CEH – Assessment Test

Posted by
certified-ethical-hacker-practice-tests
# Total No. of Questions = 35
Q1. What is the focus of a security audit or vulnerability assessment?

A) Locating vulnerabilities
B) Locating threats
C) Enacting threats
D) Exploiting vulnerabilities
The Correct Answer is:- A


2. What kind of physical access device restricts access to a single individual at any one time?

A) Checkpoint
B) Perimeter security
C) Security zones
D) Mantrap
The Correct Answer is:- D


3. Which of the following is a mechanism for managing digital certificates through a system of trust?

A) PKI
B) PKCS
C) ISA
D) SSL
The Correct Answer is:- A


4. Which protocol is used to create a secure environment in a wireless network?

A) WAP
B) WPA
C) WTLS
D) WML
The Correct Answer is:- B


5. What type of exercise is conducted with full knowledge of the target environment?

A) White box
B) Gray box
C) Black box
D) Glass box
The Correct Answer is:- A

6. You want to establish a network connection between two LANs using the Internet. Which technology would best accomplish that for you?

A) IPSec
B) L2TP
C) PPP
D) SLIP
The Correct Answer is:- B


7. Which design concept limits access to systems from outside users while protecting users and systems inside the LAN?

A) DMZ
B) VLAN
C) I&A
D) Router
The Correct Answer is:- A


8. In the key recovery process, which key must be recoverable?

A) Rollover key
B) Secret key
C) Previous key
D) Escrow key
The Correct Answer is:- D

9. Which kind of attack is designed to overload a system or resource, taking it temporarily or permanently offline?

A) Spoofing
B) Trojan
C) Man in the middle
D) SYN flood
The Correct Answer is:- D

10. Which component of an NIDS collects data?

A) Data source
B) Sensor
C) Event
D) Analyzer
The Correct Answer is:- B

11. What is the process of making an operating system secure from attack called?

A) Hardening
B) Tuning
C) Sealing
D) Locking down
The Correct Answer is:- A

12. The integrity component provides which feature of the CIA triad?

A) Verification that information is accurate
B) Verification that ethics are properly maintained
C) Establishment of clear access control of data
D) Verification that data is kept private and secure
The Correct Answer is:- A

13. Which mechanism is used by PKI to allow immediate verification of a certificate’s validity?

A) CRL
B) MD5
C) SSHA
D) OCSP
The Correct Answer is:- D

14. Which of the following is used to create a VLAN from a physical security perspective?

A) Hub
B) Switch
C) Router
D) Firewall
The Correct Answer is:- B

15. A user has just reported that he downloaded a file from a prospective client using IM. The user indicates that the file was called account.doC) The system has been behaving unusually since he downloaded the file. What is the most likely event that occurred?

A) Your user inadvertently downloaded a macro virus using IM.
B) Your user may have downloaded a rootkit.
C) Your user may have accidently changed a setting on the system.
D) The system is unstable due to the use of IM.
The Correct Answer is:- A

16. Which mechanism or process is used to enable or disable access to a network resource based on attacks that have been detected?

A) NIDS
B) NIPS
C) NITS
D) NADS
The Correct Answer is:- B

17. Which of the following would provide additional security to an Internet web server?

A) Changing the default port for traffic to 80
B) Changing the default port for traffic to 1019
C) Changing the default port for traffic to 443
D) Changing the default port for traffic to 161
The Correct Answer is:- C

18. What type of program exists primarily to propagate and spread itself to other systems and can do so without interaction from users?

A) Virus
B) Trojan horse
C) Logic bomb
D) Worm
The Correct Answer is:- D

19. An individual presents herself at your office claiming to be a service technician. She is attempting to discuss technical details of your environment such as applications, hardware, and personnel used to manage it. This may be an example of what type of attack?

A) Social engineering
B) Access control
C) Perimeter screening
D) Behavioral engineering
The Correct Answer is:- A

20. Which of the following is a major security problem with FTP?

A) Password files are stored in an unsecure area on disk.
B) Memory traces can corrupt file access.
C) User IDs and passwords are unencrypted.
D) FTP sites are unregistered.
Show Answer
The Correct Answer is:- C

21. Which system would you install to provide detective capabilities within a network?

A) NIDS
B) HIDS
C) NIPS
D) HIPS
The Correct Answer is:- A

22. The process of maintaining the integrity of evidence and ensuring no gaps in possession occur is known as what?

A) Security investigation
B) Chain of custody
C) Three As of investigation
D) Security policy
The Correct Answer is:- B

23. What encryption process uses one piece of information as a carrier for another?

A) Steganography
B) Hashing
C) MDA
D) Cryptointelligence
The Correct Answer is:- A

24. Which policy dictates how assets can be used by employees of a company?

A) Security policy
B) User policy
C) Use policy
D) Enforcement policy
E. Acceptable use policy
The Correct Answer is:- E

25. Which algorithm is an asymmetric encryption protocol?

A) RSA
B) AES
C) DES
D) 3DES
The Correct Answer is:- A

26. Which of the following is an example of a hashing algorithm?

A) ECC
B) PKI
C) SHA
D) MD
The Correct Answer is:- C

27. Which of the following creates a fixed-length output from a variable-length input?

A) MD5
B) MD7
C) SHA12
D) SHA8
The Correct Answer is:- A

28. Granting access to a system based on a factor such as an individual’s retina during a scan is an example of what type of authentication method?

A) Smart card
B) I&A
C) Biometrics
D) CHAP
The Correct Answer is:- C

29. What item is also referred to as a physical address to a computer system?

A) MAC
B) DAC
C) RBAC
D) STAC
The Correct Answer is:- A

30. What is the process of investigating a computer system for information relating to a security incident?

A) Computer forensics
B) Virus scanning
C) Security policy
D) Evidence gathering
The Correct Answer is:- A

31. Which of the following is seen as a replacement for protocols such as Telnet and FTP?

A) SSL
B) SCP
C) Telnet2
D) SSH
The Correct Answer is:- D

32. Which of the following is commonly used to create thumbprints for digital certificates?

A) MD5
B) MD7
C) SHA12
D) SHA8
The Correct Answer is:- A

33. Granting access to a system based on a factor such as a password is an example of what?

A) Something you have
B) Something you know
C) Something you are
D) Something you smell
The Correct Answer is:- B

34. What item is also referred to as a logical address to a computer system?

A) IP address
B) IPX address
C) MAC address
D) SMAC address
The Correct Answer is:- A

35. How many bits are in an IPv6 address?

A) 32
B) 64
C) 128
D) 256
The Correct Answer is:- C

Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.