Student Portal

Certification Practice Test Sample Questions For Certified Ethical Hacking

QuickStart is now offering sample questions for Certification Exam Prep Questions For Certified Ethical Hacking. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice test to better aid in certification. 100% of the questions are real test questions; from a recent version of the Certification Exam Prep Questions exam For Certified Ethical Hacking.


Arrow

Certified Ethical Hacking (CEHv11)

Enroll now today and get 30% off using discount code PRACTICE30 at checkout.

Computer Hacking Forensic Investigator (CHFI) + Certification Exam Bundle

Enroll now today and get 30% off using discount code at checkout.

 
proceed to the next question. Correct answers will be displayed when you complete exam.

Certified Ethical Hacking Sample Exam Questions

1

Which individuals believe that hacking and defacing websites can promote social change?

A. Ethical hackers
Incorrect.
B. Hactivists
Correct!
C. Gray hat hackers
Incorrect.
D. Black hat hackers
Incorrect.
2

Which type of testing occurs when individuals know the entire layout of the network?

A. White box
Correct!
B. Black box
Incorrect.
C. Gray box
Incorrect.
D. Blind testing
Incorrect.
3

This type of security test usually takes on an adversarial role and looks to see what an outsider can access and control.

A. High-level evaluation
Incorrect.
B. Network evaluation
Incorrect.
C. Policy assessment
Incorrect.
D. Penetration test
Correct!
4

Which type of penetration test is characterized by its examination of technologies such as old copiers or telecommunication taken from the trash on private property?

A. Stolen equipment
Correct!
B. Communication systems
Incorrect.
C. Database testing
Incorrect.
D. Denial of service
Incorrect.
5

Which type of hacker will carry out an attack even if they might get a very long prison term?

A. White hat
Incorrect.
B. Gray hat
Incorrect.
C. Black hat
Incorrect.
D. Suicide hacker
Correct!
6

During a security review you have discovered that there are no documented security policies for the area you are assessing. Which of the following would be the most appropriate course of action?

7

Which of the following is the most important step for the ethical hacker to perform during the pre-assessment?

8

Attackers sometimes hang on to unknown vulnerabilities until they can be used in an attack that has no known defense or patch. Some might call Flame and Stuxnet these types of attacks. Which of the following offers the best description?

A. Zero day
Correct!
B. Unpatched vulnerability
Incorrect.
C. Unknown attack
Incorrect.
D. Polymorphic
Incorrect.
9

When you are assessing backup methods, what is the proper restoration technique if a full backup was performed on Monday and an incremental was performed on Tuesday, Wednesday, and Thursday, with the outage occurring on Friday?

10

Phishing, social engineering, and buffer overflows are all usually used at what point in the attacker’s process?

A. Backdoors
Incorrect.
B. Covering tracks
Incorrect.
C. Port scanning
Incorrect.
D. Gaining access
Correct!
11

Which DNS record gives information about the zone, such as administrator contact, and so on?

A. CNAME
Incorrect.
B. MX record
Incorrect.
C. Start of Authority
Correct!
D. A record
Incorrect.
12

While preparing to hack a targeted network, you would like to check the configuration of the DNS server. What port should you look for to attempt a zone transfer?

A. 53 UDP
Incorrect.
B. 79 TCP
Incorrect.
C. 79 UDP
Incorrect.
D. 53 TCP
Correct!
13

You have become concerned that someone could attempt to poison your DNS server. What determines how long cache poisoning would last?

A. A record
Incorrect.
B. CNAME
Incorrect.
C. MX
Incorrect.
D. SOA
Correct!
14

Which of the following is a Class D address?

A. 191.0.0.0
Incorrect.
B. 192.0.0.0
Incorrect.
C. 223.0.0.0
Incorrect.
D. 224.0.0.0
Correct!
15

You have captured data from a client to an HTTP server and would like to use Wireshark to filter for the first step of the TCP handshake. Which of the following TCP flags is set?

A. SYN
Correct!
B. ACK
Incorrect.
C. ACK SYN
Incorrect.
D. PSH
Incorrect.
16

Which of the following breaks down security assessments into four basic stages, which include planning, discovery, attack, and reporting?

A. OSSTMM
Incorrect.
B. NIST 800-115
Correct!
C. FISMA
Incorrect.
D. OCTAVE
Incorrect.
17

Which DNS record gives information about the zone, such as administrator contact and so on?

A. CNAME
Incorrect.
B. Start of Authority
Correct!
C. MX record
Incorrect.
D. A record
Incorrect.
18

Which of the following is used for an ICMP unreachable message?

A. Type 5
Incorrect.
B. Type 8
Incorrect.
C. Type 3
Correct!
D. Type 11
Incorrect.
19

You have been assigned a junior pen tester during a pen test. You performed the following scan: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned Your partner asks you to explain the results. Which of the following best describes the correct answer?

20

You are performing a penetration test and have been asked to identify any web servers that might be vulnerable to shellshock. Which of the following tools support scripts that enable you to search for these devices?

A. FOCA
Incorrect.
B. Nmap
Correct!
C. Shodan
Incorrect.
D. Maltigo
Incorrect.
21

You have just performed an ACK scan and have been monitoring a sniffer while the scan was performed. The sniffer captured the result of the scan as an ICMP type 3 code 13. What does this result mean?

22

Which of the following is a passive OS fingerprinting tool?

A. Nmap
Incorrect.
B. p0f
Correct!
C. Zenmap
Incorrect.
D. Xprobe2
Incorrect.
23

During a footprinting exercise, you are asked to find and extract metadata from documents hosted on the target company’s website. Which of the following is your best option?

A. Shodan
Incorrect.
B. FOCA
Correct!
C. Maltigo
Incorrect.
D. Nmap
Incorrect.
24

Which Nmap scan option scans ports in consecutive order?

A. -- top ports
Incorrect.
B. -r
Correct!
C. -R
Incorrect.
D. - iR
Incorrect.
25

Which of the following options is not typically used for OS fingerprinting?

A. IP TTL
Incorrect.
B. UDP checksum
Correct!
C. TCP window size
Incorrect.
D. IP DF option
Incorrect.
26

A connect or SYN scan of an open port produces which of the following responses from a target?

A. ACK
Incorrect.
B. RST/ACK
Incorrect.
C. SYN/ACK
Correct!
D. RST/ACK
Incorrect.
27

Which of the following hping commands could you use to ping 192.168.123.1?

28

Which of the following types of biometric systems is considered the most accurate?

A. Fingerprint scanning
Incorrect.
B. Iris scanning
Correct!
C. Voice scanning
Incorrect.
D. Palm scanning
Incorrect.
29

You have gained access to a system. You would now like to hide a file that will be hidden and streamed behind another. Which of the following file systems is required?

A. CDFS
Incorrect.
B. FAT32
Incorrect.
C. NTFS
Correct!
D. FAT
Incorrect.
30

During a pen test, you have successfully gained access to a system. You were are able to gain local administrator status on one workstation and have now moved to local administrator on a second workstation. With this in mind, which of the following is true?

Get Test Results
  • Home
  • Certified Ethical Hacker

Certified Ethical Hacker

Be the first to review this course
$99.00

More Information:

  • Learning Style: On Demand
  • Learning Style: Practice Exam
  • Difficulty: Beginner
  • Course Duration: 1 Hour
  • Course Info: Download PDF
  • Certificate: See Sample

Need Training for 5 or More People?

Customized to your team's need:

  • Annual Subscriptions
  • Private Training
  • Flexible Pricing
  • Enterprise LMS
  • Dedicated Customer Success Manager

Outline

Reviews

Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account

Hit button to validate captcha