CERTIFIED ETHICAL HACKER (CEH) V.10 PRACTICE QUESTIONS AND ANSWERS.100% COMPLETE 2025 A+ UPDATE.

CERTIFIED ETHICAL HACKER (CEH) V.10 PRACTICE QUESTIONS AND ANSWERS.100% COMPLETE 2025 A+ UPDATE. Which of the following is the best example of a deterrent control? A. A log aggregation system B. Hidden cameras onsite. C. A guard posted outside the door. D. Backup recovery systems. - CORRECT; C. A guard posted outside the door. Deterrents have to be visible to prevent an attack. A guard visible outside the door could help prevent physical attacks. Enacted in 2002, this US law requires every federal agency to implement information security programs, including significant reporting on compliance and accreditation. Which of the following is the best choice for this definition? A. FISMA B. HIPAA C. NIST 800-53 D. OSSTMM- CORRECT; A. FISMA (Federal Information Security Management Act) FISMA has been around since 2002 and was updated in 2014. It gave information security responsibilities to NIST, OMB, and other government agencies, and declared the Department of Homeland Security (DHS) as the operational lead for budgets and guidelines on security matters. Brad has done some research and determined that a certain set of systems on his network fail once every ten years. The purchase price for each of these systems is $1200. Brad also discovers that the admins on staff, who earn $50 an hour, estimate five hours to replace a machine. Five employees, earning $25 an hour, depend on each system and will be completely unproductive while it's down. What is the ALE of these devices? A. $2075 B. $207.50 C. $120 D. $1200- CORRECT; B. $207.50 ARO = 1 Occurrence/10 years = 0.1 SLE = $1200 + (5 x 50 = 250) + (5 x 5 x 25 = 625) = $2075 $2075 x 0.1 = $207.50 An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, NDAs, and the completion data. Which of the following is a true statement? A. A white hat is attempting a black box test. B. A white hat is attempting a white box test. C. A black hat is attempting a black box test. D. A black hat is attempting a gray box test.- CORRECT; A. A white hat is attempting a black box test. An ethical hacker hired under a specific agreement is a white hat. When an attack by a hacker is politically motivated, the hacker is said to be participating in which of the following? A. Black Hat Hacking B. Gray Box Attacks C. Gray Hat Attacks D. Hacktivism- CORRECT; D. Hacktivism Two hackers attempt to crack a company's network resource security. One is considered an ethical hacker, whereas the other is not. What distinguishes the ethical hacker from the "cracker"? A. The cracker always attempts white box testing. B. The ethical hacker always attempts black box testing. C. The cracker posts results to the Internet. D. The ethical hacker always obtains written permission before testing. Correct answer- D. The ethical hacker always obtains written permission before testing. In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in-depth information on their targets? A. Active Reconnaissance B. Scanning and enumeration C. Gaining Access D. Passive Reconnaissance- CORRECT; B. Scanning and enumeration Which type of attack is generally conducted as an inside attacker with elevated privileges on the resources? A. Gray Box B. White Box C. Black Box D. Active Reconnaissance- CORRECT; B. White Box Which of the following Common Criteria processes refers to the system or product being tested? A. ST B. PP C. EAL D. TOE- CORRECT; D. TOE (Target of Evaluation) Your company has a document that spells out exactly what employees are allowed to do on their computer systems. It also defines what is prohibited and what consequences await those who break the rules. A copy of this document is signed by all employees prior to their network access. Which of the following best describes this policy? A. Information Security Policy B. Special Access Policy C. Information Audit Policy D. Network Connection Policy- CORRECT; A. Information Security Policy The Information Security Policy, sometimes known as the Acceptable Use Policy, defines what is allowed and not allowed, and what the consequences are for misbehavior in regard to resources on the corporate network. Sally is a member of a pen test team newly hired to test a bank's security. She begins searching for IP addresses the bank may own by searching public records on the Internet. She also looks up news articles and job postings to discover information that may be valuable. In what phase of the pen test is Sally working? A. Preparation B. Assessment C. Conclusion D. Reconnaissance- CORRECT; B. Assessment The Assessment phase is where all the activity takes place, including the passive information gathering performed by Sally in this example. Joe is a security engineer for a firm. His company downsizes, and Joe discovers he will be laid off within a short amount of time. Joe plants viruses and sets about destroying data and settings throughout the network, with no regard to being caught. Which type of hacker is Joe considered to be? A. Hacktivist B. Suicide Hacker C. Black Hat D. Script Kiddie- CORRECT; B. Suicide Hacker Elements of security include confidentiality, integrity, and availability. Which technique provides for integrity? A. Encryption B. UPS C. Hashing D. Passwords- CORRECT; C. Hashing Which of the following best describes an effort to identify systems that are critical for continuation of operation for the organization? A. BCP B. BIA C. MTD D. DRP- CORRECT; B. BIA (Business Impact Analysis) A BIA is the actual process to identify those critical systems. Which of the following would be the best choice for footprinting restricted URLs and OS information from a target? A. B. C. Netcraft D. Yesware- CORRECT; C. Netcraft "Netcraft provides security services, including anti-fraud and anti-phishing services, application testing, and PCI scanning." Which of the following consists of a publicly available set of databases that contain domain name registration contact information? A. IETF B. IANA C. Whois D. OSRF- CORRECT; C. Whois Whois is a great resource to scour public information regarding your target. Registration databases contain data points that may be useful, such as domain registration, points of contact, and IP ranges. Which of the following best describes the role that the U.S. Computer Security Incident Response Team (CSIRT) provides? A. Vulnerability measurement and assessments for the U.S. Department of Defense. B. A reliable and consistent point of contact for all incident response services for associates of the Department of Homeland Security. C. Incident response services for all Internet providers. D. Pen test registration for public and private sector.- CORRECT; B. CSIRT provides incident response services for any user, company, agency, or organization in partnership with the Department of Homeland Security. A security peer is confused about a recent incident. An attacker successfully accessed a machine in the organization and made off with some sensitive data. A full vulnerability scan was run immediately following the theft, and nothing was discovered. Which of the following best describes what may have happened? A. The attacker took advantage of a zero-day vulnerability on the machine. B. The attacker performed a full rebuild of the machine after he was done. C. The attacker performed a denial-of-service attack. D. Security measures on the device were completely disabled before the attack began.- CORRECT; A. Zero-Day Vulnerability A zero-day vulnerability is simply one that security personnel, vendors, and even vulnerability scanners don't know about yet. It's more likely the attacker is using an attack vector unknown to the security personnel than he somehow managed to turn off all security measures without alerting anyone. Which footprinting tool or technique can be used to find the names and addresses of employees or technical points of contact? A. whois B. nslookup C. dig D. traceroute- CORRECT; A. Whois Whois provides information on the domain registration, including technical and business POCs' addresses and e-mails. Which Google hack would display all pages that have the words SQL and Version in their titles? A. inurl:SQL inurl:version B. allinurl:SQL version C. intitle:SQL inurl:version D. allintitle:SQL version- CORRECT; D. allintitle:SQL version The Google search operator allintitle allows for the combination of strings in the title. The operator inurl looks only in the URL of the site. Which of the following are passive footprinting methods (Choose all that apply)? A. Checking DNS replies for network mapping purposes. B. Collecting information through publicly accessible sources. C. Performing a ping sweep against the network range. D. Sniffing network traffic through a network tap.- CORRECT; A. Checking DNS replies, and B. Collecting information through publicly accessible sources. Passive footprinting is all about publicly accessible sources. Which OSRF application checks to see if a username has been registered in up to 22 different e-mail providers? A. B. C.