CEPT Exam 2 (2025) – All Questions &
Answers (100% Correct)
What does the EIP register point to? - ANSWER - The next instruction to be executed.
What do Off-by-one overflows overwrite? - ANSWER - The saved EBP.
How do stack overflows work? - ANSWER - Overwriting the saved EIP on the stack with
one that points to an address with shellcode.
What is IDA Pro? - ANSWER - A popular disassembler.
Can DLL's be executable modules? - ANSWER - Yes
How can yo write shellcode that will evade an IDS? - ANSWER - Obsucring the NOP
sled.
Are Fault Injection and Fuzzing essentially the same thing? - ANSWER - Yes
What do debuggers do? - ANSWER - Allow you to modify the runtime nature of a
program.
What are software breakpoints set with? - ANSWER - 0xCC
What is the best way to to fill a register with nulls when writing shellcode? - ANSWER -
Add a non-null value to the regsiter, then subtract the same value from the register.
Can PSExec execute programs remotely? - ANSWER - Yes
What is the hex representation for the ASCII characer A? - ANSWER - 41
What do application breakpointing API calls allow you to do when reverse engineering a
Windows application? - ANSWER - Halt a program when user input is received.
What does IDA Pro use to determine which compiler created a program? - ANSWER -
Start Code
What is an encrypted version of netcat - ANSWER - cryptcat
What is Metasploit - ANSWER - An exploitation framework
What are one of the big problems with IDS? - ANSWER - False positivies
Theopcode for NOP is: - ANSWER - x90
, Why can you overwrite subsequent blocks in heap memory? - ANSWER - It is
contiguous, if one block does not do proper bounds checking.
How big should your exploit shellcode be? - ANSWER - Small as possible
What can be used to obsecure shell code and evade some IDS and AV? - ANSWER -
Encoders
What are Covert Channels? - ANSWER - Another type of cover channel (ack tunnel)
Little Endian has which bit first? - ANSWER - Least significant.
Push does: - ANSWER - Places value on top of stack, reduces ESP by one word (2
bytes)
Pop does: - ANSWER - takes the value pointed to by the ESP and places it in the
specified location (increases ESP by one word)
Which paper introduced stack overflows to the world? - ANSWER - Aleph1's Smashing
the Stack for Fun and Profit
The %s format paramter does what? - ANSWER - Expects to be given a memory
address and prints the data at that memory address until a null byte is encountered.
the %n format parameter does what? - ANSWER - Expects to be given a memory
address and writes the number of bytes that have been written so far into that memory
address.
NFPA 58 - ANSWER - Liquefied Petroleum Gas Code
NFPA 54 - ANSWER - National Fuel Gas Code
NFPA 58, Liquefied Petroleum Gas Code - ANSWER - Standards for the storage,
handling, and transportation of propane.
NFPA 54, National Fuel Gas Code - ANSWER - Standards for the installation of fuel
gas piping systems, appliances, equipment, and related accessories.
Code of Federal Regulations - ANSWER - A government resource which contains all of
the federal rules and regulations which apply to the propane industry.
The DOT - ANSWER - Establishes regulations governing the construction of cylinders
and the safe transportation of propane.
Propane Advantages - ANSWER - Propane is a clean, efficient, and reliable fuel.
Answers (100% Correct)
What does the EIP register point to? - ANSWER - The next instruction to be executed.
What do Off-by-one overflows overwrite? - ANSWER - The saved EBP.
How do stack overflows work? - ANSWER - Overwriting the saved EIP on the stack with
one that points to an address with shellcode.
What is IDA Pro? - ANSWER - A popular disassembler.
Can DLL's be executable modules? - ANSWER - Yes
How can yo write shellcode that will evade an IDS? - ANSWER - Obsucring the NOP
sled.
Are Fault Injection and Fuzzing essentially the same thing? - ANSWER - Yes
What do debuggers do? - ANSWER - Allow you to modify the runtime nature of a
program.
What are software breakpoints set with? - ANSWER - 0xCC
What is the best way to to fill a register with nulls when writing shellcode? - ANSWER -
Add a non-null value to the regsiter, then subtract the same value from the register.
Can PSExec execute programs remotely? - ANSWER - Yes
What is the hex representation for the ASCII characer A? - ANSWER - 41
What do application breakpointing API calls allow you to do when reverse engineering a
Windows application? - ANSWER - Halt a program when user input is received.
What does IDA Pro use to determine which compiler created a program? - ANSWER -
Start Code
What is an encrypted version of netcat - ANSWER - cryptcat
What is Metasploit - ANSWER - An exploitation framework
What are one of the big problems with IDS? - ANSWER - False positivies
Theopcode for NOP is: - ANSWER - x90
, Why can you overwrite subsequent blocks in heap memory? - ANSWER - It is
contiguous, if one block does not do proper bounds checking.
How big should your exploit shellcode be? - ANSWER - Small as possible
What can be used to obsecure shell code and evade some IDS and AV? - ANSWER -
Encoders
What are Covert Channels? - ANSWER - Another type of cover channel (ack tunnel)
Little Endian has which bit first? - ANSWER - Least significant.
Push does: - ANSWER - Places value on top of stack, reduces ESP by one word (2
bytes)
Pop does: - ANSWER - takes the value pointed to by the ESP and places it in the
specified location (increases ESP by one word)
Which paper introduced stack overflows to the world? - ANSWER - Aleph1's Smashing
the Stack for Fun and Profit
The %s format paramter does what? - ANSWER - Expects to be given a memory
address and prints the data at that memory address until a null byte is encountered.
the %n format parameter does what? - ANSWER - Expects to be given a memory
address and writes the number of bytes that have been written so far into that memory
address.
NFPA 58 - ANSWER - Liquefied Petroleum Gas Code
NFPA 54 - ANSWER - National Fuel Gas Code
NFPA 58, Liquefied Petroleum Gas Code - ANSWER - Standards for the storage,
handling, and transportation of propane.
NFPA 54, National Fuel Gas Code - ANSWER - Standards for the installation of fuel
gas piping systems, appliances, equipment, and related accessories.
Code of Federal Regulations - ANSWER - A government resource which contains all of
the federal rules and regulations which apply to the propane industry.
The DOT - ANSWER - Establishes regulations governing the construction of cylinders
and the safe transportation of propane.
Propane Advantages - ANSWER - Propane is a clean, efficient, and reliable fuel.
