Certified Ethical Hacker (CEHv10) Quiz Questions and Answers

First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do?

Answer :
  • Forward the message to your company’s security response team and permanently delete the message from your computer.

Which of the following techniques will identify if computer files have been changed?

Answer :
  • Integrity checking hashes

Which of the following is a low-tech way of gaining unauthorized access to systems?

Answer :
  • Social Engineering

Which system consists of a publicly available set of databases that contain domain name registration contact information?

Answer :
  • WHOIS

Which of the following is assured by the use of a hash?

Answer :
  • Integrity

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Answer :
  • Use a scan tool like Nessus

Which of the following program infects the system boot sector and the executable files at the same time?

Answer :
  •  Multipartite Virus

Why should the security analyst disable/remove unnecessary ISAPI filters?

Answer :
  • To defend against webserver attacks

A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

Answer :
  • Winpcap

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing the piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

Answer :
  • Cross-Site Request Forgery