Ethical Hacking Essentials (EHE),Ethical
|\ |\ |\ |\
Hacking Essentials Exam Prep |\ |\ |\ |\
QUESTIONS WITH ANSWERS |\ |\
Availability - CORRECT ANSWERS ✔✔Assurance that the systems
|\ |\ |\ |\ |\ |\ |\ |\
responsible for delivering, storing, and processing information are
|\ |\ |\ |\ |\ |\ |\
accessible when required by authorized users.
|\ |\ |\ |\ |\ |\
Authenticity - CORRECT ANSWERS ✔✔Refers to the characteristic
|\ |\ |\ |\ |\ |\ |\ |\
of communication, documents, or any data that ensures the
|\ |\ |\ |\ |\ |\ |\ |\ |\
quality of being genuine or uncorrupted.
|\ |\ |\ |\ |\
Active Attacks - CORRECT ANSWERS ✔✔Tamper with the data in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
transit or disrupt the communication or services between the
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems to bypass or break into secured systems.
|\ |\ |\ |\ |\ |\ |\
Advanced Persistent Threats (APT) - CORRECT ANSWERS ✔✔An
|\ |\ |\ |\ |\ |\ |\ |\
attack that is focused on stealing information from the victim
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
machine without the user being aware of it.
|\ |\ |\ |\ |\ |\ |\
Active Reconnaissance - CORRECT ANSWERS ✔✔Active
|\ |\ |\ |\ |\ |\
reconnaissance techniques involves acquiring information directly |\ |\ |\ |\ |\
interacting with the target by any means.
|\ |\ |\ |\ |\ |\ |\
,Adware - CORRECT ANSWERS ✔✔Adware refers to software or a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
program that supports advertisements and generates unsolicited
|\ |\ |\ |\ |\ |\ |\
ads and pop-ups.
|\ |\
Active Assessment - CORRECT ANSWERS ✔✔A type of
|\ |\ |\ |\ |\ |\ |\ |\
vulnerability assessment that uses network scanners to identify |\ |\ |\ |\ |\ |\ |\ |\
the hosts, services, and vulnerabilities present in a network.
|\ |\ |\ |\ |\ |\ |\ |\
Application Assessment - CORRECT ANSWERS ✔✔An application
|\ |\ |\ |\ |\ |\ |\
assessment focuses on transactional web applications, traditional
|\ |\ |\ |\ |\ |\
client-server applications, and hybrid systems.
|\ |\ |\ |\ |\
Automated Assessment - CORRECT ANSWERS ✔✔In this type of|\ |\ |\ |\ |\ |\ |\ |\ |\
assessment, the ethical hacker employs various vulnerability |\ |\ |\ |\ |\ |\ |\
assessment tools, such as Nessus, Qualys, GFI LanGuard, etc. |\ |\ |\ |\ |\ |\ |\ |\
Active Online Attacks - CORRECT ANSWERS ✔✔The attacker
|\ |\ |\ |\ |\ |\ |\ |\
performs password cracking by directly communicating with the
|\ |\ |\ |\ |\ |\ |\ |\
victim's machine. |\
Active Sniffing - CORRECT ANSWERS ✔✔Active sniffing searches
|\ |\ |\ |\ |\ |\ |\ |\
for traffic on a switched LAN by actively injecting traffic into it.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ARP Spoofing Attack - CORRECT ANSWERS ✔✔ARP
|\ |\ |\ |\ |\ |\
spoofing/poisoning involves sending a large number of forged
|\ |\ |\ |\ |\ |\ |\ |\ |\
entries to the target machine's ARP cache.
|\ |\ |\ |\ |\ |\
,Active Session Hijacking - CORRECT ANSWERS ✔✔In an active
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack, an attacker takes over an existing session either by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
breaking the connection on one side of the conversation or by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
actively participating. |\
Application Level Hijacking - CORRECT ANSWERS ✔✔Application
|\ |\ |\ |\ |\ |\ |\
level hijacking involves gaining control over the Hypertext
|\ |\ |\ |\ |\ |\ |\ |\
Transfer Protocol (HTTP) user session by obtaining the session
|\ |\ |\ |\ |\ |\ |\ |\ |\
IDs.
Access Point (AP) - CORRECT ANSWERS ✔✔An AP is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
connect wireless devices to a wireless/wired network.
|\ |\ |\ |\ |\ |\
Association - CORRECT ANSWERS ✔✔It refers to the process of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
connecting a wireless device to an AP. |\ |\ |\ |\ |\ |\
AES - CORRECT ANSWERS ✔✔It is a symmetric-key encryption
|\ |\ |\ |\ |\ |\ |\ |\ |\
used in WPA2 as a replacement for TKIP.
|\ |\ |\ |\ |\ |\ |\
App Sandboxing - CORRECT ANSWERS ✔✔App sandboxing is a
|\ |\ |\ |\ |\ |\ |\ |\ |\
security mechanism that helps protect systems and users by
|\ |\ |\ |\ |\ |\ |\ |\ |\
limiting the resources that an app can access to its intended
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
functionality on the mobile platform. |\ |\ |\ |\
Agent Smith Attack - CORRECT ANSWERS ✔✔An Agent smith
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack is carried out by persuading the victim to install a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malicious app designed and published by an attacker.
|\ |\ |\ |\ |\ |\ |\
, Brute-Force Attack - CORRECT ANSWERS ✔✔In a brute-force |\ |\ |\ |\ |\ |\ |\ |\
attack, attackers try every combination of characters until the
|\ |\ |\ |\ |\ |\ |\ |\ |\
password is broken. |\ |\
Botnet - CORRECT ANSWERS ✔✔A botnet is a huge network of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
compromised systems used by attackers to perform a distributed |\ |\ |\ |\ |\ |\ |\ |\
task.
|\
Black Hats - CORRECT ANSWERS ✔✔Black hats are individuals
|\ |\ |\ |\ |\ |\ |\ |\ |\
who use their extraordinary computing skills for illegal or
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious purposes. |\
Broken Access Control - CORRECT ANSWERS ✔✔Broken access
|\ |\ |\ |\ |\ |\ |\ |\
control is a method in which an attacker identifies a flaw related
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to access control and bypasses the authentication, which allows
|\ |\ |\ |\ |\ |\ |\ |\ |\
them to compromise the network.
|\ |\ |\ |\
Bandwidth - CORRECT ANSWERS ✔✔It describes the amount of
|\ |\ |\ |\ |\ |\ |\ |\ |\
information that may be broadcast over a connection. |\ |\ |\ |\ |\ |\ |\
Basic Service Set Identifier (BSSID) - CORRECT ANSWERS ✔✔It is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the media access control (MAC) address of an access point (AP)
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or base station that has set up a basic service set (BSS).
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
Bluetooth - CORRECT ANSWERS ✔✔Bluetooth is a short-range
|\ |\ |\ |\ |\ |\ |\ |\
wireless communication technology that replaces cables
|\ |\ |\ |\ |\ |\
connecting portable or fixed devices while maintaining high
|\ |\ |\ |\ |\ |\ |\ |\
levels of security. |\ |\
|\ |\ |\ |\
Hacking Essentials Exam Prep |\ |\ |\ |\
QUESTIONS WITH ANSWERS |\ |\
Availability - CORRECT ANSWERS ✔✔Assurance that the systems
|\ |\ |\ |\ |\ |\ |\ |\
responsible for delivering, storing, and processing information are
|\ |\ |\ |\ |\ |\ |\
accessible when required by authorized users.
|\ |\ |\ |\ |\ |\
Authenticity - CORRECT ANSWERS ✔✔Refers to the characteristic
|\ |\ |\ |\ |\ |\ |\ |\
of communication, documents, or any data that ensures the
|\ |\ |\ |\ |\ |\ |\ |\ |\
quality of being genuine or uncorrupted.
|\ |\ |\ |\ |\
Active Attacks - CORRECT ANSWERS ✔✔Tamper with the data in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
transit or disrupt the communication or services between the
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems to bypass or break into secured systems.
|\ |\ |\ |\ |\ |\ |\
Advanced Persistent Threats (APT) - CORRECT ANSWERS ✔✔An
|\ |\ |\ |\ |\ |\ |\ |\
attack that is focused on stealing information from the victim
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
machine without the user being aware of it.
|\ |\ |\ |\ |\ |\ |\
Active Reconnaissance - CORRECT ANSWERS ✔✔Active
|\ |\ |\ |\ |\ |\
reconnaissance techniques involves acquiring information directly |\ |\ |\ |\ |\
interacting with the target by any means.
|\ |\ |\ |\ |\ |\ |\
,Adware - CORRECT ANSWERS ✔✔Adware refers to software or a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
program that supports advertisements and generates unsolicited
|\ |\ |\ |\ |\ |\ |\
ads and pop-ups.
|\ |\
Active Assessment - CORRECT ANSWERS ✔✔A type of
|\ |\ |\ |\ |\ |\ |\ |\
vulnerability assessment that uses network scanners to identify |\ |\ |\ |\ |\ |\ |\ |\
the hosts, services, and vulnerabilities present in a network.
|\ |\ |\ |\ |\ |\ |\ |\
Application Assessment - CORRECT ANSWERS ✔✔An application
|\ |\ |\ |\ |\ |\ |\
assessment focuses on transactional web applications, traditional
|\ |\ |\ |\ |\ |\
client-server applications, and hybrid systems.
|\ |\ |\ |\ |\
Automated Assessment - CORRECT ANSWERS ✔✔In this type of|\ |\ |\ |\ |\ |\ |\ |\ |\
assessment, the ethical hacker employs various vulnerability |\ |\ |\ |\ |\ |\ |\
assessment tools, such as Nessus, Qualys, GFI LanGuard, etc. |\ |\ |\ |\ |\ |\ |\ |\
Active Online Attacks - CORRECT ANSWERS ✔✔The attacker
|\ |\ |\ |\ |\ |\ |\ |\
performs password cracking by directly communicating with the
|\ |\ |\ |\ |\ |\ |\ |\
victim's machine. |\
Active Sniffing - CORRECT ANSWERS ✔✔Active sniffing searches
|\ |\ |\ |\ |\ |\ |\ |\
for traffic on a switched LAN by actively injecting traffic into it.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ARP Spoofing Attack - CORRECT ANSWERS ✔✔ARP
|\ |\ |\ |\ |\ |\
spoofing/poisoning involves sending a large number of forged
|\ |\ |\ |\ |\ |\ |\ |\ |\
entries to the target machine's ARP cache.
|\ |\ |\ |\ |\ |\
,Active Session Hijacking - CORRECT ANSWERS ✔✔In an active
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack, an attacker takes over an existing session either by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
breaking the connection on one side of the conversation or by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
actively participating. |\
Application Level Hijacking - CORRECT ANSWERS ✔✔Application
|\ |\ |\ |\ |\ |\ |\
level hijacking involves gaining control over the Hypertext
|\ |\ |\ |\ |\ |\ |\ |\
Transfer Protocol (HTTP) user session by obtaining the session
|\ |\ |\ |\ |\ |\ |\ |\ |\
IDs.
Access Point (AP) - CORRECT ANSWERS ✔✔An AP is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
connect wireless devices to a wireless/wired network.
|\ |\ |\ |\ |\ |\
Association - CORRECT ANSWERS ✔✔It refers to the process of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
connecting a wireless device to an AP. |\ |\ |\ |\ |\ |\
AES - CORRECT ANSWERS ✔✔It is a symmetric-key encryption
|\ |\ |\ |\ |\ |\ |\ |\ |\
used in WPA2 as a replacement for TKIP.
|\ |\ |\ |\ |\ |\ |\
App Sandboxing - CORRECT ANSWERS ✔✔App sandboxing is a
|\ |\ |\ |\ |\ |\ |\ |\ |\
security mechanism that helps protect systems and users by
|\ |\ |\ |\ |\ |\ |\ |\ |\
limiting the resources that an app can access to its intended
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
functionality on the mobile platform. |\ |\ |\ |\
Agent Smith Attack - CORRECT ANSWERS ✔✔An Agent smith
|\ |\ |\ |\ |\ |\ |\ |\ |\
attack is carried out by persuading the victim to install a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malicious app designed and published by an attacker.
|\ |\ |\ |\ |\ |\ |\
, Brute-Force Attack - CORRECT ANSWERS ✔✔In a brute-force |\ |\ |\ |\ |\ |\ |\ |\
attack, attackers try every combination of characters until the
|\ |\ |\ |\ |\ |\ |\ |\ |\
password is broken. |\ |\
Botnet - CORRECT ANSWERS ✔✔A botnet is a huge network of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
compromised systems used by attackers to perform a distributed |\ |\ |\ |\ |\ |\ |\ |\
task.
|\
Black Hats - CORRECT ANSWERS ✔✔Black hats are individuals
|\ |\ |\ |\ |\ |\ |\ |\ |\
who use their extraordinary computing skills for illegal or
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious purposes. |\
Broken Access Control - CORRECT ANSWERS ✔✔Broken access
|\ |\ |\ |\ |\ |\ |\ |\
control is a method in which an attacker identifies a flaw related
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to access control and bypasses the authentication, which allows
|\ |\ |\ |\ |\ |\ |\ |\ |\
them to compromise the network.
|\ |\ |\ |\
Bandwidth - CORRECT ANSWERS ✔✔It describes the amount of
|\ |\ |\ |\ |\ |\ |\ |\ |\
information that may be broadcast over a connection. |\ |\ |\ |\ |\ |\ |\
Basic Service Set Identifier (BSSID) - CORRECT ANSWERS ✔✔It is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the media access control (MAC) address of an access point (AP)
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or base station that has set up a basic service set (BSS).
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
Bluetooth - CORRECT ANSWERS ✔✔Bluetooth is a short-range
|\ |\ |\ |\ |\ |\ |\ |\
wireless communication technology that replaces cables
|\ |\ |\ |\ |\ |\
connecting portable or fixed devices while maintaining high
|\ |\ |\ |\ |\ |\ |\ |\
levels of security. |\ |\
