CEH Exam MCQ With Answer

CEH Exam MCQ

CEH Exam MCQ With Answer – Today I Will Give 50 MCQ Of CEH Exam That You Prepare For Your CEH Exam. There Are Lots Of MCQ Ask In CEH Exam But I Want To Give You Top 50 Question of CEH Exam.

CEH Exam MCQ With Answer

So Here Are The Top 50 Question Of CEH Exam:-

QUESTION 1
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

  1. Linux
  2. Unix
  3. OS X
  4. Windows

Correct Answer: 4

QUESTION 2
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?

  1. Disk encryption
  2. BIOS password
  3. Hidden folders
  4. Password protected files

Correct Answer: 1

QUESTION 3
A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?

  1. White Hat
  2. Suicide Hacker
  3. Gray Hat
  4. Black Hat

Correct Answer: 3

CEH Exam MCQ With Answer

QUESTION 4
Which of the following Secure Hashing Algorithm (SHA) produces a 160-bit digest from a message with a maximum length of (264-1) bits and resembles the MD5 algorithm?

  1. SHA-2
  2. SHA-3
  3. SHA-1
  4. SHA-0

Correct Answer: 3

QUESTION 5
A hacker named Jack is trying to compromise a bank’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?

  1. Banner Grabbing
  2. IDLE/IPID Scanning
  3. SSDP Scanning
  4. UDP Scanning

Correct Answer: 1

QUESTION 6
Which regulation defines security and privacy controls for Federal information systems and organizations?

  1. HIPAA
  2. EU Safe Harbor
  3. PCI-DSS
  4. NIST-800-53

Correct Answer: 4

QUESTION 7
It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?

  1. Discovery
  2. Recovery
  3. Containment
  4. Eradication

Correct Answer: 3

QUESTION 8
Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?

  1. Bootrom Exploit
  2. iBoot Exploit
  3. Sandbox Exploit
  4. Userland Exploit

Correct Answer: 4

QUESTION 9
In cryptanalysis and computer security, ‘pass the hash’ is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user’s password, instead of requiring the associated plaintext password as is normally the case. Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values. Which of the following is true hash type and sort order that is used in the psexec module’s ‘smbpass’ option?

  1. LM:NT
  2. NTLM:LM
  3. NT:LM
  4. LMNTLM

Correct Answer: 1

CEH Exam MCQ With Answer

QUESTION 10
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best nmap command you will use?

  1. nmap-T4-q 10.10.0.0/24
  2. nmap -T4-F 10.10.0.0/24
  3. nmap -T4-r 10.10.1.0/24
  4. nmap-T4-O 10.10.0.0/24

Correct Answer: 2

QUESTION 11

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools. Which of the following tools is being described?

  1. wificracker
  2. Airguard
  3. WLAN-crack
  4. Aircrack-ng

Correct Answer: 4

QUESTION 12

Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

  1. Metasploit
  2. Cain & Abel
  3. Maltego
  4. Wireshark

Correct Answer: 3

QUESTION 13
In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?

  1. Keyed Hashing
  2. Key Stretching
  3. Salting
  4. Double Hashing

Correct Answer: 3

QUESTION 14
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

  1. All three servers need to be placed internally
  2. A web server facing the Internet, an application server on the internal network, a database server on the internal network
  3. A web server and the database server facing the Internet, an application server on the internal network
  4. All three servers need to face the Internet so that they can communicate between themselves

Correct Answer: 2

QUESTION 15
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. What is this type of DNS configuration commonly called?

  1. DynDNS
  2. DNS Scheme
  3. DNSSEC
  4. Split DNS

Correct Answer: 4

QUESTION 16
A virus that attempts to install itself inside the file it is infecting is called?

  1. Tunneling virus
  2. Cavity virus
  3. Polymorphic virus
  4. Stealth virus

Correct Answer: 2

QUESTION 17
You are the Network Admin, and you get a compliant that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?

  1. Traffic is Blocked on UDP Port 53
  2. Traffic is Blocked on UDP Port 80
  3. Traffic is Blocked on UDP Port 54
  4. Traffic is Blocked on UDP Port 80

Correct Answer: 1

QUESTION 18
Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

  1. Omnidirectional antenna
  2. Dipole antenna
  3. Yagi antenna
  4. Parabolic grid antenna

Correct Answer: 3

QUESTION 19
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  1. Deferred risk
  2. Impact risk
  3. Inherent risk
  4. Residual risk

Correct Answer: 4

CEH Exam MCQ With Answer

QUESTION 20
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What term is commonly used when referring to this type of testing?

  1. Randomizing
  2. Bounding
  3. Mutating
  4. Fuzzing

Correct Answer: 4

QUESTION 21
Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?

  1. Network security policy
  2. Information protection policy
  3. Access control policy
  4. Remote access policy

Correct Answer: 4

QUESTION 22
You perform a scan of your company’s network and discover that TCP port 123 is open. What services by default run on TCP port 123?

  1. Telnet
  2. POP3
  3. Network Time Protocol
  4. DNS

Correct Answer: 3

QUESTION 23
You have successfully gained access to a Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS). What is the best way to evade the NIDS?

  1. Out of band signaling
  2. Protocol Isolation
  3. Encryption
  4. Alternate Data Streams

Correct Answer: 3

QUESTION 24
Which is the first step followed by Vulnerability Scanners for scanning a network?

  1. TCP/UDP Port scanning
  2. Firewall detection
  3. OS Detection
  4. Checking if the remote host is alive

Correct Answer: 4

QUESTION 25
Sam is working as s pen-tester in an organization in Houston. He performs penetration testing on IDS in order to find the different ways an attacker uses to evade the IDS. Sam sends a large amount of packets to the target IDS that generates alerts, which enable Sam to hide the real traffic. What type of method is Sam using to evade IDS?

  1. Denial-of-Service
  2. False Positive Generation
  3. Insertion Attack
  4. Obfuscating

Correct Answer: 2

QUESTION 26
An attacker scans a host with the below command. Which three flags are set? (Choose three.) #nmap -sX host.domain.com

  1. This is ACK scan. ACK flag is set
  2. This is Xmas scan. SYN and ACK flags are set
  3. This is Xmas scan. URG, PUSH and FIN are set
  4. This is SYN scan. SYN flag is set

Correct Answer: 3

QUESTION 27
Which of the following program infects the system boot sector and the executable files at the same time?

  1. Stealth virus
  2. Polymorphic virus
  3. Macro virus
  4. Multipartite Virus

Correct Answer:4

QUESTION 28
What two conditions must a digital signature meet?

  1. Has to be legible and neat.
  2. Has to be unforgeable, and has to be authentic.
  3. Must be unique and have special characters.
  4. Has to be the same number of characters as a physical signature and must be unique

Correct Answer: 2

QUESTION 29
An IT employee got a call from one of our best customers. The caller wanted to know about the company’s network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?

  1. The employees cannot provide any information; but, anyway, he/she will provide the name of the person in charge.
  2. Since the company’s policy is all about Customer Service, he/she will provide information.
  3. Disregarding the call, the employee should hang up.
  4. The employee should not provide any information without previous management authorization.

Correct Answer: 4

QUESTION 30
Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking. What should you do?

  1. Confront the client in a respectful manner and ask her about the data.
  2. Copy the data to removable media and keep it in case you need it.
  3. Ignore the data and continue the assessment until completed as agreed.
  4. Immediately stop work and contact the proper legal authorities.

Correct Answer: 4

QUESTION 31
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?

  1. 123
  2. 161
  3. 69
  4. 113

Correct Answer: 1

QUESTION 32
During the process of encryption and decryption, what keys are shared?

  1. Private keys
  2. User passwords
  3. Public keys
  4. Public and private keys

Correct Answer: 3

QUESTION 33
What is the purpose of a demilitarized zone on a network?

  1. To scan all traffic coming through the DMZ to the internal network
  2. To only provide direct access to the nodes within the DMZ and protect the network behind it
  3. To provide a place to put the honeypot
  4. To contain the network devices you wish to protect

Correct Answer: 2

QUESTION 34
In which of the following cryptography attack methods, the attacker makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions?

  1. Chosen-plaintext attack
  2. Ciphertext-only attack
  3. Adaptive chosen-plaintext attack
  4. Known-plaintext attack

Correct Answer: 1

QUESTION 35
Why should the security analyst disable/remove unnecessary ISAPI filters?

  1. To defend against social engineering attacks
  2. To defend against webserver attacks
  3. To defend against jailbreaking
  4. To defend against wireless attacks

Correct Answer: 2

QUESTION 36
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to ”www.MyPersonalBank.com’, that the user is directed to a phishing site. Which file does the attacker need to modify?

  1. Boot.ini
  2. Sudoers
  3. Networks
  4. Hosts

Correct Answer: 4

QUESTION 37
The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

  1. ACK
  2. SYN
  3. RST
  4. SYN-ACK

Correct Answer: 2

QUESTION 38
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?

  1. Snort
  2. Nmap
  3. Cain & Abel
  4. Nessus

Correct Answer: 1

QUESTION 39
You are looking for SQL injection vulnerability by sending a special character to web applications. Which of the following is the most useful for quick validation?

  1. Double quotation
  2. Backslash
  3. Semicolon
  4. Single quotation

Correct Answer: 4

QUESTION 40
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

  1. Reverse Social Engineering
  2. Tailgating
  3. Piggybacking
  4. Announced

Correct Answer: 2

QUESTION 41
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account’s confidential files and information. How can he achieve this?

  1. Privilege Escalation
  2. Shoulder-Surfing
  3. Hacking Active Directory
  4. Port Scanning

Correct Answer: 1

QUESTION 42
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

  1. ICMP Echo scanning
  2. SYN/FIN scanning using IP fragments
  3. ACK flag probe scanning
  4. IPID scanning

Correct Answer: 2

QUESTION 43
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

  1. Black-box
  2. Announced
  3. White-box
  4. Grey-box

Correct Answer: 4

QUESTION 44
In Risk Management, how is the term “likelihood” related to the concept of “threat?”

  1. Likelihood is the likely source of a threat that could exploit a vulnerability.
  2. Likelihood is the probability that a threat-source will exploit a vulnerability.
  3. Likelihood is a possible threat-source that may exploit a vulnerability.
  4. Likelihood is the probability that a vulnerability is a threat-source

Correct Answer: 2

QUESTION 45
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

  1. “GET/restricted/goldtransfer?to=Rob&from=l or 1 = 1′ HTTP/1.1 Host: westbank.com”
  2. “GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”
  3. “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”
  4. “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

Correct Answer: 2

QUESTION 46
Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer’s activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this scenario?

  1. External script contents could be maliciously modified without the security team knowledge
  2. External scripts have direct access to the company servers and can steal the data from there
  3. There is no risk at all as the marketing services are trustworthy
  4. External scripts increase the outbound company data traffic which leads greater financial losses

Correct Answer: 1

QUESTION 47
A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?

  1. The file reveals the passwords to the root user only.
  2. The password file does not contain the passwords themselves.
  3. He cannot read it because it is encrypted.
  4. He can open it and read the user ids and corresponding passwords.

Correct Answer: 2

QUESTION 48
Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like Computer Security Policy, Information Protection Policy, Information Security Policy, network Security Policy, Physical Security Policy, Remote Access Policy, and User Account Policy. What is the main theme of the sub-policies for Information Technologies?

  1. Availability, Non-repudiation, Confidentiality
  2. Authenticity, Integrity, Non-repudiation
  3. Confidentiality, Integrity, Availability
  4. Authenticity, Confidentiality, Integrity

Correct Answer: 3

QUESTION 49
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?

  1. [cache:]
  2. [site:]
  3. [inurl:]
  4. [link:]

Correct Answer: 2

QUESTION 50
Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre defined set of rules. Which of the following types of firewalls can protect against SQL injection attacks?

  1. Data-driven firewall
  2. Stateful firewall
  3. Packet firewall
  4. Web application firewall

Correct Answer: 4

If You Have To Crack CEH Exam Please Read This Question And Give Exam Wish You Best Of Luck For Exam.

For More Hacking Content Click Here

Related posts

Leave a Comment