EC Council CEH assessment
Hacker is a person who illegally breaks into a system or network without any
authorization to destroy, steal sensitive data or to perform any malicious attacks.
Black hat hackers are: - Answer Individuals with extraordinary computing skills,
resorting to malicious or destructive activities and are also known as crackers
In order to compromise or to hack a system or network the hackers go through various
phases of the hacking.
What is the first hacking phase that hackers perform to gather information about a target
prior to launching an attack? - Answer Reconnaissance
Defense-in-depth is a security strategy in which several protection layers are placed
throughout an information system. It helps to prevent direct attacks against an
information system and data because a break in one layer only leads the attacker to the
next layer. - Answer True
Penetration testing is a method of actively evaluating the security of an information
system or network by simulating an attack from a malicious source.
Which of the following technique is used to simulate an attack from someone who is
unfamiliar with the system? - Answer Black box pen testing
Which of the following scanning technique attackers use to bypass firewall rules,
logging mechanism, and hide themselves as usual network traffic? - Answer Stealth
scanning technique
Which of the following scan only works if operating system's TCP/IP implementation is
based on RFC 793? - Answer NULL scan
OS fingerprinting is the method used to determine the operating system running on a
remote target system. It is an important scanning method, as the attacker will have a
greater probability of success if he/she knows the OS. Active stack fingerprinting is one
of the types of OS fingerprinting.
Which of the following is true about active stack fingerprinting? - Answer Is based on the
fact that various vendors of OS implement the TCP stack differently
Proxy is a network computer that can serve as an intermediary for connecting with other
computers.
Which of the following sentence is true about a proxy? - Answer Protects the local
network from outside access
IP spoofing refers to the procedure of an attacker changing his or her IP address so that
he or she appears to be someone else.
, EC Council CEH assessment
Which of the following IP spoofing detection technique succeed only when the attacker
is in a different subnet? - Answer Direct TTL probes technique
Enumeration is defined as the process of extracting user names, machine names,
network resources, shares, and services from a system.
Which of the following enumeration an attacker uses to obtain list of computers that
belongs to a domain? - Answer Netbios enumeration
Network Time Protocol (NTP) is designed to synchronize clocks of networked
computers.
Which of the following port NTP uses as its primary means of communication? - Answer
UDP Port 123
Rootkits are kernel programs having the ability to hide themselves and cover up traces
of activities. It replaces certain operating system calls and utilities with its own modified
versions of those routines.
Which of the following rootkit modifies the boot sequence of the machine to load
themselves instead of the original virtual machine monitor or operating system? -
Answer Hypervisor level rootkit
Steganography is a technique of hiding a secret message within an ordinary message
and extracting it at the destination to maintain confidentiality of data.
Which of the following steganography technique embed secret message in the
frequency domain of a signal? - Answer Transform domain techniques
A virus is a self-replicating program that produces its own code by attaching copies of it
into other executable codes.
Which of the following virus evade the anti-virus software by intercepting its requests to
the operating system? - Answer Stealth/Tunneling virus
Lawful intercept is a process that enables a Law Enforcement Agency (LEA) to perform
electronic surveillance on a target as authorized by a judicial or administrative order.
Which of the following statement is true for lawful intercept? - Answer Hides information
about lawful intercepts from all but the most privileged users
Sniffer turns the NIC of a system to the promiscuous mode so that it listens to all the
data transmitted on its segment. It can constantly read all information entering the
computer through the NIC by decoding the information encapsulated in the data packet.
Hacker is a person who illegally breaks into a system or network without any
authorization to destroy, steal sensitive data or to perform any malicious attacks.
Black hat hackers are: - Answer Individuals with extraordinary computing skills,
resorting to malicious or destructive activities and are also known as crackers
In order to compromise or to hack a system or network the hackers go through various
phases of the hacking.
What is the first hacking phase that hackers perform to gather information about a target
prior to launching an attack? - Answer Reconnaissance
Defense-in-depth is a security strategy in which several protection layers are placed
throughout an information system. It helps to prevent direct attacks against an
information system and data because a break in one layer only leads the attacker to the
next layer. - Answer True
Penetration testing is a method of actively evaluating the security of an information
system or network by simulating an attack from a malicious source.
Which of the following technique is used to simulate an attack from someone who is
unfamiliar with the system? - Answer Black box pen testing
Which of the following scanning technique attackers use to bypass firewall rules,
logging mechanism, and hide themselves as usual network traffic? - Answer Stealth
scanning technique
Which of the following scan only works if operating system's TCP/IP implementation is
based on RFC 793? - Answer NULL scan
OS fingerprinting is the method used to determine the operating system running on a
remote target system. It is an important scanning method, as the attacker will have a
greater probability of success if he/she knows the OS. Active stack fingerprinting is one
of the types of OS fingerprinting.
Which of the following is true about active stack fingerprinting? - Answer Is based on the
fact that various vendors of OS implement the TCP stack differently
Proxy is a network computer that can serve as an intermediary for connecting with other
computers.
Which of the following sentence is true about a proxy? - Answer Protects the local
network from outside access
IP spoofing refers to the procedure of an attacker changing his or her IP address so that
he or she appears to be someone else.
, EC Council CEH assessment
Which of the following IP spoofing detection technique succeed only when the attacker
is in a different subnet? - Answer Direct TTL probes technique
Enumeration is defined as the process of extracting user names, machine names,
network resources, shares, and services from a system.
Which of the following enumeration an attacker uses to obtain list of computers that
belongs to a domain? - Answer Netbios enumeration
Network Time Protocol (NTP) is designed to synchronize clocks of networked
computers.
Which of the following port NTP uses as its primary means of communication? - Answer
UDP Port 123
Rootkits are kernel programs having the ability to hide themselves and cover up traces
of activities. It replaces certain operating system calls and utilities with its own modified
versions of those routines.
Which of the following rootkit modifies the boot sequence of the machine to load
themselves instead of the original virtual machine monitor or operating system? -
Answer Hypervisor level rootkit
Steganography is a technique of hiding a secret message within an ordinary message
and extracting it at the destination to maintain confidentiality of data.
Which of the following steganography technique embed secret message in the
frequency domain of a signal? - Answer Transform domain techniques
A virus is a self-replicating program that produces its own code by attaching copies of it
into other executable codes.
Which of the following virus evade the anti-virus software by intercepting its requests to
the operating system? - Answer Stealth/Tunneling virus
Lawful intercept is a process that enables a Law Enforcement Agency (LEA) to perform
electronic surveillance on a target as authorized by a judicial or administrative order.
Which of the following statement is true for lawful intercept? - Answer Hides information
about lawful intercepts from all but the most privileged users
Sniffer turns the NIC of a system to the promiscuous mode so that it listens to all the
data transmitted on its segment. It can constantly read all information entering the
computer through the NIC by decoding the information encapsulated in the data packet.
