 reseñas

841

296

258

201

Recientemente visto por ti

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

100% de satisfacción garantizada: ¿Cómo funciona?

Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller nurse_steph. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for $10.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews) 45,681 summaries were sold in the last 30 days Founded in 2010, the go-to place to buy summaries for 15 years now