CEH v9: Certified Ethical Hacker Version 9 Practice Tests
()
About this ebook
CEH: Certified Ethical Hacker Version 9 Practice Tests are the ideal preparation for this high-stakes exam. Five complete, unique practice tests are designed to help you identify weak spots in your understanding, so you can direct your preparation efforts efficiently and gain the confidence—and skills—you need to pass. These tests cover all five sections of the exam, allowing you to test your knowledge of Assessment; Security; Tools and Systems; Procedures and Methodology; and Regulation, Policy, and Ethics. Coverage aligns with CEH version 9, including material on cloud, tablet, and mobile phone security and attacks, as well as the latest vulnerabilities including Heartbleed, shellshock, and Poodle. The exams are designed to familiarize CEH candidates with the test format, allowing them to become more comfortable reading a Wireshark .pcap file or viewing visual depictions of network attacks. The ideal companion for the Sybex CEH v9 Study Guide, this book is an invaluable tool for anyone aspiring to this highly-regarded certification.
Offered by the International Council of Electronic Commerce Consultants, the Certified Ethical Hacker certification is unique in the penetration testing sphere, and requires preparation specific to the CEH exam more than general IT security knowledge. This book of practice tests help you steer your study where it needs to go by giving you a glimpse of exam day while there's still time to prepare.
- Practice all five sections of the CEH v9 exam
- Test your knowledge of security, tools, procedures, and regulations
- Gauge your understanding of new vulnerabilities and threats
- Master the material well in advance of exam day
By getting inside the mind of a hacker, you gain a one-of-a-kind perspective that dramatically boosts your marketability and advancement potential. If you're ready to attempt this unique certification, the CEH: Certified Ethical Hacker Version 9 Practice Tests are the major preparation tool you should not be without.
Related to CEH v9
Related ebooks
CompTIA Network+ Review Guide: Exam N10-006 Rating: 0 out of 5 stars0 ratingsThe Network Security Test Lab: A Step-by-Step Guide Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Review Guide: Exam SY0-501 Rating: 1 out of 5 stars1/5Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code Rating: 0 out of 5 stars0 ratingsCEH v9: Certified Ethical Hacker Version 9 Study Guide Rating: 0 out of 5 stars0 ratingsCEH Certified Ethical Hacker Study Guide Rating: 3 out of 5 stars3/5EnCase Computer Forensics -- The Official EnCE: EnCase Certified Examiner Study Guide Rating: 5 out of 5 stars5/5(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests Rating: 5 out of 5 stars5/5CompTIA Cloud+ Study Guide: Exam CV0-002 Rating: 0 out of 5 stars0 ratingsSecurity Administrator Street Smarts: A Real World Guide to CompTIA Security+ Skills Rating: 3 out of 5 stars3/5CompTIA Linux+ Practice Tests: Exam XK0-004 Rating: 0 out of 5 stars0 ratingsHACKING WITH KALI LINUX PENETRATION TESTING: Mastering Ethical Hacking Techniques with Kali Linux (2024 Guide for Beginners) Rating: 0 out of 5 stars0 ratingsCracking the Fortress: Bypassing Modern Authentication Mechanism Rating: 0 out of 5 stars0 ratingsOWNED: Why hacking continues to be a problem Rating: 0 out of 5 stars0 ratingsEC Council Certified Incident Handler A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsHands-On Web Penetration Testing with Metasploit: The subtle art of using Metasploit 5.0 for web application exploitation Rating: 0 out of 5 stars0 ratingsNortel Guide to VPN Routing for Security and VoIP Rating: 0 out of 5 stars0 ratingsCySA+ Study Guide: IT Security For Vulnerability And Threat Intelligence Analysts Rating: 0 out of 5 stars0 ratingsTCP/IP: Network+ Protocols And Campus LAN Switching Fundamentals Rating: 0 out of 5 stars0 ratingsOSINT Hacker's Arsenal: Metagoofil, Theharvester, Mitaka, Builtwith Rating: 0 out of 5 stars0 ratingsNetwork Security A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsHack Attacks Denied: A Complete Guide to Network Lockdown Rating: 4 out of 5 stars4/5Cybersecurity as a Fishing Game: Developing Cybersecurity in the Form of Fishing Game and What Top Management Should Understand Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsRFID A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsKernel Based Virtual Machine A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCCNA Cisco Certified Network Associate A Practical Study Guide on Passing the Exam Rating: 0 out of 5 stars0 ratingsCybersecurity - Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics Rating: 5 out of 5 stars5/5OSINT Cracking Tools: Maltego, Shodan, Aircrack-Ng, Recon-Ng Rating: 0 out of 5 stars0 ratings
Security For You
CompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsHow to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsTor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsRemote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Wireless Hacking 101 Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5CISM Certified Information Security Manager Study Guide Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701 Rating: 0 out of 5 stars0 ratingsPractical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Cybersecurity All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsIAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCompTia Security 701: Fundamentals of Security Rating: 0 out of 5 stars0 ratingsCybersecurity For Dummies Rating: 5 out of 5 stars5/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Codes and Ciphers Rating: 5 out of 5 stars5/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratings
Reviews for CEH v9
0 ratings0 reviews
Book preview
CEH v9 - Raymond Blockmon
Introduction
This exam book is designed to give the CEH candidate a realistic idea of what the CEH exam will look like. As a candidate, you should be familiar with Wireshark, Nmap, and other tools. To get the most out of these exams, you should consider constructing a virtual lab and practicing with the tools to become familiar with viewing the logs that are generated. In preparing for the CEH exam, you will benefit greatly by using YouTube. YouTube is a goldmine of information—and it’s free. It is also recommended that you keep up with the latest malware and cybersecurity news provided online. Most cybersecurity-related websites provide insight on the latest vulnerabilities and exploits that are in the wild. Keeping up to date with this information will only add value to your CEH knowledge and will help solidify your understanding even more.
Finally, this exam book should not be the only resource you use to prepare. You should use other exam books and study guides as well. The more diverse the exposure in terms of reading and preparation material, the better. Take your time studying; invest at least one hour per day prior to your exam date.
If you have not already read CEHv9: Certified Ethical Hacker Version 9 Study Guide by Sean-Philip Oriyano (Sybex, 2016) and you’re not seeing passing grades on these practice tests, you should invest in the Study Guide since it is an excellent resource to master any of the CEH topics that may be causing you problems.
CHAPTER 1
Practice Test 1
1.Which of the following is considered a passive reconnaissance action?
Searching through the local paper
Calling Human Resources
Using the nmap -sT command
Conducting a man-in-the-middle attack
Setting up a rogue hot spot
2. Which encryption was selected by NIST as the principal method for providing confidentiality after the DES algorithm?
3DES
Twofish
RC4
AES
3. What tool is able to conduct a man-in-the-Middle Attack on an 802.3 environment?
Ettercap
Cain & Abel
Wireshark
Nmap
4. What is the difference between a traditional firewall and an IPS?
Firewalls do not generate logs.
IPS cannot drop packets.
IPS does not follow rules.
IPS can dissect packets.
5. Why is it important to scan your target network slowly?
To avoid alerting the IDS
It is not necessary to scan the network slowly.
To evade the firewall
Services may not have started, so starting slowly ensures that you capture services that started late.
6. You are the senior manager in the IT department for your company. What is the most cost effective way to prevent social engineering attacks?
Install HIDS.
Ensure that all patches are up-to-date.
Monitor and control all email activity.
Implement user awareness training.
7. In which phase within the ethical hacking framework do you alter or delete log information?
Scanning and enumeration
Gaining access
Reconnaissance
Covering tracks
8. A hacker is conducting the following on the target workstation: nmap -sT 192.33.10.5. The attacker is in which phase?
Covering tracks
Enumeration
Scanning and enumeration
Gaining access
9. Which encryption algorithm is a symmetric stream cipher?
AES
ECC
RC4
PGP
10. What is the most important aspect when conducting a penetration test?
Receiving a formal written agreement
Documenting all actions and activities
Remediating serious threats immediately
Maintaining proper handoff with the information assurance team
11. You are a CISO for a giant tech company. You are charged with implementing an encryption cipher for your new mobile devices that will be introduced in 2017. What encryption standard will you most likely choose?
RC4
MD5
ECC
Skipjack
12. What does a SYN scan accomplish?
It establishes a full TCP connection.
It establishes only a half open
connection.
It opens an ACK connection with the target.
It detects all closed ports on a target system.
13. What is the major vulnerability for an ARP request?
It sends out an address request to all the hosts on the LAN.
The address is returned with a username and password in cleartext.
The address request can cause a DoS.
The address request can be spoofed with the attacker’s MAC address.
14.You are the CISO for a popular social website. You recently learned that your web servers have been compromised with the SSL Heart Bleed zero day exploit. What will be your most likely first course of action to defend against?
Patch all systems.
Establish new cryptographic keys.
Shut down Internet-facing web services.
Restrict access to sensitive information.
15. In what phase is an attacker who is currently conducting a successful man-in-the-middle attack?
Gaining access
Maintaining access
Reconnaissance
Covering tracks
16. What method of exploitation allows the adversary to test for SQL queries within the URL?
SQL injection
XSS
Spear phishing
Ruby on Rails injection method
17. What is the default TTL values for Microsoft Windows 7 OS?
64
128
255
256
18. Which input value would you utilize in order to evaluate and test for SQL injection vulnerabilities?
SQL test
admin and password
|| or |!
1'or'1'='1
19. What is the downside of using SSH with Telnet when it comes to security?
SSH encrypts the traffic and credentials.
You cannot see what the adversary is doing.
Data is sent in the clear.
You do not know what keys you are using.
20. What year did the Ping of Death first appear?
1992
1989
1990
1996
21. Which of the following viruses was the most infectious?
The Melisa virus
I Love You Virus
Blue Cross virus punter
Stuxnet
22. You are part of the help desk team. You receive a ticket from one of your users that their computer is periodically slow. The user also states that from time to time, documents have either disappeared or have been moved from their original location to another. You remote desktop to the user’s computer and investigate. Where is the most likely place to see if any new processes have started?
The Processes tab in Task Manager
C:\Temp
The Logs tab in Task Manager
C:\Windows\System32\User
23. As a network engineer, you received the task of bridging two corporate facilities by way of wireless communication. These facilities are more than 20 miles apart, contain more than 400 employees at each site, and have a $20,000 budget. Each site has a single-mode fiber connection. Which antenna would you use to bridge the gap?
Multimode fiber
Very small aperture terminal (VSAT)
Omni direction antenna
Directional antenna
24. What does a checksum indicate?
That the data has made it to its destination
That the three-way TCP/IP handshake finished
That there were changes to the data during transit or at rest
The size of the data after storage
25. Out of the following, which is one of RSA’s registered key strengths?
1,024 bits
256 bits
128 bits
512 bits
26. To provide nonrepudiation for email, which algorithm would you choose to implement?
AES
DSA
3DES
Skipjack
27. Which of the following describes a race condition?
Where two conditions occur at the same time and there is a chance that arbitrary commands can be executed with a user’s elevated permissions, which can then be used by the adversary
Where two conditions cancel one another out and arbitrary commands can be used based on the user privilege level
Where two conditions are executed under the same user account
Where two conditions are executed simultaneously with elevated user privileges
28. Your end clients report that they cannot reach any website on the external network. As the network administrator, you decide to conduct some fact finding. Upon your investigation, you determine that you are able to ping outside of the LAN to external websites using their IP address. Pinging websites with their domain name resolution does not work. What is most likely causing the issue?
The firewall is blocking DNS resolution.
The DNS server is not functioning correctly.
The external websites are not responding.
HTTP GET request is being dropped at the firewall from going out.
29. You are the security administration for your local city. You just installed a new IPS. Other than plugging it in and applying some basic IPS rules, no other configuration has been made. You come in the next morning and you discover that there was a so much activity generated by the IPS in the logs that it is too time consuming to view. What most likely caused the huge influx of logs from the IPS?
The clipping level was established.
There was a DoS attack on the network.
The LAN experienced a switching loop.
There was no baseline established.
30. Which method would be considered a client-side attack?
Cross-site scripting (XSS)
Man-in-the-middle attack
Watering hole attack
Denial of service (DoS)
31. As a penetration tester, only you and a few key selected individuals from the company will know of the targeted network that will be tested. You also have zero knowledge of your target other than the name and location of the company. What type of assessment is this called?
Gray box testing
White box testing
Black box testing
Blue box testing
32. As an attacker, you found your target. You spend the next two weeks observing and watching personnel move in and move out of the facility. You also observe how the front desk handles large packages that are delivered as well as people who do not have access badges. You finally come up with a solid schedule of security patrols that you see being conducted. What is it that you are doing?
Casing the target
Gaining access
Maintaining access
Reconnaissance
33. Which scanning tool is more likely going to yield accurate results for the hacker?
Ncat
Nmap
Ping
Nslookup
34. Why would an attacker conduct an open TCP connection scan using Ncat?
The attacker does not want to attack the system.
The attacker made a mistake using the nmap function.
The attacker is trying to connect to network services.
The attacker is trying to see what ports are open for connection.
35. Why would an attacker want to avoid tapping into a fiber-optic line?
It costs a lot of money to tap into a fiber line.
If done wrong, it could cause the entire connection signal to drop, therefore bringing unwanted attention from the targeted organization.
The network traffic would slow down significantly.
Tapping the line could alert an IPS/IDS.
36. You are an attacker who has successfully infiltrated your target’s web server. You performed a web defacement on the targeted organization’s website, and you were able to create your own credential with administrative privileges. Before conducting data exfiltration, what is the next move?
Log in to the new user account that you created.
Go back and delete or edit the logs.
Ensure that you log out of the session.
Ensure that you migrate to a different session and log out.
37.What is the main drawback to using Kerberos?
Symmetric keys can be compromised if not secured.
Kerberos uses weak cryptography and keys can be easily cracked.
Kerberos uses asymmetric cryptography and can be easily exploited.
The adversary can replay the ticket-granting ticket to gain access to a system or service.
38. Where is the password file located on a Windows system?
C:\Windows\temp
C:\Win\system\config
C:\Windows\accounts\config
C:\Windows\system32\config
39. Which response would the adversary receive on closed ports if they conducted an XMAS scan?
RST
RST/ACK
No Response
FIN/ACK
40. Why would the adversary encode their payload before sending it to the target victim?
Encoding the payload will not provide any additional benefit.
By encoding the payload, the adversary actually encrypts the payload.
The encoded payload can bypass the firewall because there is no port associated with the payload.
Encoding the payload can bypass IPS/IDS detection because it changes the signature.
41. Which password is more secure?
!9Apple
pass123!!
P@$$w0rD
keepyourpasswordsecuretoyourself
42. Which of the following best describes DNS poisoning?
The adversary intercepts and replaces the victims MAC address with their own.
The adversary replaces their malicious IP address with the victim’s IP address for the domain name.
The adversary replaces the legitimate domain name with the malicious domain name.
The adversary replaces the legitimate IP address that is mapped to the domain name with the malicious IP address.
43.Which of the following allows the adversary to forge certificates for authentication?
Wireshark
Ettercap
Cain & Abel
Ncat
44. Which encryption standard is used in WEP?
AES
RC5
MD5
RC4
45. You are sitting inside of your office and you notice a strange person in the parking lot with what appears to be a tall antenna connected to a laptop. What is the stranger most likely doing?
Brute-forcing their personal electronic device
Wardriving
Warflying
Bluesnarfing
46. As a network administrator, you see a familiar IP address pinging the broadcast address. What do you believe is happening?
Smurf attack
DNS poisoning
Man-in-the-middle attack
Trojan virus infecting the gateway
47. Which best describes a denial of service (DoS)?
Victim’s computer is infected with a virus.
A misconfigured switch is in a switching loop.
An adversary is forging a certificate.
An adversary is