CEH practice UPDATED Exam Questions
and CORRECT Answers
IP spoofing refers to the procedure of an attacker changing his or her IP address so that he or she
appears to be someone else.
Which of the following IP spoofing detection technique succeed only when the attacker is in a
different subnet? - CORRECT ANSWER- Direct TTL probes technique*
IP identification number technique
TCP flow control method
UDP flow control method
Which of the following scan only works if operating system's TCP/IP implementation is based
on RFC 793? - CORRECT ANSWER- TCP connect scan
OS fingerprinting is the method used to determine the operating system running on a remote
target system. It is an important scanning method, as the attacker will have a greater probability
of success if he/she knows the OS. Active stack fingerprinting is one of the types of OS
fingerprinting.
Which of the following is true about active stack fingerprinting? - CORRECT ANSWER- Is
based on the fact that various vendors of OS implement the TCP stack differently
Enumeration is defined as the process of extracting user names, machine names, network
resources, shares, and services from a system.
Which of the following enumeration an attacker uses to obtain list of computers that belongs to a
domain? - CORRECT ANSWER- Netbios enumeration
Steganography is a technique of hiding a secret message within an ordinary message and
extracting it at the destination to maintain confidentiality of data.
, Which of the following steganography technique embed secret message in the frequency domain
of a signal? - CORRECT ANSWER- Transform domain techniques
A virus is a self-replicating program that produces its own code by attaching copies of it into
other executable codes.
Which of the following virus evade the anti-virus software by intercepting its requests to the
operating system? - CORRECT ANSWER- Stealth/Tunneling virus
Lawful intercept is a process that enables a Law Enforcement Agency (LEA) to perform
electronic surveillance on a target as authorized by a judicial or administrative order.
Which of the following statement is true for lawful intercept? - CORRECT ANSWER- Hides
information about lawful intercepts from all but the most privileged users
Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its
resources. In a DoS attack, attackers flood a victim system with non-legitimate service requests
or traffic to overload its resources, which prevents it from performing intended tasks.
Which of the following is a symptom of a DoS attack? - CORRECT ANSWER-
Unavailability of a particular website
Firewalls are categorized into two; namely hardware firewall and software firewall. Identify the
correct statement for a software firewall. - CORRECT ANSWER- Software firewall is
placed between the normal application and the networking components of the operating system
RSA is a public-key cryptosystem developed by MIT professors Ronald L. Rivest, Adi Shamir,
and Leonard M. Adleman in 1977 in an effort to help ensure Internet security. RSA uses modular
arithmetic and elementary number theory to do computations using two very large prime
numbers. Identify the statement which is true for RC6 algorithm: - CORRECT ANSWER-
Includes integer multiplication and the use of four 4-bit working registers
and CORRECT Answers
IP spoofing refers to the procedure of an attacker changing his or her IP address so that he or she
appears to be someone else.
Which of the following IP spoofing detection technique succeed only when the attacker is in a
different subnet? - CORRECT ANSWER- Direct TTL probes technique*
IP identification number technique
TCP flow control method
UDP flow control method
Which of the following scan only works if operating system's TCP/IP implementation is based
on RFC 793? - CORRECT ANSWER- TCP connect scan
OS fingerprinting is the method used to determine the operating system running on a remote
target system. It is an important scanning method, as the attacker will have a greater probability
of success if he/she knows the OS. Active stack fingerprinting is one of the types of OS
fingerprinting.
Which of the following is true about active stack fingerprinting? - CORRECT ANSWER- Is
based on the fact that various vendors of OS implement the TCP stack differently
Enumeration is defined as the process of extracting user names, machine names, network
resources, shares, and services from a system.
Which of the following enumeration an attacker uses to obtain list of computers that belongs to a
domain? - CORRECT ANSWER- Netbios enumeration
Steganography is a technique of hiding a secret message within an ordinary message and
extracting it at the destination to maintain confidentiality of data.
, Which of the following steganography technique embed secret message in the frequency domain
of a signal? - CORRECT ANSWER- Transform domain techniques
A virus is a self-replicating program that produces its own code by attaching copies of it into
other executable codes.
Which of the following virus evade the anti-virus software by intercepting its requests to the
operating system? - CORRECT ANSWER- Stealth/Tunneling virus
Lawful intercept is a process that enables a Law Enforcement Agency (LEA) to perform
electronic surveillance on a target as authorized by a judicial or administrative order.
Which of the following statement is true for lawful intercept? - CORRECT ANSWER- Hides
information about lawful intercepts from all but the most privileged users
Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its
resources. In a DoS attack, attackers flood a victim system with non-legitimate service requests
or traffic to overload its resources, which prevents it from performing intended tasks.
Which of the following is a symptom of a DoS attack? - CORRECT ANSWER-
Unavailability of a particular website
Firewalls are categorized into two; namely hardware firewall and software firewall. Identify the
correct statement for a software firewall. - CORRECT ANSWER- Software firewall is
placed between the normal application and the networking components of the operating system
RSA is a public-key cryptosystem developed by MIT professors Ronald L. Rivest, Adi Shamir,
and Leonard M. Adleman in 1977 in an effort to help ensure Internet security. RSA uses modular
arithmetic and elementary number theory to do computations using two very large prime
numbers. Identify the statement which is true for RC6 algorithm: - CORRECT ANSWER-
Includes integer multiplication and the use of four 4-bit working registers
