Free Certified Ethical Hacker MCQ Questions and Answers

Question 1

Which of these is not an element of security?

Accepted Answer

Fraternity

Answer

The fundamental elements of information security are typically referred to as the CIA triad: Confidentiality, Integrity, and Availability. These three principles guide the protection of information assets and are core to cybersecurity. 'Fraternity' is a social term and has no relevance to the core concepts of information security.

Question 2

Let's say you want to find information about a website by crawling through it. Which application do you apply?

Accepted Answer

Web Spiders

Answer

Web spiders (also known as web crawlers or bots) are automated programs that systematically browse the World Wide Web. They are used by search engines to index web content and by security professionals or attackers to gather information about a website's structure, links, and content through crawling. This reconnaissance helps in identifying potential targets or vulnerabilities.

Question 3

Except for one, all of the examples below are sniffing techniques.

Accepted Answer

DAC Flooding

Answer

DHCP Starvation, ARP Poisoning, and Spoofing (specifically MAC or IP spoofing used in conjunction with other techniques) are all methods associated with network sniffing or manipulating network traffic to enable sniffing. DAC Flooding, however, refers to a denial-of-service attack targeting a switch's CAM table, which is distinct from techniques used for sniffing.

Question 4

When this flag is set, communication is abruptly ended.

Accepted Answer

RST

Answer

The RST (Reset) flag in a TCP packet is used to immediately terminate a connection. It indicates that the sender has encountered an error or an invalid segment and wishes to abort the connection without going through the normal graceful shutdown process. This can be used in various network attacks or for legitimate error handling.

Question 5

In 2004, Johnny Long popularized a footprinting technique using the manipulation of a search string to identify vulnerabilities.

Accepted Answer

Google Hacking

Answer

Google Hacking, also known as Google Dorking, was popularized by Johnny Long in 2004. It involves using advanced search operators in Google (and other search engines) to find sensitive information, vulnerabilities, or misconfigurations exposed on public websites. This technique is a crucial part of the reconnaissance phase in ethical hacking.

Certified Ethical Hacker Practice Test

Certified Ethical Hacker Practice Test

Free Certified Ethical Hacker MCQ Questions and Answers