CEH Exam Questions Latest 2017 (Pass CEH Exam)

A virus that attempts to install itself inside of the file it is infecting is called?

Polymorphic virus
Tunneling virus
Stealth virus
Cavity virus

Answer: D

You are a security officer of a company. You had an alert from IDS that indicate one PC on your Intranet connected to a blacklisted IP address(C2 Server) on the Internet. The IP address was blacklisted just before of the alert. You are starting investigation to know the severity of situation roughly. Which of the following is appropriate to analyze?

IDS log
Event logs on the PC
Event logs on domain controller
Internet Firewall/Proxy log

(Answer: D)

Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of firewalls can protect against SQL injection attacks?

Web application firewall
Packet firewall
Stateful firewall
Data-driven firewall

Answer: A

A hacker is an intelligent individual with excellent computer skills that grant them the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to individual who work both offensively and defensively at various times?

Gray Hat
Black Hat
Suicide Hacker
White Hat

Answer: A

Which of the following is considered as one of the most reliable forms of TCP scanning?

NULL Scan
Half-open Scan
TCP Connect / Full Open Scan
Xmas Scan

Answer: C

Which of the following Secure Hashing Algorithm (SHA) produces a 160-bit digest from a message with a maximum length of (264 − 1) bits, and resembles the MD5 algorithm?

SHA-2
SHA-1
SHA-3
SHA-0

Answer: B

Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

IPID scanning
ICMP Echo scanning
ACK flag probe scanning
SYN/FIN scanning using IP fragments

Answer: D

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

Announced
Piggybacking
Reverse Social Engineering
Tailgating

(Answer: D)

Provided this log, What sentences are true? Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip
Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.

SSH communications are encrypted it’s impossible to know who is the client or the server.
Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.
Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Answer: B


Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?

-T0
-O
-T5
-A

(Answer: C)

Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like; Computer Security Policy, Information Protection Policy, Information Security Policy, Network Security Policy, Physical Security Policy, Remote Access Policy, User Account Policy. What is main theme of the sub-policies for Information Technologies?

Authenticity, Confidentiality, Integrity
Confidentiality, Integrity, Availability
Availability, Non-repudiation, Confidentiality
Authenticity, Integrity, Non-repudiation Answer: B You perform a scan of your company's network and discover that TCP port 123 is open. What services by default run on TCP port 123?
POP3
Telnet
DNS
Network Time Protocol Answer: D

For complete questions Email us at moonintdubai@gmail.com