test
Main
Main
Welcome to your CEH
Name
Email
Instructor Name
Phone
1.
Which of the following tools is primarily used for DNS footprinting?
nslookup
Metasploit
Burp Suite
Ettercap
None
2.
What is the purpose of ARP poisoning?
Encrypting data transmission
Redirecting network traffic
Preventing DDoS attacks
Identifying open ports
None
3.
Which type of attack relies on sending more data than a buffer can handle?
DoS attack
SQL injection
Buffer Overflow
ARP spoofing
None
4.
Which of these tools is best for detecting vulnerabilities in web applications?
Wireshark
Burp Suite
Nmap
Netcat
None
5.
Which port does LDAP use by default for unencrypted communication?
389
443
636
3389
None
6.
What does the ‘-sS’ option do in an Nmap scan?
Performs a SYN scan
Performs a full TCP connect scan
Launches a UDP scan
Performs a ping sweep
None
7.
What is the main advantage of a SYN scan over a full connect scan?
It is faster and stealthier
It guarantees detection
It blocks network access
It requires administrative privileges
None
8.
Which of these encryption protocols is considered the most secure?
DES
AES-128
AES-256
RC4
None
9.
Which SQL injection technique involves injecting a payload directly into user input fields?
Blind SQL injection
Time-based SQL injection
Classic SQL injection
Error-based SQL injection
None
10.
What is a primary defense mechanism against cross-site scripting (XSS) attacks?
Input validation and sanitization
Using weak passwords
Avoiding SSL encryption
Disabling firewalls
None
11.
What type of attack exploits the predictable sequence of TCP Initial Sequence Numbers (ISNs)?
TCP session hijacking
DDoS attack
SQL injection
Rainbow table attack
None
12.
What is the purpose of a "salting" technique in password storage?
Strengthening password hashes
Encrypting stored passwords
Slowing down brute-force attacks
All of the above
None
13.
What is the primary function of a honeypot?
Protect against malware
Attract and detect attackers
Encrypt network traffic
Secure web applications
None
14.
What does the tool "John the Ripper" primarily do?
Cracks passwords
Scans for open ports
Spoofs IP addresses
Encrypts files
None
15.
What is a characteristic of a polymorphic virus?
It infects only Linux systems
It changes its code to evade detection
It spreads via USB devices
It does not require execution
None
16.
What attack technique is used to force a user's browser to make an unintended request?
SQL injection
Cross-Site Request Forgery (CSRF)
ARP poisoning
Reverse shell attack
None
17.
Which of the following tools is used for network traffic analysis?
Wireshark
Netcat
Cain & Abel
Burp Suite
None
18.
What is an important feature of an IPS (Intrusion Prevention System)?
Blocking malicious traffic in real-time
Encrypting stored passwords
Generating brute-force attacks
Detecting but not blocking attacks
None
19.
Which Linux command can help identify open network ports?
netstat -tulnp
ifconfig
pwd
ps aux
None
20.
Which of the following attacks is NOT a type of social engineering?
Phishing
Baiting
ARP Spoofing
Pretexting
None
21.
What type of attack involves injecting malicious code into a dynamic SQL query?
Command injection
SQL injection
CSRF
ARP poisoning
None
22.
Which technique involves encoding malicious scripts to evade detection?
SQL injection
Obfuscation
Firewall bypassing
ARP spoofing
None
23.
What type of malware encrypts files and demands payment for decryption?
Ransomware
Rootkit
Spyware
Worm
None
24.
What is the purpose of a Trojan horse in hacking?
Disguising malware as legitimate software
Overloading network traffic
Exploiting SQL injection
Defending against DoS attacks
None
25.
Which type of attack occurs when an attacker places themselves between two communicating parties?
Man-in-the-middle (MITM) attack
SQL injection
Brute force attack
Privilege escalation
None
26.
What is the primary goal of footprinting?
Gathering information about a target system
Exploiting system vulnerabilities
Installing backdoors
Defacing a website
None
27.
Which type of attack exploits a weakness in authentication mechanisms?
DDoS attack
SQL injection
Brute force attack
ARP spoofing
None
28.
What is the purpose of a "null session" in Windows systems?
Anonymous access to system resources
Blocking firewall rules
Exploiting SQL databases
Encrypting network traffic
None
29.
What is a key feature of a botnet?
Encrypting communications
A network of compromised machines controlled remotely
Monitoring user activity
Preventing brute force attacks
None
30.
Which type of attack exploits misconfigured CORS policies?
Cross-Origin Resource Sharing (CORS) Attack
SQL Injection
DNS Spoofing
Buffer Overflow
None
31.
What is the primary purpose of a rainbow table?
Cracking hashed passwords using precomputed values
Encrypting stored passwords
Preventing SQL injection
Defending against phishing attacks
None
32.
What command allows enumeration of shared resources in Windows?
nslookup
net view
ipconfig
ps aux
None
33.
What tool is commonly used for privilege escalation on Linux?
Linux Exploit Suggester
Aircrack-ng
Metasploit
John the Ripper
None
34.
What type of malware hides itself within legitimate system processes?
Worm
Rootkit
Ransomware
Keylogger
None
35.
What port does SMB (Server Message Block) use by default?
22
445
3389
21
None
36.
What is the main purpose of an IDS (Intrusion Detection System)?
Monitoring and detecting network threats
Encrypting data
Blocking all network traffic
Preventing phishing attacks
None
37.
What is an example of a credential-based attack?
ARP poisoning
Password spraying
Ping sweep
Subdomain enumeration
None
38.
What is a "zero-day" vulnerability?
An unknown software vulnerability
A patched security flaw
A deprecated feature in an OS
A public exploit available for a long time
None
39.
What tool can be used to sniff wireless traffic?
Aircrack-ng
John the Ripper
Hydra
SQLmap
None
40.
What is the main purpose of a firewall?
Filtering network traffic based on security rules
Cracking passwords
Encrypting email communications
Conducting penetration tests
None
41.
What type of malware records keystrokes?
Keylogger
Worm
Rootkit
Adware
None
42.
What is the primary function of a "pivoting" attack?
Gaining deeper access into a network
Preventing malware infection
Blocking phishing emails
Encrypting system files
None
43.
Which hashing algorithm is considered outdated and weak?
MD5
SHA-256
AES
RSA
None
44.
What does the "chmod 777" command do on Linux?
Grants full permissions to all users
Encrypts a file
Disables user access
Deletes all system logs
None
45.
What type of attack involves manipulating a user into clicking a fake login link?
Phishing attack
Brute force attack
SQL injection
XSS attack
None
46.
Which protocol is used for secure file transfers over SSH?
SFTP (Secure File Transfer Protocol)
FTP
Telnet
SNMP
None
47.
What is an example of a post-exploitation activity?
Privilege escalation
Scanning open ports
Sniffing network traffic
Brute force attacks
None
48.
What is the purpose of a "backdoor"?
Maintaining unauthorized access to a system
Detecting network vulnerabilities
Preventing brute force attacks
Encrypting passwords
None
49.
What does a replay attack involve?
Reusing captured authentication data
Injecting SQL commands
Executing malware remotely
Cracking Wi-Fi passwords
None
50.
What tool is commonly used to crack WPA/WPA2 passwords?
Aircrack-ng
Wireshark
Metasploit
Hydra
None
1 out of 50
Thanks !!! CEH