اضغط هنا للانضمام الى قروب فوجي للإختبارات على تيليقرام

أرشيف أسئلة الاختبار

اختبار شهادة Certified Ethical Hacker (CEH) V13

هذه الصفحة مخصصة للأرشفة وتعرض جميع أسئلة الاختبار وروابط كل سؤال مع الخيارات والنقاشات.

الأسئلة

60 سؤال
  1. Under what conditions does a secondary name server request a zone transfer from a primary name server?
  2. An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a web server in the external DMZ. ...
  3. The collection of potentially actionable, overt, and publicly available information is known as:
  4. Which of the following is a component of a risk assessment?
  5. Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?
  6. An attacker, using a rogue wireless AP, performed a MITM attack and injected HTML code to embed a malicious applet in all HTTP connections. When users accessed ...
  7. Eric used Dsniff tools to intercept communications between two entities, establishing credentials with both sides and relaying all traffic. Neither endpoint not ...
  8. While using your bank’s online services you see this URL: "http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21" You notice that if ...
  9. Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
  10. What tool can crack Windows SMB passwords simply by listening to network traffic?
  11. Bob decides a DMZ is not needed if the firewall is configured to only allow access to specific Internet-facing servers/ports and block access to workstations. H ...
  12. Based on the following extract from the log of a compromised machine (showing access to "har.txt" in the repair context), what is the hacker really trying to st ...
  13. User A is sending a sensitive email to user B and chooses to use PKI to secure the message so only B can read it. At what OSI layer does the encryption and decr ...
  14. Bob is performing a password assessment and suspects weak passwords are common. He knows about password weaknesses and keyloggers. Which option best represents ...
  15. Bob is performing a password assessment and suspects weak passwords are common. He knows about password weaknesses and keyloggers. Which option best represents ...
  16. An incident investigator receives logs from firewalls, proxy servers, and IDS sensors after a possible breach. When correlating events, the sequences in differe ...
  17. The Heartbleed bug (CVE-2014-0160) affects OpenSSL’s implementation of TLS. What type of key does this bug potentially expose to the Internet, making exploitati ...
  18. What two conditions must a digital signature meet?
  19. What is NOT a PCI compliance recommendation?
  20. You have physical access to a Windows 2008 R2 server with an accessible disk drive but cannot guess the admin password. You boot an Ubuntu LiveCD. Which Linux-b ...
  21. Which of the following is a command-line packet analyzer similar to GUI-based Wireshark?
  22. Scenario: An attacker creates an attractive web page and overlays an invisible iframe on top of a button. The victim thinks they click the visible offer, but ac ...
  23. In the Mason Insurance scenario, internal users see the normal website while Internet users see a defaced website at www.masonins.com. Tripwire shows no changes ...
  24. A hacker studies a target company’s public information, email style, leadership names, and branding to craft realistic phishing emails. The time spent gathering ...
  25. DHCP snooping is enabled to prevent rogue DHCP servers. Which security feature on switches leverages the DHCP snooping database to help prevent man-in-the-middl ...
  26. Which type of physical security feature stops vehicles from crashing through the doors of a building?
  27. A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub ...
  28. The establishment of a TCP connection involves a negotiation called the three-way handshake. What type of message does the client send to the server in order to ...
  29. “........ is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdro ...
  30. A company’s security policy states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is ...
  31. MX record priority increases as the number increases. (True/False.)
  32. A zone file consists of which of the following Resource Records (RRs)?
  33. Which of the following incident handling process phases is responsible for defining rules, coordinating people, creating a backup plan, and testing the plans fo ...
  34. The command `env x='(){ :;};echo exploit' bash -c 'cat /etc/passwd'` is used in the Shellshock bash vulnerability. What is it attempting to do on a vulnerable L ...
  35. You are tasked to perform a penetration test. During information gathering, you find an employee list and the receptionist’s email. You send her an email spoofe ...
  36. During a black-box penetration test, you attempt to pass IRC traffic over TCP port 80 from a compromised web-enabled host. The traffic is blocked, but normal ou ...
  37. Which of the following statements about a DNS zone transfer is correct? (Choose three.)
  38. Null sessions are unauthenticated connections (no username or password) to an NT or 2000 system. Which TCP ports must you filter to block/null-check these sessi ...
  39. An attacker has installed a RAT on a host and wants to ensure that when a user visits "www.MyPersonalBank.com" they are silently redirected to a phishing site. ...
  40. In Nmap, what does the `-oX` flag do during a scan?
  41. Bob, a network administrator at a university, discovered that some students are plugging their laptops into unused wired Ethernet ports to get Internet access. ...
  42. Which UDP port does Network Time Protocol (NTP) primarily use for communication?
  43. You have just deployed a security system in your network. In which type of system would you most likely find a rule such as: alert tcp any any -> 192.168.100.0/ ...
  44. Which of the following is considered a low-tech method of gaining unauthorized access to systems?
  45. Shellshock allowed unauthorized users to gain access to many Internet-facing services that used the Bash shell. Which operating system was NOT directly affected ...
  46. You have the following SOA record in your DNS zone: collegae.edu. SOA, college.edu ipad.college.edu. (200302028 3600 3600 604800 3600). Secondary DNS servers ha ...
  47. Which method of password cracking typically requires the most time and effort when other conditions are equal?
  48. Bob receives this SMS: "Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com". Which statement i ...
  49. Which statement best describes the behavior of a classic boot sector virus?
  50. Which type of virus attempts to hide from antivirus programs by actively altering or intercepting system service calls while they are being executed?
  51. During a security assessment, you find that the organization has one DNS server in the DMZ and another DNS server on the internal network. What is this DNS desi ...
  52. Which type of malware is most commonly targeted at Microsoft Office products such as Word or Excel?
  53. What does a traditional network firewall primarily inspect to block certain ports and applications from entering an organization?
  54. A systems administrator needs to migrate email services to the cloud model that requires the least amount of administrative effort. Which of the following shoul ...
  55. While investigating network traffic, a cloud administrator discovers the monthly billing has increased substantially. Upon further review, it appears the server ...
  56. A cloud administrator is monitoring a database system and notices an unusual increase in the read operations, which is causing a heavy load in the system. The s ...
  57. What term is commonly used when referring to the type of testing in which large amounts of random, unexpected, or malformed input are sent to an application to ...
  58. SMTP can upgrade a plain-text connection between two mail servers so that email is encrypted in transit. Which SMTP command is used to initiate transmission of ...
  59. What is the technique called that sends crafted packets toward a protected host through a firewall to determine which ports are allowed through the firewall’s p ...
  60. A hacker is an intelligent individual with strong computer skills who may act offensively or defensively at different times. Which class of hacker refers to som ...