You are on page 1of 18

CertifiedEthicalHacker

100Questions

Thisisa"pretest"fortheCertifiedEthicalHackercourse.

Start
QuestionsandAnswers
1. WhatistheessentialdifferencebetweenanEthicalHackerandaCracker?

A.Theethicalhackerdoesnotusethesametechniquesorskillsasacracker.
B.Theethicalhackerdoesitstrictlyforfinancialmotivesunlikeacracker.
C.Theethicalhackerhasauthorizationfromtheownerofthetarget.
D.Theethicalhackerisjustacrackerwhoisgettingpaid.
2. WhatdoesthetermEthicalHackingmean?

A.Someonewhoishackingforethicalreasons.
B.Someonewhoisusinghis/herskillsforethicalreasons.
C.Someonewhoisusinghis/herskillsfordefensivepurposes.
D.Someonewhoisusinghis/herskillsforoffensivepurposes.
3. WhoisanEthicalHacker?

A.Apersonwhohacksforethicalreasons
B.Apersonwhohacksforanethicalcause
C.Apersonwhohacksfordefensivepurposes
D.Apersonwhohacksforoffensivepurposes
4. Whatis"Hacktivism"?

A.Hackingforacause
B.Hackingruthlessly
C.Anassociationwhichgroupsactivists
D.Noneoftheabove
5. Whereshouldasecuritytesterbelookingforinformationthatcouldbeusedbyanattackeragainstanorganization?(Selectall

thatapply)

A.CHATrooms
B.WHOISdatabase
C.Newsgroups
D.Websites
E.Searchengines
F.Organizationsownwebsite
6. Whatarethetwobasictypesofattacks?(Choosetwo)

A.DoS
B.Passive
C.Sniffing
D.Active
E.Cracking
7. WhichofthefollowingbestdescribesVulnerability?

A.Thelosspotentialofathreat
B.Anactionoreventthatmightprejudicesecurity
C.Anagentthatcouldtakeadvantageofaweakness
D.Aweaknessorerrorthatcanleadtocompromise
8. StevenworksasasecurityconsultantandfrequentlyperformspenetrationtestsforFortune500companies.Stevenruns

externalandinternaltestsandthencreatesreportstoshowthecompanieswheretheirweakareasare.Stevenalwayssignsa
nondisclosureagreementbeforeperforminghistests.WhatwouldStevenbeconsidered?
A.WhitehatHacker
B.BlackHatHacker
C.GrayhatHacker
D.BluehatHacker
9. Whichofthefollowingactintheunitedstatesspecificallycriminalizesthetransmissionofunsolicitedcommercialemail(SPAM)

withoutanexistingbusinessrelationship.
A.2004CANSPAMAct
B.2003SPAMPreventingAct
C.2005USSPAM1030Act
D.1990ComputerMisuseAct
10.ABC.comislegallyliableforthecontentofemailthatissentfromitssystems,regardlessofwhetherthemessagewassentfor

privateorbusinessrelatedpurpose.Thiscouldleadtoprosecutionforthesenderandforthecompanysdirectorsif,for
example,outgoingemailwasfoundtocontainmaterialthatwaspornographic,racistorlikelytoincitesomeonetocommitanact
ofterrorism.Youcanalwaysdefendyourselfbyignoranceofthelawclause.
A.True
B.False
11.YouarefootprintingAcme.comtogathercompetitiveintelligence.Youvisittheacme.comwebsireforcontactinformationand

telephonenumbernumbersbutdonotfinditlistedthere.Youknowthattheyhadtheentirestaffdirectorylistedontheirwebsite
12monthsagobutnowitisnotthere.Howwoulditbepossibleforyoutoretrieveinformationfromthewebsitethatisoutdated?
A.Visitgooglesearchengineandviewthecachedcopy.
B.VisitArchive.orgsitetoretrievetheInternetarchiveoftheacmewebsite.
C.Crawltheentirewebsiteandstorethemintoyourcomputer.
D.Visitthecompanyspartnersandcustomerswebsiteforthisinformation.
12.UserwhichFederalStatutesdoesFBIinvestigateforcomputercrimesinvolvingemailscamsandmailfraud?

A.18U.S.C1029PossessionofAccessDevices
B.18U.S.C1030Fraudandrelatedactivityinconnectionwithcomputers

C.18U.S.C1343Fraudbywire,radioortelevision
D.18U.S.C1361InjurytoGovernmentProperty
E.18U.S.C1362Governmentcommunicationsystems
F.18U.S.C1831EconomicEspionageAct
G.18U.S.C1832TradeSecretsAct
13.WhichofthefollowingactivitieswillNOTbeconsideredaspassivefootprinting?

A.Gothroughtherubbishtofindoutanyinformationthatmighthavebeendiscarded.
B.SearchonfinancialsitesuchasYahooFinancialtoidentifyassets.
C.ScantherangeofIPaddressfoundinthetargetDNSdatabase.
D.Performmultiplesqueriesusingasearchengine.
14.WhichoneofthefollowingisdefinedastheprocessofdistributingincorrectInternetProtocol(IP)addresses/nameswiththe

intentofdivertingtraffic?
A.Networkaliasing
B.DomainNameServer(DNS)poisoning
C.ReverseAddressResolutionProtocol(ARP)
D.Portscanning
15.Youarefootprintinganorganizationtogathercompetitiveintelligence.Youvisitthecompanyswebsiteforcontactinformation

andtelephonenumbersbutdonotfinditlistedthere.Youknowthattheyhadtheentirestaffdirectorylistedontheirwebsite12
monthsagobutnotitisnotthere.
A.Visitgooglessearchengineandviewthecachedcopy.
B.VisitArchive.orgwebsitetoretrievetheInternetarchiveofthecompanyswebsite.
C.Crawltheentirewebsiteandstorethemintoyourcomputer.
D.Visitthecompanyspartnersandcustomerswebsiteforthisinformation.
16.ACompanysecuritySystemAdministratorisreviewingthenetworksystemlogfiles.Henotesthefollowing:Networklogfiles

areat5MBat12:00noon.At14:00hours,thelogfilesat3MB.Whatshouldheassumehashappenedandwhatshouldhedo
aboutthesituation?
A.HeshouldcontacttheattackersISPassoonaspossibleandhavetheconnectiondisconnected.
B.Heshouldlogtheeventassuspiciousactivity,continuetoinvestigate,andtakefurtherstepsaccordingtositesecuritypolicy.
C.Heshouldlogthefilesize,andarchivetheinformation,becausetheroutercrashed.
D.Heshouldrunafilesystemcheck,becausetheSyslogserverhasaselfcorrectingfilesystemproblem.
E.HeshoulddisconnectfromtheInternetdiscontinueanyfurtherunauthorizeduse,becauseanattackhastakenplace.
17.Towhatdoesmessagerepudiationrefertowhatconceptintherealmofemailsecurity?

A.Messagerepudiationmeansausercanvalidatewhichmailserverorserversamessagewaspassedthrough.
B.Messagerepudiationmeansausercanclaimdamagesforamailmessagethatdamagedtheirreputation.
C.Messagerepudiationmeansarecipientcanbesurethatamessagewassentfromaparticularperson.
D.Messagerepudiationmeansarecipientcanbesurethatamessagewassentfromacertainhost.
E.Messagerepudiationmeansasendercanclaimtheydidnotactuallysendaparticularmessage.
18.HowdoesTraceroutemaptheroutethatapackettravelsfrompointAtopointB?

A.ItusesaTCPTimestamppacketthatwillelicitatimeexceedintransitmessage.
B.Itusesaprotocolthatwillberejectedatthegatewaysonitswaytoitsdestination.
C.Itmanipulatesthevalueoftimetolive(TTL)parameterpackettoelicitatimeexceededintransitmessage.
D.Itmanipulatedflagswithinpacketstoforcegatewaysintogeneratingerrormessages.
19.Snorthasbeenusedtocapturepacketsonthenetwork.Onstudyingthepackets,thepenetrationtesterfindsittobeabnormal.

Ifyouwerethepenetrationtester,whywouldyoufindthisabnormal?05/2017:06:45.061034192.160.13.4:31337>
172.16.1.101:1TCPTTL:44TOS:0x10ID:242***FRP**Seq:0XA1D95Ack:0x53Win:0x400...05/2017:06:58.685879
192.160.13.4:31337>172.16.1.101:1024TCPTTL:44TOS:0x10ID:242***FRP**Seg:0XA1D95Ack:0x53Win:0x400What
isoddaboutthisattack?(Choosethemostappropriatestatement)

A.ThisisnotaspoofedpacketastheIPstackhasincreasingnumbersforthethreeflags.
B.Thisisbackorificeactivityasthescancomesfromport31337.
C.Theattackerwantstoavoidcreatingasubcarrierconnectionthatisnotnormallyvalid.
D.TherepacketswerecreatedbyatooltheywerenotcreatedbyastandardIPstack.
20.YourcompanytraineeSandraasksyouwhicharethefourexistingRegionalInternetRegistry(RIR's)?

A.APNIC,PICNIC,ARIN,LACNIC
B.RIPENCC,LACNIC,ARIN,APNIC
C.RIPENCC,NANIC,ARIN,APNIC
D.RIPENCC,ARIN,APNIC,LATNIC
21.Averyusefulresourceforpassivelygatheringinformationaboutatargetcompanyis:

A.Hostscanning
B.Whoissearch
C.Traceroute
D.Pingsweep
22.Whichofthefollowingtoolsareusedforfootprinting?(Choosefour).

A.SamSpade
B.NSLookup
C.Traceroute
D.Neotrace
E.Cheops
23.AccordingtotheCEHmethodology,whatisthenextsteptobeperformedafterfootprinting?

A.Enumeration
B.Scanning
C.SystemHacking
D.SocialEngineering
E.ExpandingInfluence
24.NSLookupisagoodtooltousetogainadditionalinformationaboutatargetnetwork.Whatdoesthefollowingcommand

accomplish?nslookup>server<ipaddress>>settype=any>lsd<target.com>
A.EnablesDNSspoofing
B.LoadsbogusentriesintotheDNStable
C.Verifieszonesecurity
D.Performsazonetransfer
E.ResetstheDNScache
25.Whilefootprintinganetwork,whatport/serviceshouldyoulookfortoattemptazonetransfer?

A.53UDP
B.53TCP
C.25UDP
D.25TCP
E.161UDP
F.22TCP
G.60TCP
26.Yourlabpartneristryingtofindoutmoreinformationaboutacompetitorswebsite.Thesitehasa.comextension.Shehas

decidedtousesomeonlinewhoistoolsandlookinoneoftheregionalInternetregistrys.Whichonewouldyousuggestshe
looksinfirst?

A.LACNIC
B.ARIN
C.APNIC
D.RIPE
E.AfriNIC
27.NetworkAdministratorPatriciaisdoinganauditofthenetwork.BelowaresomeofherfindingsconcerningDNS.Whichofthese

wouldbeacauseforalarm?Selectthebestanswer.
A.TherearetwoexternalDNSServersforInternetdomains.BothareADintegrated.
B.AllexternalDNSisdonebyanISP.
C.InternalADIntegratedDNSserversareusingprivateDNSnamesthatare
D.Unregistered
E.PrivateIPaddressesareusedontheinternalnetworkandareregisteredwiththeinternalADintegratedDNSserver.
28.TheterroristorganizationsareincreasinglyblockingalltrafficfromNorthAmericaorfromInternetProtocoladdressesthatpoint

touserswhorelyontheEnglishLanguage.Hackerssometimessetanumberofcriteriaforaccessingtheirwebsite.This
informationissharedamongthecohackers.ForexampleifyouareusingamachinewiththeLinuxOperatingSystemandthe
Netscapebrowserthenyouwillhaveaccesstotheirwebsiteinaconvertway.WhenfederalinvestigatorsusingPCsrunning
windowsandusingInternetExplorervisitedthehackerssharedsite,thehackerssystemimmediatelymountedadistributed
denialofserviceattackagainstthefederalsystem.CompaniestodayareengagingintrackingcompetitorsthroughreverseIP
addresslookupsiteslikewhois.com,whichprovideanIPaddresssdomain.Whenthecompetitorvisitsthecompanieswebsite
theyaredirectedtoaproductspagewithoutdiscountandpricesaremarkedhigherfortheirproduct.Whennormalusersvisit
thewebsitetheyaredirectedtoapagewithfullblownproductdetailsalongwithattractivediscounts.ThisisbasedonIPbased
blocking,wherecertainaddressesarebarredfromaccessingasite.Whatisthismaskingtechniquecalled?
A.WebsiteCloaking
B.WebsiteFiltering
C.IPAccessBlockade
D.MirroredWebSite
29.Billhasstartedtonoticesomeslownessonhisnetworkwhentryingtoupdatehiscompanyswebsitewhiletryingtoaccessthe

websitefromtheInternet.Billasksthehelpdeskmanagerifhehasreceivedanycallsaboutslownessfromtheendusers,but
thehelpdeskmanagersaysthathehasnot.Billreceivesanumberofcallsfromcustomersthatcantaccessthecompany
websiteandcantpurchaseanythingonline.Billlogsontoacoupleofthisroutersandnoticesthatthelogsshowsnetworktraffic
isatalltimehigh.Healsonoticesthatalmostallthetrafficisoriginatingfromaspecificaddress.BilldecidestouseGeotraceto
findoutwherethesuspectIPisoriginatesfrom.TheGeotraceutilityrunsatracerouteandfindsthatIPiscomingfromPanama.
BillknowsthatnoneofhiscustomersareinPanamasoheimmediatelythinksthathiscompanyisunderaDenialofService
attack.NowBillneedstofindoutmoreabouttheoriginatingIPAddress.WhatInternetregistryshouldBilllookintofindtheIP
Address?
A.LACNIC
B.ARIN
C.RIPELACNIC
D.APNIC
30.SystemAdministratorssometimespostquestionstonewsgroupswhentheyrunintotechnicalchallenges.Asanethicalhacker,

youcouldusetheinformationinnewsgrouppostingtogleaninsightintothemakeupofatargetnetwork.Howwouldyousearch
forthesepostingusingGooglesearch?
A.SearchinGoogleusingthekeystringsthetargetcompanyandnewsgroups
B.Searchforthetargetcompanynameathttp://groups.google.com
C.UseNNTPwebsitestosearchforthesepostings
D.SearchinGoogleusingthekeysearchstringsthetargetcompanyandforums
31.Whichofthefollowingactivitieswouldnotbeconsideredpassivefootprinting?

A.SearchonfinancialsitesuchasYahooFinancial
B.Performmultiplequeriesthroughasearchengine
C.ScantherangeofIPaddressfoundintheirDNSdatabase
D.Gothroughtherubbishtofindoutanyinformationthatmighthavebeendiscarded

32.Youarefootprintingthewww.xsecurity.comdomainusingtheGoogleSearchEngine.Youwouldliketodeterminewhatsiteslink

towww.xsecurity.comatthefirstlevelofrevelance.WhichofthefollowingoperatorinGooglesearchwillyouusetoachieve
this?
A.Link:www.xsecurity.com
B.Serch?l:www.xsecurity.com
C.Level1.www.security.com
D.Pagerank:www.xsecurity.com
33.Dougisconductingaportscanofatargetnetwork.Heknowsthathisclienttargetnetworkhasawebserverandthatthereisa

mailserveralsowhichisupandrunning.Doughasbeensweepingthenetworkbuthasnotbeenabletoelicitanyresponse
fromtheremotetarget.Whichofthefollowingcouldbethemostlikelycausebehindthislackofresponse?Select4.
A.UDPisfilteredbyagateway
B.ThepacketTTLvalueistoolowandcannotreachthetarget
C.Thehostmightbedown
D.Thedestinationnetworkmightbedown
E.TheTCPwindowssizedoesnotmatch
F.ICMPisfilteredbyagateway
34.

JoeHackerrunsthehping2hackingtooltopredictthetargethostssequencenumbersinoneofthehackingsession.What
doesthefirstandsecondcolumnmean?Selecttwo.
A.Thefirstcolumnreportsthesequencenumber
B.Thesecondcolumnreportsthedifferencebetweenthecurrentandlastsequencenumber
C.Thesecondcolumnreportsthenextsequencenumber
D.Thefirstcolumnreportsthedifferencebetweencurrentandlastsequencenumber
35.WhileperformingapingsweepofasubnetyoureceiveanICMPreplyofCode3/Type13forallthepingssentout.Whatisthe

mostlikelycausebehindthisresponse?
A.Thefirewallisdroppingthepackets.
B.AninlineIDSisdroppingthepackets.
C.ArouterisblockingICMP.
D.ThehostdoesnotrespondtoICMPpackets.
36.

Thefollowingexcerptistakenfromahoneyputlog.Thelogcapturesactivitiesacrossthreedays.Thereareseveralintrusion
attemptshowever,afewaresuccessful.Studytheloggivenbelowandanswerthefollowingquestion:Whatcanyouinferfrom
theabovelog?
A.Thesystemisawindowssystemwhichisbeingscannedunsuccessfully.
B.ThesystemisawebapplicationservercompromisedthroughSQLinjection.
C.Thesystemhasbeencompromisedandbackdooredbytheattacker.
D.TheactualIPofthesuccessfulattackeris24.9.255.53.
37.BobhasbeenhiredtoperformapenetrationtestonABC.com.HebeginsbylookingatIPaddressrangesownedbythe

companyanddetailsofdomainnameregistration.HethengoestoNewsGroupsandfinancialwebsitestoseeiftheyare

leakinganysensitiveinformationofhaveanytechnicaldetailsonline.Withinthecontextofpenetrationtestingmethodology,
whatphaseisBobinvolvedwith?
A.Passiveinformationgathering
B.Activeinformationgathering
C.Attackphase
D.VulnerabilityMapping
38.WhichofthefollowingwouldbethebestreasonforsendingasingleSMTPmessagetoanaddressthatdoesnotexistwithin

thetargetcompany?
A.Tocreateadenialofserviceattack.
B.Toverifyinformationaboutthemailadministratorandhisaddress.
C.Togatherinformationaboutinternalhostsusedinemailtreatment.
D.Togatherinformationaboutproceduresthatareinplacetodealwithsuchmessages.
39.YouareconductingaportscanonasubnetthathasICMPblocked.Youhavediscovered23livesystemsandafterscanning

eachofthemyounoticethattheyallshowport21inclosedstate.Whatshouldbethenextlogicalstepthatshouldbe
performed?
A.Connecttoopenportstodiscoverapplications.
B.Performapingsweeptoidentifyanyadditionalsystemsthatmightbeup.
C.PerformaSYNscanonport21toidentifyanyadditionalsystemsthatmightbeup.
D.Rescaneverycomputertoverifytheresults.
40.

Annwouldliketoperformareliablescanagainstaremotetarget.Sheisnotconcernedaboutbeingstealthatthispoint.Which
ofthefollowingtypeofscanswouldbethemostaccurateandreliableoption?
A.Ahalfscan
B.AUDPscan
C.ATCPConnectscan
D.AFINscan
41.

Whattypeofportscanisshownbelow?
A.IdleScan
B.WindowsScan
C.XMASScan
D.SYNStealthScan
42.Wardialingisaveryoldattackanddepictedinmoviesthatweremadeyearsago.Whywouldamodemsecuritytesterconsider

usingsuchanoldtechnique?
A.Itiscool,andifitworksinthemoviesitmustworkinreallife.
B.Itallowscircumventionofprotectionmechanismsbybeingontheinternalnetwork.
C.ItallowscircumventionofthecompanyPBX.
D.Agoodsecuritytesterwouldnotusesuchaderelicttechnique.

43.AnattackerisattemptingtotelnetintoacorporationssystemintheDMZ.Theattackerdoesntwanttogetcaughtandis

spoofinghisIPaddress.Afternumeroustriesheremainsunsuccessfulinconnectingtothesystem.Theattackerrechecksthat
thetargetsystemisactuallylisteningonPort23andheverifiesitwithbothnmapandhping2.Heisstillunabletoconnecttothe
targetsystem.Whatisthemostprobablereason?
A.Thefirewallisblockingport23tothatsystem.
B.HecannotspoofhisIPandsuccessfullyuseTCP.
C.Heneedstouseanautomatedtooltotelnetin.
D.Heisattackinganoperatingsystemthatdoesnotreplytotelnetevenwhenopen.
44.Youarescanningintothetargetnetworkforthefirsttime.Youfindveryfewconventionalportsopen.Whenyouattemptto

performtraditionalserviceidentificationbyconnectingtotheopenports,ityieldseitherunreliableornoresults.Youareunsure
ofwhichprotocolsarebeingused.Youneedtodiscoverasmanydifferentprotocolsaspossible.Whichkindofscanwouldyou
usetoachievethis?(Choosethebestanswer)
A.NessusscanwithTCPbasedpings.
B.NmapscanwiththesP(Pingscan)switch.
C.Netcatscanwiththeueswitches.
D.NmapwiththesO(RawIPpackets)switch.
45.WhataretwptypesofICMPcodeusedwhenusingthepingcommand?

A.Itusestypes0and8.
B.Itusestypes13and14.
C.Itusestypes15and17.
D.ThepingcommanddoesnotuseICMPbutusesUDP.
46.Youarehavingproblemswhileretrievingresultsafterperformingportscanningduringinternaltesting.Youverifythatthereare

nosecuritydevicesbetweenyouandthetargetsystem.Whenbothstealthandconnectscanningdonotwork,youdecideto
performaNULLscanwithNMAP.Thefirstfewsystemsscannedshowsallportsopen.Whichoneofthefollowingstatementsis
probablytrue?
A.Thesystemshaveallportsopen.
B.ThesystemsarerunningahostbasedIDS.
C.Thesystemsarewebservers.
D.ThesystemsarerunningWindows.
47.JohnhasscannedthewebserverwithNMAP.However,hecouldnotgatherenoughinformationtohelphimidentifythe

operatingsystemrunningontheremotehostaccurately.WhatwouldyousuggesttoJohntohelpidentifytheOSthatisbeing
usedontheremotewebserver?
A.Connecttothewebserverwithabrowserandlookatthewebpage.
B.ConnecttothewebserverwithanFTPclient.
C.Telnettoport8080onthewebserverandlookatthedefaultpagecode.
D.Telnettoanopenportandgrabthebanner.
48.AnNmapscanshowsthefollowingopenports,andnmapalsoreportsthattheOSguessingresultstomatchtoomany

signatureshenceitcannotreliablybeidentified:21ftp23telnet80http443httpsWhatdoesthissuggest?
A.ThisisaWindowsDomainController
B.Thehostisnotfirewalled
C.ThehostisnotaLinuxorSolarissystem
D.Thehostisnotproperlypatched
49.WhatportscanningmethodinvolvessendingspoofedpacketstoatargetsystemandthenlookingforadjustmentstotheIPID

onazombiesystem?
A.BlindPortScanning
B.IdleScanning
C.BounceScanning
D.StealthScanning
UDPScanning

E.
50.Whatportscanningmethodisthemostreliablebutalsothemostdetectable?

A.NullScanning
B.ConnectScanning
C.ICMPScanning
D.IdlescanScanning
E.HalfScanning
F.VerboseScanning
51.WhatdoesanICMP(Code13)messagenormallyindicates?

A.Itindicatesthatthedestinationhostisunreachable
B.Itindicatestothehostthatthedatagramwhichtriggeredthesourcequenchmessagewillneedtoberesent
C.Itindicatesthatthepackethasbeenadministrativelydroppedintransit
D.ItisarequesttothehosttocutbacktherateatwhichitissendingtraffictotheInternetdestination
52.BecauseUDPisaconnectionlessprotocol:(Select2)

A.UDPrecvfrom()andwrite()scanningwillyieldreliableresults
B.ItcanonlybeusedforConnectscans
C.ItcanonlybeusedforSYNscans
D.ThereisnoguaranteethattheUDPpacketswillarriveattheirdestination
E.ICMPportunreachablemessagesmaynotbereturnedsuccessfully
53.Youarescanningintothetargetnetworkforthefirsttime.Youfindveryfewconventionalportsopen.Whenyouattemptto

performtraditionalserviceidentificationbyconnectingtotheopenports,ityieldseitherunreliableornoresults.Youareunsure
ofwhatprotocolsarebeingused.Youneedtodiscoverasmanydifferentprotocolsaspossible.Whichkindofscanwouldyou
usetodothis?
A.NmapwiththesO(RawIPpackets)switch
B.NessusscanwithTCPbasedpings
C.NmapscanwiththesP(Pingscan)switch
D.Netcatscanwiththeueswitches
54.WhatICMPmessagetypesareusedbythepingcommand?

A.Timestamprequest(13)andtimestampreply(14)
B.Echorequest(8)andEchoreply(0)
C.Echorequest(0)andEchoreply(1)
D.Pingrequest(1)andPingreply(2)
55.WhichofthefollowingsystemswouldnotrespondcorrectlytoannmapXMASscan?

A.Windows2000ServerrunningIIS5
B.AnySolarisversionrunningSAMBAServer
C.AnyversionofIRIX
D.RedHatLinux8.0runningApacheWebServer
56.traceroutetowww.targetcorp.com(192.168.12.18),64hopsmay,40bytepackets1router.anon.com(192.13.212.254)1.373

ms1.123ms1.280ms2192.13.133.121(192.13.133.121)3.680ms3.506ms4.583ms3firewall.anon.com(192.13.192.17)
127.189ms257.404ms208.484ms4anongw.anon.com(192.93.144.89)471.68ms376.875ms228.286ms5fe5
0.lin.isp.com(192.162.231.225)2.961ms3.852ms2.974ms6fe00.lon0.isp.com(192.162.231.234)3.979ms3.243ms4.370
ms7192.13.133.5(192.13.133.5)11.454ms4.221ms3.333ms6***7***8www.targetcorp.com(192.168.12.18)5.392ms
3.348ms3.199msUsethetracerouteresultsshownabovetoanswerthefollowingquestion:Theperimetersecurityat
targetcorp.comdoesnotpermitICMPTTLexpiredpacketsout.
A.True
B.False

57.Whileattemptingtodiscovertheremoteoperatingsystemonthetargetcomputer,youreceivethefollowingresultsfroman

nmapscan:StartingnmapV.3.10ALPHA9(www.insecure.org/nmap/)Interestingportson172.121.12.222:(The1592ports
scannedbutnotshownbelowareinstate:filtered)PortStateService21/tcpopenftp25/tcpopensmtp53/tcpcloseddomain
80/tcpopenhttp443/tcpopenhttpsRemoteoperatingsystemguess:ToomanysignaturesmatchtoreliablyguesstheOS.
Nmapruncompleted1IPaddress(1hostup)scannedin277.483secondsWhatshouldbeyournextsteptoidentifytheOS?
A.PerformafirewalkwiththatsystemasthetargetIP
B.Performatcptraceroutetothesystemusingport53
C.Runannmapscanwiththevvoptiontogiveabetteroutput
D.Connecttotheactiveservicesandreviewthebannerinformation
58.WhenNmapperformsapingsweep,whichofthefollowingsetsofrequestsdoesitsendtothetargetdevice?

A.ICMPECHO_REQUEST&TCPSYN
B.ICMPECHO_REQUEST&TCPACK
C.ICMPECHO_REPLY&TFPRST
D.ICMPECHO_REPLY&TCPFIN
59._______isoneoftheprogramsusedtowardial.

A.DialIT
B.Netstumbler
C.TooPac
D.Kismet
E.ToneLoc
60.WhatarethedefaultpasswordsusedbySNMP?(Choosetwo.)

A.Password
B.SA
C.Private
D.Administrator
E.Public
F.Blank
61.WhichofthefollowingICMPmessagetypesareusedfordestinationsunreachables?

A.0
B.3
C.11
D.13
E.17
62.WhatistheproperresponseforaFINscaniftheportisclosed?

A.SYN
B.ACK
C.FIN
D.PSH
E.RST
63.WhatistheproperresponseforaFINscaniftheportisopen?

A.SYN
B.ACK
C.FIN
D.PSH
E.RST

F.Noresponse
64.WhatistheproperresponseforaXMASscaniftheportisclosed?

A.SYN
B.ACK
C.FIN
D.PSH
E.RST
F.Noresponse
65.WhatistheproperresponseforaXMASscaniftheportisopen?

A.SYN
B.ACK
C.FIN
D.PSH
E.RST
F.Noresponse
66.WhatflagsaresetinaXMASscan?(Chooseallthatapply.)

A.SYN
B.ACK
C.FIN
D.PSH
E.RST
F.URG
67.Whichofthefollowingisanautomatedvulnerabilityassessmenttool.

A.WhackaMole
B.Nmap
C.Nessus
D.Kismet
E.Jill32
68.JohnisusingaspecialtoolonhisLinuxplatformthathasasignaturedatabaseandisthereforeabletodetecthundredof

vulnerabilitiesinUNIX,Windows,andcommonlyusedwebCGIscripts.Additionally,thedatabasedetectsDDoSzombiesand
Trojans.Whatwouldbethenameofthismultifunctionaltool?
A.Nmap
B.Hping
C.Nessus
D.Make
69.________isanautomatedvulnerabilityassessmenttool.

A.WhackaMole
B.Nmap
C.Nessus
D.Kismet
E.Jill32
70.Whatisthedisadvantageofanautomatedvulnerabilityassessmenttool?

A.Ineffective

B.Slow
C.Pronetofalsepositives
D.Pronetofalsenegatives
E.Noisy
71.WhataretwothingsthatarepossiblewhenscanningUDPports?(Choosetwo.)

A.Aresetwillbereturned
B.AnICMPmessagewillbereturned
C.Thefourwayhandshakewillnotbecompleted
D.AnRFC1294messagewillbereturned
E.Nothing
72.WhichofthefollowingICMPmessagetypesareusedfordestinationsunreachables?

A.0
B.3
C.11
D.13
E.17
73.Whatdoesatype3code13represent?(Choosetwo.)

A.Echorequest
B.Destinationunreachable
C.Networkunreachable
D.Administrativelyprohibited
E.Portunreachable
F.Timeexceeded
74.Destinationunreachableadministrativelyprohibitedmessagescaninformthehackertowhat?

A.Thatacircuitlevelproxyhasbeeninstalledandisfilteringtraffic
B.Thathis/herscansarebeingblockedbyahoneypotorjail
C.Thatthepacketsarebeingmalformedbythescanningsoftware
D.Thatarouterorotherpacketfilteringdeviceisblockingtraffic
E.Thatthenetworkisfunctioningnormally
75.WhichofthefollowingNmapcommandswouldbeusedtoperformastackfingerprinting?

A.NmapOp80
B.NmaphUQ
C.NmapsTp
D.Nmapuow2
E.NmapsS0ptarget
76.

(http://www.proprofs.com/quiz

Snorthasbeenusedtocapturepacketsonthenetwork.Onstudyingthepackets,thepenetrationtesterfindsittobeabnormal.
Ifyouwerethepenetrationtester,whywouldyoufindthisabnormal?Whatisoddaboutthisattack?Choosethebestanswer.
A.ThisisnotaspoofedpacketastheIPstackhasincreasingnumbersforthethreeflags.
B.Thisisbackorificeactivityasthescancomesformport31337.

C.Theattackerwantstoavoidcreatingasubcarriesconnectionthatisnotnormallyvalid.
D.Thesepacketswerecraftedbyatool,theywerenotcreatedbyastandardIPstack.
77.WhichtypeofNmapscanisthemostreliable,butalsothemostvisible,andlikelytobepickedupbyandIDS?

A.SYNscan
B.ACKscan
C.RSTscan
D.Connectscan
E.FINscan
78.NametwosoftwaretoolsusedforOSguessing.(Choosetwo.)

A.Nmap
B.Snadboy
C.Queso
D.UserInfo
E.NetBus
79.SandraisthesecurityadministratorofABC.com.OnedayshenoticesthattheABC.comOracledatabaseserverhasbeen

compromisedandcustomerinformationalongwithfinancialdatahasbeenstolen.Thefinanciallosswillbeestimatedinmillions
ofdollarsifthedatabasegetsintothehandsofcompetitors.Sandrawantstoreportthiscrimetothelawenforcementagencies
immediately.WhichorganizationcoordinatescomputercrimeinvestigationsthroughouttheUnitedStates?
A.NDCA
B.NICP
C.CIRP
D.NPC
E.CIA
80.WhichofthefollowingNmapcommandswouldbeusedtoperformaUDPscanofthelower1024ports?

A.NmaphU
B.NmaphU
C.NmapsUp11024
D.Nmapuvw211024
E.NmapsSOtarget/1024
81.

Whilereviewingtheresultofscanningrunagainstatargetnetworkyoucomeacrossthefollowing:
A.ABo2ksystemquery
B.Nmapprotocolscan
C.Asniffer
D.AnSNMPwalk
82.YouaremanuallyconductingIdleScanningusingHping2.Duringyourscanningyounoticethatalmosteveryqueryincrements

theIPIDregardlessoftheportbeingqueried.OneortwoofthequeriescausetheIPIDtoincrementbymorethanonevalue.
Whydoyouthinkthisoccurs?
A.Thezombieyouareusingisnottrulyidle.
B.Astatefulinspectionfirewallisresettingyourqueries.
C.Hping2cannotbeusedforidlescanning.

D.Theseportsareactuallyopenonthetargetsystem.
83.Whileperformingpingscansintoatargetnetworkyougetafranticcallfromtheorganizationssecurityteam.Theyreportthat

theyareunderadenialofserviceattack.Whenyoustopyourscan,thesmurfattackeventstopsshowinguponthe
organizationsIDSmonitor.HowcanyoumodifyyourscantopreventtriggeringthiseventintheIDS?
A.Scanmoreslowly.
B.DonotscanthebroadcastIP.
C.SpoofthesourceIPaddress.
D.OnlyscantheWindowssystems.
84.YouareconcernedthatsomeonerunningPortSentrycouldblockyourscans,andyoudecidetoslowyourscanssothatnoone

detectsthem.Whichofthefollowingcommandswillhelpyouachievethis?
A.NmapsSPTPIOT1
B.NmapsOPTOC5
C.NmapsFPTPIO
D.NmapsFP0O
85.Youareperformingaportscanwithnmap.Youareinhurryandconductingthescansatthefastestpossiblespeed.However,

youdon'twanttosacrificereliabilityforspeed.Ifstealthisnotanissue,whattypeofscanshouldyouruntogetveryreliable
results?
A.XMASscan
B.Stealthscan
C.Connectscan
D.Fragmentedpacketscan
86.Neilnoticesthatasingleaddressisgeneratingtrafficfromitsport500toport500ofseveralothermachinesonthenetwork.

ThisscaniseatingupmostofthenetworkbandwidthandNeilisconcerned.Asasecurityprofessional,whatwouldyouinfer
fromthisscan?
A.Itisanetworkfaultandtheoriginatingmachineisinanetworkloop
B.Itisawormthatismalfunctioningorhardcodedtoscanonport500
C.TheattackeristryingtodetectmachinesonthenetworkwhichhaveSSLenabled
D.TheattackeristryingtodeterminethetypeofVPNimplementationandcheckingforIPSec
87.Adistributedportscanoperatesby:

A.Blockingaccesstothescanningclientsbythetargetedhost
B.UsingdenialofservicesoftwareagainstarangeofTCPports
C.Blockingaccesstothetargetedhostbyeachofthedistributedscanningclients
D.Havingmultiplecomputerseachscanasmallnumberofports,thencorrelatingtheresults
88.Youwanttoknowwhetherapacketfilterisinfrontof192.168.1.10.Pingsto192.168.1.10don'tgetanswered.Abasicnmap

scanof192.168.1.10seemstohangwithoutreturninganyinformation.Whatshouldyoudonext?
A.UseNetScanToolsProtoconductthescan
B.RunnmapXMASscanagainst192.168.1.10
C.RunNULLTCPhping2against192.168.1.10
D.Thefirewallisblockingallthescansto192.168.1.10
89.WhatdoesICMP(type11,code0)denote?

A.UnknownType
B.TimeExceeded
C.SourceQuench
D.DestinationUnreachable
90.Annmapcommandthatincludesthehostspecificationof202.176.5657.*willscan_______numberofhosts.

A.2

B.256
C.512
D.Over10,000
91.Aspecificsitereceived91ICMP_ECHOpacketswithin90minutesfrom47differentsites.77oftheICMP_ECHOpacketshad

anICMPID:39612andSeq:57072.13oftheICMP_ECHOpacketshadanICMPID:0andSeq:0.Whatcanyouinferfromthis
information?
A.ThepacketsweresentbyawormspoofingtheIPaddressesof47infectedsites
B.ICMPIDandSeqnumbersweremostlikelysetbyatoolandnotbytheoperatingsystem
C.All77packetscamefromthesameLANsegmentandhencehadthesameICMPIDandSeqnumber
D.13packetswerefromanexternalnetworkandprobablybehindaNAT,astheyhadanICMPID0andSeq0
92.Whichofthefollowingcommandsrunssnortinpacketloggermode?

A../snortdevh./log
B../snortdevl./log
C../snortdevo./log
D../snortdevp./log
93.WhichofthefollowingcommandlineswitchwouldyouuseforOSdetectioninNmap?

A.D
B.O
C.P
D.X
94.Whywouldanattackerwanttoperformascanonport137?

A.Todiscoverproxyserversonanetwork
B.TodisrupttheNetBIOSSMBserviceonthetargethost
C.TocheckforfileandprintsharingonWindowssystems
D.TodiscoverinformationaboutatargethostusingNBTSTAT
95.StevescansthenetworkforSNMPenableddevices.WhichportnumberSteveshouldscan?

A.69
B.150
C.161
D.169
96.WhichTypeofscansendsapacketswithnoflagsset?SelecttheAnswer

A.OpenScan
B.NullScan
C.XmasScan
D.HalfOpenScan
97.Youwanttoknowwhetherapacketfilterisinfrontof192.168.1.10.Pingsto192.168.1.10don'tgetanswered.Abasicnmap

scanof192.168.1.10seemstohangwithoutreturninganyinformation.Whatshouldyoudonext?
A.UseNetScanToolsProtoconductthescan
B.RunnmapXMASscanagainst192.168.1.10
C.RunNULLTCPhping2against192.168.1.10
D.Thefirewallisblockingallthescansto192.168.1.10
98.WhiledoingfastscanusingFoption,whichfileisusedtolisttherangeofportstoscanbynmap?

A.Services

B.Nmapservices
C.Protocols
D.Ports
99.

BobisaJuniorAdministratoratABC.comissearchingtheportnumberofPOP3inafile.Thepartialoutputofthefileislooklike:
Inwhichfileheissearching?
A.Services
B.Protocols
C.Hosts
D.Resolve.conf
100.

Pleasestudytheexhibitcarefully.WhichProtocolmaintainsthecommunicationonthatway?
A.UDP
B.IP
C.TCP
D.ARP
E.RARP

RelatedQuizzes
WhatKindOfHackerAreYou?(http://www.proprofs.com/quizschool/story.php?title=whatkindofhackerareyou)
TheNet,MovieAboutInternetHackers(http://www.proprofs.com/quizschool/story.php?title=netmovieaboutinternethackers)
HackerQuiz(http://www.proprofs.com/quizschool/story.php?title=hackerquiz)
AreYouAHacker?(http://www.proprofs.com/quizschool/story.php?title=areyouhacker)
IfYouWereAHacker,WhatKindWouldYouBe?(http://www.proprofs.com/quizschool/story.php?title=NzMyMTA4VDSS)
AHackerManifestoMckenzieWark(http://www.proprofs.com/quizschool/story.php?title=hackermanifestomckenziewark)

RelatedTopics
Internet(http://www.proprofs.com/quizschool/topic/internet)
Data(http://www.proprofs.com/quizschool/topic/data)
Software(http://www.proprofs.com/quizschool/topic/software)

FeaturedQuizzes
QuizYourNatureKnowledge(http://www.proprofs.com/quizschool/story.php?title=quizyournatureknowledge)
TheUltimateQuizOnTV(http://www.proprofs.com/quizschool/story.php?title=pptheultimatequizontv)

TheUltimateQuizOnTV(http://www.proprofs.com/quizschool/story.php?title=pptheultimatequizontv)
TriviaOnBoardGame(http://www.proprofs.com/quizschool/story.php?title=pphowmuchdoyoureallyknowaboutboardgame)
TheUltimateBatmanQuiz(http://www.proprofs.com/quizschool/story.php?title=ultimatebatmanquiz)
HowMuchDoPeopleLikeYou?(http://www.proprofs.com/quizschool/story.php?title=howmuchdopeoplelikeyou)

Backtotop(http://www.proprofs.com/quizschool/story.php?title=certifiedethicalhacker#)
(http://www.proprofs.com/quizschool/)