Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CEH Notes > CEH Notes 03 > Flashcards

CEH Notes 03 Flashcards

1
Q

Quiz: Which of the following is a type of Trojan that allows a hacker to remotely control a victim’s computer?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

A

Answer: B. RAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Quiz: Which of the following is a type of Trojan that takes over a machine and allows it to be remote-controlled as part of a botnet?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

A

Answer: C. Botnet Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Quiz: Which of the following is a type of malware that attaches to other programs and files and requires a host application to replicate?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

A

Answer: D. Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Quiz: Which of the following self-replicates by attaching to another program, boot sector of the HDD, or document?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

A

Answer: D. Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Quiz: Which type of virus inserts itself into the “white-space” of programs to avoid detection?
A. Multipartite virus
B. Macro virus
C. Encryption virus
D. Cavity virus

A

Answer: D. Cavity virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Quiz: Which type of virus actively alters and corrupts service call interrupts to disguise itself from the OS and from signature-based detection?
A. Boot Sector Virus
B. Stealth/Tunneling virus
C. Polymorphic/Metamorphic virus
D. Macro virus

A

Answer: B. Stealth/Tunneling virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Quiz: Which type of virus uses two or more methods to spread, such as infecting both files and the boot sector?
A. Multipartite virus
B. Encryption virus
C. Cavity virus
D. Polymorphic/Metamorphic virus

A

Answer: A. Multipartite virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Quiz: Which type of virus attaches to Microsoft Office documents and other programs in the form of macros?
A. Multipartite virus
B. Macro virus
C. Boot Sector Virus
D. Encryption virus

A

Answer: B. Macro virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Quiz: Which type of virus can change its own code and cipher itself many times as it replicates, using a different key for encryption for each infected file?
A. Boot Sector Virus
B. Encryption virus
C. Cavity virus
D. Polymorphic/Metamorphic virus

A

Answer: B. Encryption virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Quiz: What is a worm?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

A

Answer: C. Automated malware that can spread through your network by taking advantage of network vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Quiz: What is Ransomware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

A

Answer: A. Malware that encrypts your files and holds them for ransom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Quiz: What is Scareware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

A

Answer: B. Malware that scares the victim into installing software or performing some action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Quiz: What is File-less malware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

A

Answer: D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Quiz: What is VirusTotal?
A. A cloud-based malware detection service
B. A behavior-based malware detection technique
C. A signature-based malware detection technique
D. An on-premises malware detection service

A

Answer: A. A cloud-based malware detection service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Quiz: What is a Signature-based malware detection technique?
A. A malware detection technique that sends the files to be scanned up to a cloud-based scanning service
B. A malware detection technique that analyzes the behavior of a program to determine if it is malicious
C. A malware detection technique that looks for known patterns of code or data within a file to identify it as malicious
D. A malware detection technique that relies on the user to report suspicious files or activities

A

Answer: C. A malware detection technique that looks for known patterns of code or data within a file to identify it as malicious

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Quiz: What is Packet sniffing?
A. A technique to capture and analyze network traffic
B. A way to hide network traffic from attackers
C. A way to filter network traffic based on its source or destination
D. A way to block network traffic from specific IP addresses

A

Answer: A. A technique to capture and analyze network traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Quiz: What is the difference between active and passive sniffing?
A. Passive sniffing requires you to actively do something to get copies of other people’s packets, while active sniffing does not require any action.
B. Active sniffing requires you to actively do something to get copies of other people’s packets, while passive sniffing does not require any action.
C. Passive sniffing is only possible on switches, while active sniffing is only possible on hubs.
D. Active sniffing is more reliable than passive sniffing.

A

Answer: B. Active sniffing requires you to actively do something to get copies of other people’s packets, while passive sniffing does not require any action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Quiz: What is Promiscuous mode?
A. A mode that blocks network traffic from specific IP addresses
B. A mode that filters network traffic based on its source or destination
C. A mode that ignores other people’s traffic unless you put your NIC into it
D. A mode that hides your network traffic from attackers

A

Answer: C. A mode that ignores other people’s traffic unless you put your NIC into it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Quiz 1: What is the difference between a hub and a switch when it comes to sniffing traffic?
A. A hub requires active sniffing, while a switch requires passive sniffing.
B. A switch requires active sniffing, while a hub requires passive sniffing.
C. Both a hub and a switch require active sniffing to capture traffic.
D. Both a hub and a switch require passive sniffing to capture traffic.

A

Answer: B. A switch requires active sniffing, while a hub requires passive sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Quiz 2: What is a SPAN/Mirrored port?
A. A device that is used to connect multiple hubs together in a network.
B. A port on a switch that is used to monitor all network traffic.
C. A tool that is used to detect and prevent MAC flooding attacks.
D. A method for spoofing your IP address to appear like another device.

A

Answer: B. A port on a switch that is used to monitor all network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Quiz 3: What is MAC flooding?
A. A method for spoofing your IP address to appear like another device.
B. A tool that is used to detect and prevent ARP poisoning attacks.
C. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.
D. A method for monitoring all network traffic using a mirrored port.

A

Answer: C. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Quiz 4: What is ARP poisoning?
A. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.
B. A tool that is used to detect and prevent MAC flooding attacks.
C. A method for spoofing your IP address to appear like another device.
D. A method for monitoring all network traffic using a mirrored port.

A

Answer: C. A method for spoofing your IP address to appear like another device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Quiz 1: What is the Rogue router attack?
A. A technique for configuring the “priority” value on a switch to become the “Root Bridge”
B. A technique for forging many DHCP requests to use up all the valid IP’s
C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

A

Answer: C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Quiz 2: What is the DHCP Starvation attack?
A. A technique for configuring the “priority” value on a switch to become the “Root Bridge”
B. A technique for forging many DHCP requests to use up all the valid IP’s
C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

A

Answer: B. A technique for forging many DHCP requests to use up all the valid IP’s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Quiz 3: What is the defense mechanism against Rogue DHCP servers?
A. Port Security
B. DHCP Snooping
C. Firewall

A

Answer: B. DHCP Snooping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Quiz 1: What is Port Security?
A. A tool for filtering MAC addresses to prevent MAC spoofing
B. A tool for filtering IP addresses to prevent IP spoofing
C. A tool for filtering DNS requests to prevent DNS spoofing
D. A tool for filtering HTTP traffic to prevent HTTP spoofing

A

Answer: A. A tool for filtering MAC addresses to prevent MAC spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Quiz 2: What is the difference between Sniffers and Protocol Analyzers?
A. Sniffers obtain network packets while Protocol Analyzers examine packets
B. Sniffers examine packets while Protocol Analyzers obtain network packets
C. Sniffers work at the Transport layer while Protocol Analyzers work at the Network layer
D. Sniffers work at the Data Link layer while Protocol Analyzers work at the Physical layer

A

Answer: A. Sniffers obtain network packets while Protocol Analyzers examine packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Quiz 3: What is Tcpdump?
A. A wireless packet analyzer that runs on Linux
B. A packet analyzer that runs on Windows
C. A Linux command-line sniffer and protocol analyzer
D. A popular protocol analyzer for dissecting packets

A

Answer: C. A Linux command-line sniffer and protocol analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Quiz 4: What is Wireshark?
A. A tool for filtering MAC addresses to prevent MAC spoofing
B. A tool for filtering IP addresses to prevent IP spoofing
C. A popular protocol analyzer for dissecting packets
D. A wireless packet analyzer that runs on Linux

A

Answer: C. A popular protocol analyzer for dissecting packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Quiz 5: What is Kismet?
A. A tool for filtering MAC addresses to prevent MAC spoofing
B. A tool for filtering IP addresses to prevent IP spoofing
C. A packet analyzer that runs on Windows
D. A wireless packet analyzer that runs on Linux

A

Answer: D. A wireless packet analyzer that runs on Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Quiz 6: What is Netstumbler?
A. A tool for filtering MAC addresses to prevent MAC spoofing
B. A tool for filtering IP addresses to prevent IP spoofing
C. A packet analyzer that runs on Windows
D. A Linux command-line sniffer and protocol analyzer

A

Answer: C. A packet analyzer that runs on Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Quiz 7: What is TCPTrace?
A. A wireless packet analyzer that runs on Linux
B. A packet analyzer that can open packet capture files produced with other tools
C. A tool for filtering MAC addresses to prevent MAC spoofing
D. A popular protocol analyzer for dissecting packets

A

Answer: B. A packet analyzer that can open packet capture files produced with other tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Quiz: What is phishing?
A. A social engineering technique that involves sending fraudulent emails to obtain sensitive information
B. A type of malware that spreads through human interaction
C. A technique used to sniff network traffic
D. A method to encrypt files and demand ransom

A

Answer: A. A social engineering technique that involves sending fraudulent emails to obtain sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Quiz: What is Tailgating in social engineering?
A. A technique to hack wireless networks
B. A method to crack passwords by guessing them
C. A social engineering technique where an attacker follows someone into a restricted area
D. A type of malware that spreads through the internet

A

Answer: C. A social engineering technique where an attacker follows someone into a restricted area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Quiz: What is E-mail masquerading?
A. A technique to hide your IP address when sending emails
B. A type of malware that spreads through email attachments
C. A social engineering technique to send emails that appear to be from someone else
D. A method to encrypt emails to ensure security

A

Answer: C. A social engineering technique to send emails that appear to be from someone else

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Quiz: What is Evilginx?
A. A type of virus that spreads through email
B. A social engineering framework used to set up phishing and pharming pages
C. A network sniffer used to capture and analyze packets
D. A tool to prevent tailgating in a physical environment

A

Answer: B. A social engineering framework used to set up phishing and pharming pages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Quiz 1: What is phishing?
A. A technique for stealing physical documents from someone’s desk
B. A type of social engineering attack that uses fake emails or websites to trick victims into sharing sensitive information
C. A way of making money through the sale of fake goods or services
D. A technique for gaining unauthorized access to computer systems

A

Answer: B. A type of social engineering attack that uses fake emails or websites to trick victims into sharing sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Quiz 2: What is spear-phishing?
A. A type of phishing attack that targets a specific individual or group
B. A type of social engineering attack that targets random individuals
C. A technique for manipulating search engine rankings
D. A type of denial-of-service attack

A

Answer: A. A type of phishing attack that targets a specific individual or group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Quiz 3: What is whaling?
A. A type of spear-phishing attack that targets high-level executives or other high-value targets
B. A technique for exploiting weaknesses in wireless networks
C. A type of malware that uses encryption to hide its code
D. A type of social engineering attack that involves manipulating emotions to gain information

A

Answer: A. A type of spear-phishing attack that targets high-level executives or other high-value targets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Quiz 4: What is vishing?
A. A type of social engineering attack that uses voice calls to trick victims into sharing sensitive information
B. A technique for exploiting vulnerabilities in web browsers
C. A type of phishing attack that targets users of virtual reality systems
D. A type of malware that spreads through USB drives

A

Answer: A. A type of social engineering attack that uses voice calls to trick victims into sharing sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Quiz 5: What is pharming?
A. A type of social engineering attack that involves manipulating emotions to gain information
B. A technique for exploiting weaknesses in wireless networks
C. A type of phishing attack that uses fake websites to trick victims into sharing sensitive information
D. A type of malware that replicates itself over a network

A

Answer: C. A type of phishing attack that uses fake websites to trick victims into sharing sensitive information.

42
Q

Quiz 6: What is impersonation?
A. A type of social engineering attack that involves pretending to be someone else in order to gain information
B. A technique for exploiting vulnerabilities in web browsers
C. A type of malware that modifies system settings
D. A type of phishing attack that uses phone calls to trick victims into sharing sensitive information

A

Answer: A. A type of social engineering attack that involves pretending to be someone else in order to gain information.

43
Q

Quiz 7: What is piggybacking/tailgating?
A. A type of social engineering attack that involves following someone into a restricted area without proper authorization
B. A technique for bypassing security controls by using authorized access credentials
C. A type of phishing attack that uses phone calls to trick victims into sharing sensitive information
D. A type of malware that modifies system settings

A

Answer: A. A type of social engineering attack that involves following someone into a restricted area without proper authorization.

44
Q

Quiz: What is a Slowloris attack?
A. A DOS attack against a web server by sending many partial HTTP requests
B. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target
C. Sending malformed or oversized ICMP ping packets in an attempt to crash the target
D. A technique of scanning machines to find those that might potentially be vulnerable to attack

A

Answer: A. A DOS attack against a web server by sending many partial HTTP requests

45
Q

Quiz: What is a Zero-Day vulnerability?
A. A known vulnerability for which there is a defense in place
B. A new or unknown vulnerability for which there is no defense in place yet
C. A technique of scanning machines to find those that might potentially be vulnerable to attack
D. A device that can automatically move communications to an unused channel to avoid wireless jamming

A

Answer: B. A new or unknown vulnerability for which there is no defense in place yet

46
Q

Quiz: What are Cognitive Radios?
A. A device that can automatically move communications to an unused channel to avoid wireless jamming
B. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target
C. A technique of scanning machines to find those that might potentially be vulnerable to attack
D. A new or unknown vulnerability for which there is no defense in place yet

A

Answer: A. A device that can automatically move communications to an unused channel to avoid wireless jamming

47
Q

Quiz 1: What is a Slowloris attack?
A. An attack on a web server using malicious JavaScript code
B. A DOS attack against a web server by sending many partial HTTP requests
C. A type of phishing attack that targets high-level executives
D. A form of malware that encrypts a victim’s files and demands payment for their release

A

Answer: B. A DOS attack against a web server by sending many partial HTTP requests.

48
Q

Quiz 2: What is a botnet?
A. A type of malware that steals sensitive information from a victim’s computer
B. A group of computers controlled by a hacker and used for malicious purposes
C. A type of virus that infects a computer’s boot sector
D. A technique for detecting vulnerabilities in network devices

A

Answer: B. A group of computers controlled by a hacker and used for malicious purposes.

49
Q

Quiz 3: What is hit-list scanning?
A. A technique for detecting vulnerabilities in network devices
B. A type of social engineering attack that involves impersonating a trusted source
C. A method for identifying machines that might be vulnerable to attack
D. A technique for hiding malware inside legitimate-looking software

A

Answer: C. A method for identifying machines that might be vulnerable to attack.

50
Q

Quiz 4: What is a Ping Of Death attack?
A. A type of denial-of-service attack that exploits vulnerabilities in web servers
B. A form of social engineering that involves tricking a victim into performing an action
C. An attack that sends many connection requests to overwhelm a target
D. An attack that sends malformed or oversized ICMP ping packets to crash a target

A

Answer: D. An attack that sends malformed or oversized ICMP ping packets to crash a target.

51
Q

Quiz 5: What is a SYN Flood/TCP SYN attack?
A. An attack on a web server using malicious JavaScript code
B. A type of virus that infects a computer’s boot sector
C. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target
D. A technique for detecting vulnerabilities in network devices

A

Answer: C. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target.

52
Q

Quiz 6: What is a zero-day vulnerability?
A. A vulnerability that is well-known and for which there is a defense in place
B. A new or unknown vulnerability for which there is no defense in place yet
C. A type of malware that spreads through a network by exploiting vulnerabilities
D. A technique for detecting vulnerabilities in network devices

A

Answer: B. A new or unknown vulnerability for which there is no defense in place yet.

53
Q

Quiz 7: What are cognitive radios?
A. A type of social engineering attack that involves impersonating a trusted source
B. A type of wireless jamming device used for malicious purposes
C. Devices that can automatically move communications to an unused channel to avoid attacks
D. A technique for hiding malware inside legitimate-looking software

A

Answer: C. Devices that can automatically move communications to an unused channel to avoid attacks.

54
Q

Quiz 8: What is the Slowloris attack used for?
A. To steal sensitive information from a victim’s computer
B. To encrypt a victim’s files and demand payment for their release
C. To overwhelm a web server with partial HTTP requests
D. To impersonate a trusted source and trick a victim into performing an action

A

Answer: C. To overwhelm a web server with partial HTTP requests.

55
Q

Quiz: What is session hijacking?
A. A technique for capturing packets passing through a network
B. A method of obtaining sensitive information by disguising a fake website as a legitimate one
C. A way to take over a user’s established session on a website
D. A technique for flooding a server with connection requests to overwhelm it

A

Answer: C. A way to take over a user’s established session on a website

56
Q

Quiz: What is the difference between session fixation and session donation attacks?
A. Session fixation involves stealing a victim’s established session, while session donation involves establishing a session under the attacker’s own credentials.
B. Session fixation involves tricking a victim to log in using a pre-generated session ID, while session donation involves deleting sensitive information from the attacker’s account.
C. Session fixation involves deleting sensitive information from the victim’s account, while session donation involves taking over a victim’s established session.
D. Session fixation and session donation are the same thing.

A

Answer: A. Session fixation involves stealing a victim’s established session, while session donation involves establishing a session under the attacker’s own credentials.

57
Q

Quiz: What is the session-ID in a web server?
A. The user’s password
B. The user’s email address
C. The user’s username
D. The user’s session cookie

A

Answer: D. The user’s session cookie

58
Q

Quiz: What is slowloris attack?
A. A type of DNS attack
B. A type of DoS attack against a web server
C. A type of social engineering attack
D. A type of network sniffing attack

A

Answer: B. A type of DoS attack against a web server

59
Q

Quiz 1: What is one way to prevent session hijacking when using cookies?
A. Allow user-supplied cookies
B. Use predictable session cookies
C. Use non-predictable session cookies
D. Use the same session cookie for every user

A

Answer: C. Use non-predictable session cookies.

60
Q

Quiz 2: What is FTPS?
A. An unencrypted file transfer protocol
B. A file transfer protocol that uses encryption and digital signatures
C. A protocol used to encrypt email messages
D. A type of secure shell protocol

A

Answer: B. A file transfer protocol that uses encryption and digital signatures.

61
Q

Quiz 3: What is the recommended protocol to use instead of SSL for securing web traffic?
A. TLS v1.0
B. TLS v1.1
C. TLS v1.2
D. SSLv3

A

Answer: C. TLS v1.2.

62
Q

Quiz 4: What is STARTTLS used for?
A. To encrypt email messages between mail servers
B. To encrypt file transfers using FTPS
C. To encrypt web traffic using TLS
D. To encrypt SSH traffic

A

Answer: A. To encrypt email messages between mail servers.

63
Q

Quiz 5: What is the advantage of using SSH instead of Telnet?
A. SSH is faster than Telnet
B. SSH is easier to configure than Telnet
C. SSH can be used to encrypt other types of traffic
D. SSH is not susceptible to session hijacking

A

Answer: C. SSH can be used to encrypt other types of traffic.

64
Q

Quiz 1: What is Burp Suite used for?
A. Network sniffing
B. Session hijacking in web applications
C. Firewall management
D. Intrusion prevention

A

Answer: B. Session hijacking in web applications

65
Q

Quiz 2: What kind of traffic can Burp Suite intercept, inspect, and modify?
A. FTP traffic
B. Email traffic
C. HTTP traffic
D. DNS traffic

A

Answer: C. HTTP traffic

66
Q

Quiz 3: What is the main benefit of using Burp Suite for session hijacking?
A. It allows you to modify network traffic on the way to the server
B. It encrypts web traffic to prevent session hijacking
C. It provides non-predictable TCP sequence numbers
D. It uses server-generated cookies to prevent session hijacking

A

Answer: A. It allows you to modify network traffic on the way to the server

67
Q

Quiz 4: What is the difference between Burp Suite and other proxy tools?
A. Burp Suite only works with encrypted traffic
B. Burp Suite is designed specifically for session hijacking
C. Burp Suite can intercept, inspect, and modify traffic on the way to the server
D. Burp Suite can only intercept traffic on the client side

A

Answer: C. Burp Suite can intercept, inspect, and modify traffic on the way to the server.

68
Q

Quiz: What is IPSEC?
A. A layer-3 security protocol used to create VPN tunnels
B. A layer-2 security protocol used to encrypt data on a LAN
C. A layer-4 security protocol used to authenticate data
D. A layer-7 security protocol used to encrypt web traffic

A

Answer: A. A layer-3 security protocol used to create VPN tunnels

69
Q

Quiz: What is the difference between AH and ESP in IPSEC?
A. AH does only authentication and integrity, while ESP does authentication, integrity, and encryption
B. AH does only authentication, while ESP does authentication and encryption
C. AH does only integrity, while ESP does authentication, integrity, and encryption
D. AH does only encryption, while ESP does authentication and integrity

A

Answer: A. AH does only authentication and integrity, while ESP does authentication, integrity, and encryption

70
Q

Quiz: When should you choose ESP over AH in IPSEC?
A. When you need only authentication and integrity
B. When you need only authentication
C. When you need only integrity
D. When you need confidentiality in addition to authentication and integrity

A

Answer: D. When you need confidentiality in addition to authentication and integrity

71
Q

Quiz: When should you use IPSEC Transport Mode vs. Tunnel Mode?
A. Use Transport Mode for going across the internet, and Tunnel Mode for your LAN
B. Use Transport Mode for your LAN, and Tunnel Mode for going across the internet
C. Use Transport Mode when you need only authentication and integrity, and Tunnel Mode when you need encryption
D. Use Tunnel Mode when you need only authentication and integrity, and Transport Mode when you need encryption

A

Answer: B. Use Transport Mode for your LAN, and Tunnel Mode for going across the internet

72
Q

Quiz: What are some examples of biometric authentication?
A. Passwords and PINs
B. Retina and iris scanners, fingerprint scanners, voice recognition
C. Social security numbers and driver’s licenses
D. MAC addresses and IP addresses

A

Answer: B. Retina and iris scanners, fingerprint scanners, voice recognition.

73
Q

Quiz: What is counter-based authentication?
A. Authentication that uses physical tokens, such as a keycard or smart card.
B. Authentication that verifies the user’s behavior patterns, such as typing style or walking gait.
C. Authentication that creates one-time passwords encrypted with secret keys.
D. Authentication that verifies the user’s physical characteristics, such as facial recognition or DNA.

A

Answer: C. Authentication that creates one-time passwords encrypted with secret keys.

74
Q

Quiz: What is Bettercap?
A. A tool for wireless ARP poisoning and sniffing.
B. A tool for brute-forcing passwords.
C. A tool for phishing attacks.
D. A tool for creating malware.

A

Answer: A. A tool for wireless ARP poisoning and sniffing.

75
Q

Quiz 1: What is biometrics in authentication?
A. Something you have, like a key or a card
B. Something you know, like a password or a PIN
C. Something you are, like a fingerprint or a retina scan
D. Something you do, like typing or walking

A

Answer: C. Something you are, like a fingerprint or a retina scan

76
Q

Quiz 2: What is the difference between biometrics and behavioral biometrics?
A. Biometrics uses physical characteristics, while behavioral biometrics measures actions
B. Biometrics uses passwords, while behavioral biometrics uses biometric data
C. Biometrics measures typing speed, while behavioral biometrics measures walking speed
D. Biometrics measures fingerprints, while behavioral biometrics measures iris scans

A

Answer: A. Biometrics uses physical characteristics, while behavioral biometrics measures actions

77
Q

Quiz 3: What is counter-based authentication?
A. A system that creates one-time passwords that are encrypted with secret keys
B. A system that uses biometrics for authentication
C. A system that uses passwords for authentication
D. A system that uses behavioral biometrics for authentication

A

Answer: A. A system that creates one-time passwords that are encrypted with secret keys

78
Q

Quiz 4: What is Bettercap used for?
A. Wireless encryption
B. Wireless networking
C. Wireless ARP poisoning and sniffing
D. Wireless signal boosting

A

Answer: C. Wireless ARP poisoning and sniffing

79
Q

Quiz 5: What is a disadvantage of using biometrics for authentication?
A. It is very cheap and easy to implement
B. It requires a lot of processing power and RAM
C. It can be easily shared or stolen
D. It is not accurate

A

Answer: B. It requires a lot of processing power and RAM

80
Q

Quiz: Which layer of the OSI Model deals with cables, connectors, and NICs?
A. Layer 1: Physical
B. Layer 2: Data Link
C. Layer 3: Network
D. Layer 4: Transport

A

Answer: A. Layer 1: Physical

81
Q

Quiz: Which layer of the OSI Model is responsible for MAC addresses and switches?
A. Layer 1: Physical
B. Layer 2: Data Link
C. Layer 3: Network
D. Layer 4: Transport

A

Answer: B. Layer 2: Data Link

82
Q

Quiz: Which layer of the OSI Model is responsible for IP addresses and routers?
A. Layer 1: Physical
B. Layer 2: Data Link
C. Layer 3: Network
D. Layer 4: Transport

A

Answer: C. Layer 3: Network

83
Q

Quiz: Which layer of the OSI Model is responsible for TCP and UDP ports?
A. Layer 3: Network
B. Layer 4: Transport
C. Layer 5: Session
D. Layer 6: Presentation

A

Answer: B. Layer 4: Transport

84
Q

Quiz: Which layer of the OSI Model is responsible for establishing, managing, and terminating sessions?
A. Layer 3: Network
B. Layer 4: Transport
C. Layer 5: Session
D. Layer 6: Presentation

A

Answer: C. Layer 5: Session

85
Q

Quiz: Which layer of the OSI Model is responsible for file and email encryption?
A. Layer 4: Transport
B. Layer 5: Session
C. Layer 6: Presentation
D. Layer 7: Application

A

Answer: C. Layer 6: Presentation

86
Q

Quiz: Which layer of the OSI Model is responsible for programs that use the network?
A. Layer 5: Session
B. Layer 6: Presentation
C. Layer 7: Application
D. Layer 4: Transport

A

Answer: C. Layer 7: Application

87
Q

Quiz: Which layer of the OSI Model is responsible for logical addressing?
A. Layer 1: Physical
B. Layer 2: Data Link
C. Layer 3: Network
D. Layer 4: Transport

A

Answer: C. Layer 3: Network

88
Q

Quiz 1:
What is the difference between public and private IP addresses?
A. Public IP addresses are assigned to devices within a private network, while private IP addresses are assigned to devices on the public internet.
B. Public IP addresses are assigned to devices on the public internet, while private IP addresses are assigned to devices within a private network.
C. Public IP addresses are always dynamic, while private IP addresses are always static.
D. Public IP addresses are always static, while private IP addresses are always dynamic.

A

Answer: B. Public IP addresses are assigned to devices on the public internet, while private IP addresses are assigned to devices within a private network.

89
Q

Quiz 2:
What is the range of IP addresses for Class A private networks?
A. 10.X.X.X
B. 172.16.X.X - 172.31.X.X
C. 192.168.X.X
D. None of the above

A

Answer: A. 10.X.X.X

90
Q

Quiz 3:
What is the range of IP addresses for Class B private networks?
A. 10.X.X.X
B. 172.16.X.X - 172.31.X.X
C. 192.168.X.X
D. None of the above

A

Answer: B. 172.16.X.X - 172.31.X.X

91
Q

Quiz 4:
What is the range of IP addresses for Class C private networks?
A. 10.X.X.X
B. 172.16.X.X - 172.31.X.X
C. 192.168.X.X
D. None of the above

A

Answer: C. 192.168.X.X

92
Q

Quiz 5:
Which of the following statements about private IP addresses is true?
A. Private IP addresses can be used on the public internet.
B. Private IP addresses can be assigned to any device on the public internet.
C. Private IP addresses are only valid within a private network.
D. Private IP addresses are always static.

A

Answer: C. Private IP addresses are only valid within a private network.

93
Q

Quiz 6:
What is the purpose of RFC 1918?
A. To define the standard for public IP addresses.
B. To define the standard for private IP addresses.
C. To define the standard for IP address subnetting.
D. To define the standard for network routing.

A

Answer: B. To define the standard for private IP addresses.

94
Q

Quiz 1: Which type of IDS can detect new or unknown attacks?
A. Signature-based IDS
B. Behavior-based IDS
C. Network-based IDS
D. Host-based IDS

A

Answer: B. Behavior-based IDS

95
Q

Quiz 2: Which type of IDS looks for deviations from normal activity or behavior?
A. Signature-based IDS
B. Behavior-based IDS
C. Network-based IDS
D. Host-based IDS

A

Answer: B. Behavior-based IDS

96
Q

Quiz 3: Which type of IDS is most effective at detecting attacks that have not been previously identified?
A. Signature-based IDS
B. Behavior-based IDS
C. Network-based IDS
D. Host-based IDS

A

Answer: B. Behavior-based IDS

97
Q

Quiz 4: What is the primary difference between Network-based IDS and Host-based IDS?
A. NIDS looks at network traffic, while HIDS looks at activity on a specific host or endpoint.
B. NIDS operates at the network layer, while HIDS operates at the application layer.
C. NIDS can detect new or unknown attacks, while HIDS can only detect known attacks.
D. NIDS is more effective than HIDS at detecting insider threats.

A

Answer: A. NIDS looks at network traffic, while HIDS looks at activity on a specific host or endpoint.

98
Q

Quiz 5: Which type of IDS can generate a large number of alerts?
A. Signature-based IDS
B. Behavior-based IDS
C. Network-based IDS
D. Host-based IDS

A

Answer: A. Signature-based IDS

99
Q

Quiz 6: What is the difference between a true positive and a false negative alert?
A. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system mistakenly detects an attack that did not occur.
B. A true positive alert is generated when the system fails to detect an attack that did occur, while a false negative alert is generated when the system correctly determines that no attack occurred.
C. A true positive alert is generated when the system correctly determines that no attack occurred, while a false negative alert is generated when the system mistakenly detects an attack that did not occur.
D. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system fails to detect an attack that did occur.

A

Answer: D. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system fails to detect an attack that did occur.

100
Q

Quiz 1: What is Snort primarily used for?
A. A video editing tool
B. A command-line based tool for sniffing, packet-logging, and as a Network IDS
C. A graphic design software
D. A web browser

A

Answer: Option B.

CEH Notes (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions