Showing posts with label Certified Ethical Hacker Quiz. Show all posts
Showing posts with label Certified Ethical Hacker Quiz. Show all posts

Sunday, 29 January 2012

Certified Ethical Hacker Quiz 22


Question: 22

Which of the following Nmap commands would be used to perform a UDP scan of the lower 1024
ports?
A. Nmap -h -U
B. Nmap -hU <host(s.>
C. Nmap -sU -p 1-1024 <host(s.>
D. Nmap -u -v -w2 <host> 1-1024
E. Nmap -sS -O target/1024

Answer: C
Explanation:
Nmap -sU -p 1-1024 <host(s.> is the proper syntax. Learning Nmap and its switches are critical
for successful completion of the CEH exam.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 21.


Question: 21

What is the tool Firewalk used for?
A. To exam the IDS for proper operation
B. To exam a firewall for proper operation
C. To determine what rules are in place for a firewall
D. To exam the webserver configuration
E. Firewalk is a firewall auto configuration tool

Answer: C

Explanation:
Firewalk is an active reconnaissance network security tool that attempts to determine what layer
4 protocols a given IP forwarding device "firewall" will pass. Firewalk works by sending out TCP
or UDP packets with a TTL one greater than the targeted gateway. If the gateway allows the
traffic, it will forward the packets to the next hop where they will expire and elicit an
ICMP_TIME_EXCEEDED message. If the gateway host does not allow the traffic, it will likely
drop the packets and no response will be returned.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 20


Question: 20

The follows is an email header. What address is that of the true originator of the message?
Return-Path: <bgates@microsoft.com>
Received: from smtp.com (fw.emumail.com [215.52.220.122].
by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807
for <mikeg@thesolutionfirm.com>; Sat, 9 Aug 2003 18:18:50 -0500
Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000
Received: from ([19.25.19.10].
by smtp.com with SMTP
Received: from unknown (HELO CHRISLAPTOP. (168.150.84.123.
by localhost with SMTP; 8 Aug 2003 23:25:01 -0000
From: "Bill Gates" <bgates@microsoft.com>
To: "mikeg" <mikeg@thesolutionfirm.com>
Subject: We need your help!
Date: Fri, 8 Aug 2003 19:12:28 -0400
Message-ID: <51.32.123.21@CHRISLAPTOP>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0052_01C35DE1.03202950"
X-Priority: 3 (Normal.
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal

A. 19.25.19.10
B. 51.32.123.21
C. 168.150.84.123
D. 215.52.220.122
E. 8.10.2/8.10.2


Answer: C

Explanation:
Spoofing can be easily achieved by manipulating the "from" name field, however, it is much more
difficult to hide the true source address. The "received from" IP address 168.150.84.123 is the
true source of the
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 19


Question: 19

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Exam for?

A. To determine who is the holder of the root account
B. To perform a DoS
C. To create needless SPAM
D. To illicit a response back that will reveal information about email servers and how they treat
undeliverable mail
E. To exam for virus protection

Answer: D
Explanation:
Sending a bogus email is one way to find out more about internal servers. Also, to gather
additional IP addresses and learn how they treat mail.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 18


Question: 18

When worsheets with Windows systems, what is the RID of the true administrator account?
A. 500
B. 501
C. 1000
D. 1001
E. 1024
F. 512

Answer: A

Explanation:
Because of the way in which Windows functions, the true administrator account always has a RID
of 500.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 17


Question: 17

Which of the following tools are used for enumeration?(Choose three.
A. SolarWinds
B. USER2SID
C. Cheops
D. SID2USER
E. DumpSec


Answer: B, D, E

Explanation:
USER2SID, SID2USER, and DumpSec are three of the tools used for system enumeration.
Others are tools such as NAT and Enum. Knowing which tools are used in each step of the
hacsheets methodology is an important goal of the CEH exam. You should spend a portion of
your time preparing for the exam practicing with the tools and learning to understand their output.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 16.


Question: 16

What did the following commands determine?
C: user2sid \earth guest
S-1-5-21-343818398-789336058-1343024091-501
C:sid2user 5 21 343818398 789336058 1343024091 500
Name is Joe
Domain is EARTH

A. That the Joe account has a SID of 500
B. These commands demonstrate that the guest account has NOT been disabled
C. These commands demonstrate that the guest account has been disabled
D. That the true administrator is Joe
E. Issued alone, these commands prove nothing

Answer: D

Explanation:
One important goal of enumeration is to determine who the true administrator is. In the example
above, the true administrator is Joe.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 15.


Question: 15

Which of the following statements about a zone transfer correct?(Choose three)

A. A zone transfer is accomplished with the DNS
B. A zone transfer is accomplished with the nslookup service
C. A zone transfer passes all zone information that a DNS server maintains
D. A zone transfer passes all zone information that a nslookup server maintains
E. A zone transfer can be prevented by blocsheets all inbound TCP port 53 connections
F. Zone transfers cannot occur on the Internet


Answer: A, C, E

Explanation:
Securing DNS servers should be a priority of the organization. Hackers obtaining DNS
information can discover a wealth of information about an organization. This information can be
used to further exploit the network.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 14.


Question: 14

While footprinting a network, what port/service should you look for to attempt a zone transfer?

A. 53 UDP
B. 53 TCP
C. 25 UDP
D. 25 TCP
E. 161 UDP
F. 22 TCP
G. 60 TCP


Answer: B
Explanation:
IF TCP port 53 is detected, the opportunity to attempt a zone transfer is there.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 13.


Question: 13

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?
   nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>


A. Enables DNS spoofing
B. Loads bogus entries into the DNS table
C. Verifies zone security
D. Performs a zone transfer
E. Resets the DNS cache

Answer: D
Explanation:
If DNS has not been properly secured, the command sequence displayed above will perform a
zone transfer.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 12.


Question: 12

According to the CEH methodology, what is the next step to be performed after footprinting?

A. Enumeration
B. Scanning
C. System Hacsheets
D. Social Engineering
E. Expanding Influence


Answer: B
Explanation:
Once footprinting has been completed, scanning should be attempted next. Scanning should take
lace on two distinct levels: network and host.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 11.


Question: 11

Which of the following tools are used for footprinting?

A. Sam Spade
B. NSLookup
C. Traceroute
D. Neotrace
E. Cheops

Answer: A, B, C, D

Explanation:
All of the tools listed are used for footprinting except Cheops.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 10.


Question: 10

Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys.

Which one would you suggest she looks in first?
A. LACNIC
B. ARIN
C. APNIC
D. RIPE
E. AfriNIC


Answer: B

Explanation:
Regional registries maintain records from the areas from which they govern. ARIN is responsible
for domains served within North and South America and therefore, would be a good starting point for a .com domain.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 9


Question: 9

What does the following command achieve?
Telnet <IP Address> <Port 80>
HEAD /HTTP/1.0
<Return>
<Return>

A. This command returns the home page for the IP address specified
B. This command opens a backdoor Telnet session to the IP address specified
C. This command returns the banner of the website specified by IP address
D. This command allows a hacker to determine the sites security
E. This command is bogus and will accomplish nothing


Answer: C

Explanation:
This command is used for banner grabbing. Banner grabbing helps identify the service and
version of web server running.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 8.


Question: 8

Password cracsheets programs reverse the hashing process to recover passwords.(True/False)

A. True
B. False

Answer: B

Explanation:
Password cracsheets programs do not reverse the hashing process. Hashing is a one-way
process.
What these programs can do is to encrypt words, phrases, and characters using the same
encryption process and compare them to the original password. A hashed match reveals the true
password.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 7.


Question: 7

Which of the following are well know password-cracsheets programs?

A. L0phtcrack
B. NetCat
C. Jack the Ripper
D. Netbus
E. John the Ripper

Answer: A, E

Explanation:
L0phtcrack and John the Ripper are two well know password-cracsheets programs. Netcat is
considered the Swiss-army knife of hacsheets tools, but is not used for password cracsheets
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 6.



Question: 6

When discussing passwords, what is considered a brute force attack?

A. You attempt every single possibility until you exhaust all possible combinations or discover the
password
B. You threaten to use the rubber hose on someone unless they reveal their password
C. You load a dictionary of words into your cracsheets program
D. You create hashes of a large number of words and compare it with the encrypted passwords
E. You wait until the password expires

Answer: A

Explanation:
Brute force cracsheets is a time consuming process where you try every possible combination of
letters, numbers, and characters until you discover a match.

Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 4.


Question: 4

What are the two basic types of attacks?

A. DoS
B. Passive
C. Sniffing
D. Active
E. Cracsheets

Answer: B, D
Explanation:
Passive and active attacks are the two basic types of attacks.
Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 3.



Question: 3

Several of your co-workers are having a discussion over the etc/passwd file. They are at odds
over what types of encryption are used to secure Linux passwords.(Choose all that apply).

A. Linux passwords can be encrypted with MD5
B. Linux passwords can be encrypted with SHA
C. Linux passwords can be encrypted with DES
D. Linux passwords can be encrypted with Blowfish
E. Linux passwords are encrypted with asymmetric algrothims

Answer: A, C D

Explanation:
Linux passwords can be encrypted with several types of hashing algorithms. These include SHQ,
MD5, and Blowfish.

Posted by at No comments:
Labels:

Certified Ethical Hacker Quiz 2.


Question: 2

How can you determine if an LM hash you extracted contains a password that is less than 8
characters long?

A. There is no way to tell because a hash cannot be reversed
B. The right most portion of the hash is always the same
C. The hash always starts with AB923D
D. The left most portion of the hash is always the same
E. A portion of the hash will be all 0's


Answer: B

Explanation:
When loosheets at an extracted LM hash, you will sometimes observe that the right most portion
is always the same. This is padding that has been added to a password that is less than 8
characters long.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)