MEDSTUDY.COM
CERTIFIED ETHICAL HACKER V11 MASTER SET
PRACTICE QUESTIONS AND DETAILED
SOLUTIONS
◉ A phase of the cyber kill chain methodology triggers the adversary's
malicious code, which utilizes a vulnerability in the operating system,
application, or server on a target system. At this stage, the organization
may face threats such as authentication and authorization attacks,
arbitrary code execution, physical security threats, and security
misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation. Answer: C
◉ Which of the following is a category of hackers who are also known
as crackers, use their extraordinary computing skills for illegal or
malicious purposes, and are often involved in criminal activities?
A Black hats
B White hats
,MEDSTUDY.COM
C Suicide hackers
D Script kiddies. Answer: A
◉ John, a professional hacker, has launched an attack on a target
organization to extract sensitive information. He was successful in
launching the attack and gathering the required information. He is now
attempting to hide the malicious acts by overwriting the server, system,
and application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access. Answer: C
◉ Which of the following risk management phases involves selecting
and implementing appropriate controls for the identified risks to modify
them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment. Answer: C
,MEDSTUDY.COM
◉ In which of the following incident handling and response phases are
the identified security incidents analyzed, validated, categorized, and
prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication. Answer: B
◉ Which of the following phases of risk management is an ongoing
iterative process that assigns priorities for risk mitigation and
implementation plans to help determine the quantitative and qualitative
value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment. Answer: D
◉ Jack, a security professional, was instructed to introduce a security
standard to handle cardholder information for major debit, credit,
prepaid, e-purse, ATM, and POS cards. In the process, Jack has
, MEDSTUDY.COM
employed a standard that offers robust and comprehensive standards as
well as supporting materials to enhance payment-card data security.
What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS. Answer: D
◉ Morris, an attacker, has targeted an organization's network. To know
the structure of the target network, he combined footprinting techniques
with a network utility that helped him create diagrammatic
representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo. Answer: B
CERTIFIED ETHICAL HACKER V11 MASTER SET
PRACTICE QUESTIONS AND DETAILED
SOLUTIONS
◉ A phase of the cyber kill chain methodology triggers the adversary's
malicious code, which utilizes a vulnerability in the operating system,
application, or server on a target system. At this stage, the organization
may face threats such as authentication and authorization attacks,
arbitrary code execution, physical security threats, and security
misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation. Answer: C
◉ Which of the following is a category of hackers who are also known
as crackers, use their extraordinary computing skills for illegal or
malicious purposes, and are often involved in criminal activities?
A Black hats
B White hats
,MEDSTUDY.COM
C Suicide hackers
D Script kiddies. Answer: A
◉ John, a professional hacker, has launched an attack on a target
organization to extract sensitive information. He was successful in
launching the attack and gathering the required information. He is now
attempting to hide the malicious acts by overwriting the server, system,
and application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access. Answer: C
◉ Which of the following risk management phases involves selecting
and implementing appropriate controls for the identified risks to modify
them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment. Answer: C
,MEDSTUDY.COM
◉ In which of the following incident handling and response phases are
the identified security incidents analyzed, validated, categorized, and
prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication. Answer: B
◉ Which of the following phases of risk management is an ongoing
iterative process that assigns priorities for risk mitigation and
implementation plans to help determine the quantitative and qualitative
value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment. Answer: D
◉ Jack, a security professional, was instructed to introduce a security
standard to handle cardholder information for major debit, credit,
prepaid, e-purse, ATM, and POS cards. In the process, Jack has
, MEDSTUDY.COM
employed a standard that offers robust and comprehensive standards as
well as supporting materials to enhance payment-card data security.
What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS. Answer: D
◉ Morris, an attacker, has targeted an organization's network. To know
the structure of the target network, he combined footprinting techniques
with a network utility that helped him create diagrammatic
representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo. Answer: B
