Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CEH Practical Exams > PE 1: Essential Knowledge > Flashcards

PE 1: Essential Knowledge Flashcards

1
Q

A security team is implementing various security controls across the organization. After several configurations and applications, a final agreed-on set of security controls are put into place; however, not all risks are mitigated by the controls. Of the following, which is the next best step?

A. Continue applying controls until all risk is eliminated.

B. Ignore any remaining risk as “best effort controlled.”

C. Ensure that any remaining risk is residual or low and accept the risk.

D. Remove all controls.

A

C. Ensure that any remaining risk is residual or low and accept the risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Certified Ethical Hacker (CEH) follows a specific methodology for testing a system. Which step comes after footprinting in the CEH methodology?

A. Scanning

B. Enumeration

C. Reconnaissance

D. Application attack

A

A. Scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Your organization is planning for the future and is identifying the systems and processes critical for their continued operation. Which of the following best describes this effort?

A. BCP

B. BIA

C. DRP

D. ALE

A

B. BIA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following describes security personnel who act in defense of the network during attack simulations?

A. Red team

B. Blue team

C. Black hats

D. White hats

A

B. Blue team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You’ve been hired as part of a pen test team. During the brief, you learn the client wants the pen test attack to simulate a normal user who finds ways to elevate privileges and create attacks. Which test type does the client want?

A. White box

B. Gray box

C. Black box

D. Hybrid

A

B. Gray box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is defined as ensuring the enforcement of organizational security policy does not rely on voluntary user compliance by assigning sensitivity labels on information and comparing this to the level of security a user is operating at?

A. Mandatory access control

B. Authorized access control

C. Role-based access control

D. Discretionary access control

A

A. Mandatory access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following statements is true regarding the TCP three-way handshake?

A. The recipient sets the initial sequence number in the second step.

B. The sender sets the initial sequence number in the third step.

C. When accepting the communications request, the recipient responds with an acknowledgement and a randomly generated sequence number in the second step.

D. When accepting the communications request, the recipient responds with an acknowledgement and a randomly generated sequence number in the third step.

A

C. When accepting the communications request, the recipient responds with an acknowledgement and a randomly generated sequence number in the second step.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your network contains certain servers that typically fail once every five years. The total cost of one of these servers is $1000. Server technicians are paid $40 per hour, and a typical replacement requires two hours. Ten employees, earning an average of $20 per hour, rely on these servers, and even one of them going down puts the whole group in a wait state until it’s brought back up. Which of the following represents the ARO for a server?

A. $296

B. $1480

C. $1000

D. 0.20

A

D. 0.20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An ethical hacker is given no prior knowledge of the network and has a specific framework in which to work. The agreement specifies boundaries, nondisclosure agreements, and a completion date definition. Which of the following statements is true?

A. A white hat is attempting a black-box test.

B. A white hat is attempting a white-box test.

C. A black hat is attempting a black-box test.

D. A black hat is attempting a gray-box test.

A

A. A white hat is attempting a black-box test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a detective control?

A. Audit trail

B. CONOPS

C. Procedure

D. Smartcard authentication

E. Process

A

A. Audit trail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

As part of a pen test on a U.S. government system, you discover files containing Social Security numbers and other sensitive personally identifiable information (PII) information. You are asked about controls placed on the dissemination of this information. Which of the following acts should you check?

A. FISMA

B. Privacy Act

C. PATRIOT Act

D. Freedom of Information Act

A

B. Privacy Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Four terms make up the Common Criteria process. Which of the following contains seven levels used to rate the target?

A. ToE

B. ST

C. PP

D. EAL

A

D. EAL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Organization leadership is concerned about social engineering and hires a company to provide training for all employees. How is the organization handling the risk associated with social engineering?

A. They are accepting the risk.

B. They are avoiding the risk.

C. They are mitigating the risk.

D. They are transferring the risk.

A

C. They are mitigating the risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In which phase of the ethical hacking methodology would a hacker be expected to discover available targets on a network?

A. Reconnaissance

B. Scanning and enumeration

C. Gaining access

D. Maintaining access

E. Covering tracks

A

B. Scanning and enumeration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following was created to protect shareholders and the general public from corporate accounting errors and fraudulent practices, and to improve the accuracy of corporate disclosures?

A. GLBA

B. HIPAA

C. SOX

D. FITARA

A

C. SOX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following best defines a logical or technical control?

A. Air conditioning

B. Security tokens

C. Fire alarms

D. Security policy

A

B. Security tokens

17
Q

Which of the following was created to protect credit card data at rest and in transit in an effort to reduce fraud?

A. TCSEC

B. Common Criteria

C. ISO 27002

D. PCI DSS

A

D. PCI DSS

18
Q

As part of the preparation phase for a pen test you are participating in, the client relays their intent to discover security flaws and possible remediation. They seem particularly concerned about internal threats from the user base. Which of the following best describes the test type the client is looking for?

A. Gray box

B. Black box

C. White hat

D. Black hat

A

A. Gray box

19
Q

In which phase of the attack would a hacker set up and configure “zombie” machines?

A. Reconnaissance

B. Covering tracks

C. Gaining access

D. Maintaining access

A

D. Maintaining access

20
Q

Which of the following should not be included in a security policy?

A. Policy exceptions

B. Details on noncompliance disciplinary actions

C. Technical details and procedures

D. Supporting document references

A

C. Technical details and procedures

21
Q

Which of the following is best defined as a set of processes used to identify, analyze, prioritize, and resolve security incidents?

A. Incident management

B. Vulnerability management

C. Change management

D. Patch management

A

A. Incident management

22
Q

During an assessment, your pen test team discovers child porn on a system. Which of the following is the appropriate response?

A. Continue testing and report findings at out-brief.

B. Continue testing but report findings to the business owners.

C. Cease testing immediately and refuse to continue work for the client.

D. Cease testing immediately and contact authorities.

A

D. Cease testing immediately and contact authorities.

23
Q

Which of the following best describes an intranet zone?

A. It has few heavy security restrictions.

B. A highly secured zone, usually employing VLANs and encrypted communication channels.

C. A controlled buffer network between public and private.

D. A very restricted zone with no users.

A

A. It has few heavy security restrictions.

24
Q

A machine in your environment uses an open X-server to allow remote access. The X-server access control is disabled, allowing connections from almost anywhere and with little to no authentication measures. Which of the following are true statements regarding this situation? (Choose all that apply.)

A. An external vulnerability can take advantage of the misconfigured X-server threat.

B. An external threat can take advantage of the misconfigured X-server vulnerability.

C. An internal vulnerability can take advantage of the misconfigured X-server threat.

D. An internal threat can take advantage of the misconfigured X-server vulnerability.

A

B. An external threat can take advantage of the misconfigured X-server vulnerability.

D. An internal threat can take advantage of the misconfigured X-server vulnerability.

25
Q

While performing a pen test, you find success in exploiting a machine. Your attack vector took advantage of a common mistake—the Windows 7 installer script used to load the machine left the administrative account with a default password. Which attack did you successfully execute?

A. Application level

B. Operating system

C. Shrink wrap

D. Social engineering

E. Misconfiguration

A

B. Operating system

CEH Practical Exams (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions