Ethical Hacking Exam Answers

Clear My Certification August 9, 2023 Certification Leave a comment 12,032 Views

Ethical Hacking Exam Answers

Question 1: Which of the following types of insiders uses their technical skills to identify vulnerabilities present in the target company’s network and sell the confidential data to competitors?

Compromised insider
Professional insider
Malicious insider
Negligent insider

Question 2: Which of the following guidelines helps a penetration tester minimize risks and avoid DoS conditions while performing penetration testing?

Use direct testing
Directly exploit vulnerabilities
Perform uninterruptible testing
Use reserved addresses

Question 3: Which of the following malware masks itself as a benign application or software that initially appears to perform a desirable or benign function but steals information from a system?

Virus
Backdoor
Payload
Trojan

Question 4: Which of the following browser-based attacks involves emails or pop-ups that redirect users to fake web pages that mimic trustworthy sites, demanding the users to submit personal information?

Framing
Clickjacking
Man-in-the-mobile
Phishing

Question 5: In which of the following phases of the cyber kill chain methodology does an adversary communicate with remote compromised systems through an encrypted session?

Command and control server
Proxy server
Data staging
HTTP User-Agent

Question 6: Which of the following activities is implemented to check whether an organization is following a set of standard policies and procedures in protecting its network?

Ethical hacking
Penetration testing
Vulnerability assessment
Security audit

Question 7: In which of the following levels of the Purdue model can the physical process be analyzed and altered?

Level 0
Level 3
Level 1
Level 2

Question 8: In which of the following attacks does an attacker exploit the vulnerability in a bare-metal cloud server and use it to implant a malicious backdoor in its firmware?

Cloud cryptojacking
Cloud hopper attack
Cloudborne attack
Man-in-the-cloud

Question 9: Which of the following countermeasures helps security professionals protect a network from session hijacking attacks?

Ensure that data in transit are encrypted
Pass authentication cookies over HTTP connections
Never use IPsec to encrypt session information
Use short random numbers as session keys

Question 10: Which of the following types of cloud services provides data processing services, such as IoT services for connected devices, mobile and web applications, and batch-and-stream processing?

Security-as-a-service (SECaaS)
Platform-as-a-service (PaaS)
Identity-as-a-service (IDaaS)
Function-as-a-service (FaaS)

Question 11: Which of the following types of password attacks does not lead to any changes in the system and includes techniques such as wire sniffing, man-in-the-middle attacks, and replay attacks?

Active online attacks
Passive online attacks
Offline attacks
Non-electronic attacks

Question 12: Which of the following Trojans uses port number 26 to perform malicious activities on the target network?

Shiver
Mspy
BadPatch
FireHotcker

Question 13: Which of the following layers of the IoT architecture is responsible for bridging the gap between two endpoints and performs functions such as message routing, message identification, and subscribing?

Access gateway layer
Edge technology layer
Middleware layer
Internet layer

Question 14: Identify the list of computer-based social engineering techniques used by an attacker to trick a victim into disclosing personal information?

Phishing and scareware
Shoulder surfing and tailgating
Eavesdropping and vishing
Dumpster diving and piggybacking

Question 15: Which of the following techniques allows attackers to attain privileged control within Android’s subsystem, resulting in the exposure of sensitive data?

Carrier-loaded software
OS data caching
Simjacker
Rooting

Question 16: Which of the following countermeasures helps security professionals protect a network against DoS/DDoS attacks?

Implement cognitive radios in the physical layer
Never perform input validation
Allow all inbound packets originating from the service ports
Use functions such as gets and strcpy

Question 17: James, a professional attacker, targeted Bob’s computer and restricted Bob’s access to his computer and demanded payment to remove restrictions and provide access. Identify the type of attack performed by James in the above scenario.

XSS attack
Ransomware attack
Replay attack
Phishing attack

Question 18: Bob recently joined an organization and one Sunday, he connected to the corporate network by providing his authentication credentials to access a file online from his residence. Which of the following elements of information security was demonstrated ?

Integrity
Availability
Authenticity
Non-repudiation

Question 19: Which of the following phases of the cyber kill chain methodology involves the collection of information about the target system or organization from the Internet before initiating an attack?

Actions on objective
Reconnaissance
Delivery
Installation

Question 20: Which of the following attack vectors involves the use of a huge network of compromised systems by attackers to perform denial-of-service attacks on the target network or systems?

Keylogger
Virus
Botnet
APT

Question 21: What is the length of the initialization vector (IV) used in the Wi-Fi Protected Access (WPA) encryption protocol to secure wireless communication?

48 bits
64 bits
24 bits
54 bits

Question 22: Identify the node component of Kubernetes that ensures all pods and containers are healthy and running as expected.

Container runtime
Kubelet
Kube-apiserver
Kube-proxy

Question 23: Which of the following Wi-Fi security protocols uses GCMP-256 for encryption and HMAC-SHA-384 for authentication?

CCMP
PEAP
WEP
WPA3

Question 24: Identify the component of a web service that aims to maintain the integrity and confidentiality of SOAP messages and authenticate users.

WS-Security
WSDL
RESTful
UDDI

Question 25: Which of the following technique does an attacker use for mimicking legitimate institutions, such as banks, to steal passwords, credit card information, and bank account data, and other sensitive information?

Black hat search engine optimization (SEO)
Malvertising
Spear-phishing sites
Obfuscation

Priya Dogra – Certification | Jobs | Internships

Ethical Hacking Exam Answers

Related Articles

Ethical Hacking Exam Answers

About Clear My Certification

Check Also

Information Technology Management Professional Certification

Leave a Reply Cancel reply

Machine Learning A-Z™: Hands-On Python & R In Data Science Udemy 100% OFF Coupon Code

Latest Off Page SEO Techniques 2024 | How to Rank your Website in Search Engine

Download Video Marketing Blaster Pro 1.49 Free

Six Sigma Black Belt Certification Answers – GreyCampus

Metaverse Free Certification | Metaverse Quiz Questions and Answers

Financial Analyst | Free Certification Courses | Free Courses by LinkedIn, Microsoft & GitHub 2021

Itronix Data Engineering Professional Certification Program Answers

AWS Certified Cloud Practitioner Professional Certification

Cryptocurrency & Blockchain Free Certification | Quiz Questions and Answers

Khadi Mahotsav Quiz Contest | Win Cash Prize and Free Government Certificate

Saylor Academy English as a Second Language Certification Exam Answers

Saylor Academy ESL005: Business-Proficient English as a Second Language Exam Answers

Saylor Academy ESL004: Advanced English as a Second Language Certification Exam Answers

ESL003: Upper-Intermediate English as a Second Language Exam Answers

Saylor Academy ESL002: Intermediate English as a Second Language Exam Answers