CEH v10 Study Test Questions with Correct
Answers
Four benefits of footprinting - Answer-1. Know the security posture
2. Reduce the focus area (network range, number of targets, etc.)
3. Identify vulnerabilities
4. Draw a network map
Computer Fraud and Abuse Act of 1986 - Answer-makes conspiracy to commit hacking
a crime.
Enterprise Information Security Architecture (EISA) - Answer-a collection of
requirements and processes that help determine how an organizations information
systems are built and how they work.
Incident response plan - Answer-1. Identify
2. Analyze
3. Prioritize
4. Resolve
5. Report
Incident Management Process - Answer-To restore all systems to normal operations
asap.
Incident Management Process Order - Answer-1. Review Detection
2. Analyze Exploitation
3. Notify Stakeholders
4. Contain the exploitation
5. Eradicate backdoors
6. Coordinate recovery for lost data or services
7. Provide reports and lessons learned
Hacking Phases - Answer-Recon - > Scanning -> Gain Access - > Maintain access ->
Clearing tracks
Promiscuous Policy - Answer-wide open
Permissive Policy - Answer-blocks only things that are known to be dangerous
Prudent Policy - Answer-provides max security but allows some potentially and known
dangerous services because of business needs.
, Paranoid policy - Answer-locks everything down, not even allowing the user to open so
much as an internet browser.
Sarbanes-Oxley Act - Answer-to make corporate disclosures more accurate and reliable
in order to protect the public and investors from shady behavior
Payment Card Industry Data Security Standard (PCI DSS) - Answer-is a security
standard for organizations handling credit cards, ATM cards, and other point of sales
cards.
ISO 27000 Series - Answer-this series contains a range of individual standards and
documents specifically reserved by ISO for information security
Confidentiality - Answer-a bond of trust that involves refusing to reveal details about a
company, product, resource, or any other sensitive and/or proprietary information.
FTP (File Transfer Protocol) - Answer-TCP Port 21.
Telnet - Answer-TCP 23
SMTP (Simple Mail Transfer Protocol) - Answer-TCP 25
DNS (Domain Name System) - Answer-TCP 53
UDP 53
HTTP - Answer-TCP 80
RPC (Remote Procedure Call) - Answer-Port 135 TCP/UDP
NetBIOS (Network Basic Input/Output System) - Answer-tcp/139, udp/137, udp/138 -
Network communication servers for LANs that use NetBIOS
SNMP (Simple Network Management Protocol) - Answer-UDP 161 and 162
LDAP (Lightweight Directory Access Protocol) - Answer-TCP/UDP 389
Global Catalog Service - Answer-TCP/UDP 3268
Volumetric Attacks - Answer-Consumes the bandwidth of target network or service.
Fragmentation Attacks - Answer-Overwhelms targets ability of re-assembling the
fragmented packets
TCP State-Exhaustion Attacks - Answer-Consumes the connection state tables present
in the network infrastructure components such as load-balancers, firewalls, and
application servers
Answers
Four benefits of footprinting - Answer-1. Know the security posture
2. Reduce the focus area (network range, number of targets, etc.)
3. Identify vulnerabilities
4. Draw a network map
Computer Fraud and Abuse Act of 1986 - Answer-makes conspiracy to commit hacking
a crime.
Enterprise Information Security Architecture (EISA) - Answer-a collection of
requirements and processes that help determine how an organizations information
systems are built and how they work.
Incident response plan - Answer-1. Identify
2. Analyze
3. Prioritize
4. Resolve
5. Report
Incident Management Process - Answer-To restore all systems to normal operations
asap.
Incident Management Process Order - Answer-1. Review Detection
2. Analyze Exploitation
3. Notify Stakeholders
4. Contain the exploitation
5. Eradicate backdoors
6. Coordinate recovery for lost data or services
7. Provide reports and lessons learned
Hacking Phases - Answer-Recon - > Scanning -> Gain Access - > Maintain access ->
Clearing tracks
Promiscuous Policy - Answer-wide open
Permissive Policy - Answer-blocks only things that are known to be dangerous
Prudent Policy - Answer-provides max security but allows some potentially and known
dangerous services because of business needs.
, Paranoid policy - Answer-locks everything down, not even allowing the user to open so
much as an internet browser.
Sarbanes-Oxley Act - Answer-to make corporate disclosures more accurate and reliable
in order to protect the public and investors from shady behavior
Payment Card Industry Data Security Standard (PCI DSS) - Answer-is a security
standard for organizations handling credit cards, ATM cards, and other point of sales
cards.
ISO 27000 Series - Answer-this series contains a range of individual standards and
documents specifically reserved by ISO for information security
Confidentiality - Answer-a bond of trust that involves refusing to reveal details about a
company, product, resource, or any other sensitive and/or proprietary information.
FTP (File Transfer Protocol) - Answer-TCP Port 21.
Telnet - Answer-TCP 23
SMTP (Simple Mail Transfer Protocol) - Answer-TCP 25
DNS (Domain Name System) - Answer-TCP 53
UDP 53
HTTP - Answer-TCP 80
RPC (Remote Procedure Call) - Answer-Port 135 TCP/UDP
NetBIOS (Network Basic Input/Output System) - Answer-tcp/139, udp/137, udp/138 -
Network communication servers for LANs that use NetBIOS
SNMP (Simple Network Management Protocol) - Answer-UDP 161 and 162
LDAP (Lightweight Directory Access Protocol) - Answer-TCP/UDP 389
Global Catalog Service - Answer-TCP/UDP 3268
Volumetric Attacks - Answer-Consumes the bandwidth of target network or service.
Fragmentation Attacks - Answer-Overwhelms targets ability of re-assembling the
fragmented packets
TCP State-Exhaustion Attacks - Answer-Consumes the connection state tables present
in the network infrastructure components such as load-balancers, firewalls, and
application servers
