CEH Quick Pop Quiz

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Cruizrisner
C
Cruizrisner
Community Contributor
Quizzes Created: 1 | Total Attempts: 1,298
Questions: 20 | Attempts: 1,298

SettingsSettingsSettings
CEH Quizzes & Trivia

Just a small bit from the CEH


Questions and Answers
  • 1. 

    _____ is the pre-attack information gathering and organization of collected data, which is used to document the security profile of an organization.

    • A.

      Scanning

    • B.

      Foot printing

    • C.

      Dumpster diving

    • D.

      Enumeration

    Correct Answer
    B. Foot printing
    Explanation
    Footprinting is the pre-attack process of gathering information about a target organization, which is then used to create a security profile. This involves collecting data about the organization's network, systems, employees, and infrastructure. The purpose of foot printing is to identify potential vulnerabilities and weaknesses that can be exploited in a cyber attack. It includes activities such as searching online, analyzing public records, social engineering, and gathering information from publicly available sources. By conducting foot printing, attackers can understand the organization's security posture and plan their attack accordingly.

    Rate this question:

  • 2. 

    Identify the 3 pre-attack phases

    • A.

      Rooting

    • B.

      Scanning

    • C.

      Social engineering

    • D.

      Enumeration

    • E.

      Foot printing

    Correct Answer(s)
    B. Scanning
    D. Enumeration
    E. Foot printing
    Explanation
    The correct answer is scanning, enumeration, and foot printing. These three phases are part of the pre-attack process in which an attacker gathers information and identifies vulnerabilities in a target system or network. Scanning involves actively probing the target to discover open ports, services, and potential entry points. Enumeration is the process of gathering more detailed information about the target, such as user accounts, network resources, and system configurations. Foot printing is the initial phase where the attacker collects general information about the target, including IP addresses, domain names, and publicly available data. These three phases are crucial for an attacker to plan and execute a successful attack.

    Rate this question:

  • 3. 

    The information gathering stage has ___ phases

    • A.

      7

    • B.

      5

    • C.

      10

    • D.

      3

    Correct Answer
    A. 7
    Explanation
    The information gathering stage consists of multiple phases, and the correct answer is 7. This suggests that there are seven distinct phases involved in the process of gathering information.

    Rate this question:

  • 4. 

    Which of the following stages of information gathering fall under "foot printing"?

    • A.

      Discover open ports

    • B.

      Uncover services on ports

    • C.

      Detect operating system

    • D.

      Unearth initial information

    • E.

      Locate the network range

    Correct Answer(s)
    D. Unearth initial information
    E. Locate the network range
    Explanation
    The stages of information gathering that fall under "foot printing" are unearth initial information and locate the network range. Unearthing initial information involves collecting basic details about the target such as domain names, email addresses, or employee names. Locating the network range involves identifying the range of IP addresses that belong to the target organization. These two stages are crucial in the initial reconnaissance phase of a security assessment, as they provide a foundation for further investigation and vulnerability identification.

    Rate this question:

  • 5. 

    Which of the following tools might you use during foot printing?

    • A.

      Nmap

    • B.

      Sam Spade

    • C.

      Ethereal

    • D.

      Netcat

    Correct Answer
    B. Sam Spade
    Explanation
    Sam Spade is a tool that can be used during foot printing. It is a network analysis tool that helps in gathering information about a target network or system. It can perform tasks like DNS lookup, whois queries, IP address scanning, and other network reconnaissance activities. By using Sam Spade, an attacker can gather valuable information about the target, such as IP addresses, domain names, email addresses, and network services. This information can then be used to identify vulnerabilities and plan further attacks.

    Rate this question:

  • 6. 

    Determine the first DNS server in the following WHOIS output:Domain ID:D81180127-LRORDomain Name:ECCOUNCIL.ORGCreated On:14-Dec-2001 10:13:06 UTCLast Updated On:08-Oct-2003 09:32:10 UTCExpiration Date:14-Dec-2004 10:13:06 UTCSponsoring Registrar:R11-LRORStatus:OKRegistrant ID:tuTv2ItRZBMNd4lARegistrant Name:Paul KwitowskiRegistrant Organization:International Council of E-Commerce ConsultantsRegistrant Street1:67 Wall Street, 22nd FloorRegistrant City:New YorkRegistrant State/Province:NYRegistrant Postal Code:10005-3198Registrant Country:USRegistrant Phone:+1.2127098253Registrant FAX:+1.2129432300Registrant Email:[email protected] ID:tus9DYvpp5mrbLNdAdmin Name:Ethan RussellAdmin Organization:International Council of E-Commerce ConsultantsAdmin Street1:67 Wall Street, 22nd FloorAdmin City:New YorkAdmin State/Province:NYAdmin Postal Code:10005-3198Admin Country:USAdmin Phone:+1.2127098253Admin Email:[email protected] ID:tuE1cgAfi1VnFkpuTech Name:Jacob EckelTech Organization:International Council of E-Commerce ConsultantsTech Street1:67 Wall Street, 22nd FloorTech City:New YorkTech State/Province:NYTech Postal Code:10005-3198Tech Country:USTech Phone:+1.2127098253Tech Email:[email protected] Server:AUTH1.NS.NYI.NETName Server:AUTH2.NS.NYI.NET

    Correct Answer
    AUTH1.NS.NYI.NET
    Explanation
    The first DNS server in the WHOIS output is AUTH1.NS.NYI.NET.

    Rate this question:

  • 7. 

    Which of the following could be used to learn the ASN that an organization is using?

    • A.

      EDGAR

    • B.

      WHOIS

    • C.

      ARIN

    • D.

      NSLOOKUP

    Correct Answer
    C. ARIN
    Explanation
    ARIN (American Registry for Internet Numbers) could be used to learn the ASN (Autonomous System Number) that an organization is using. ARIN is responsible for the allocation and registration of IP addresses and ASNs in North America. Therefore, by accessing ARIN's database, one can find information about the ASNs assigned to different organizations.

    Rate this question:

  • 8. 

    If you wanted to know the geographic location of the routers, servers etc. which of these would you use?

    • A.

      Visual Trace

    • B.

      Visual Route

    • C.

      GeoTrace

    • D.

      Tracert

    Correct Answer
    B. Visual Route
    Explanation
    Visual Route is the correct answer because it is a software application that visually displays the geographic location of routers, servers, and other network devices. It uses maps and graphs to show the path of network traffic and provides information about the physical location of each device along the route. This tool is commonly used by network administrators and technicians to troubleshoot network issues and optimize network performance.

    Rate this question:

  • 9. 

    Which of the following can help detect intrusions?

    • A.

      NetDetect

    • B.

      Nmap

    • C.

      VisualLookout

    • D.

      Sam Spade

    • E.

      Snort

    Correct Answer(s)
    C. VisualLookout
    E. Snort
    Explanation
    VisualLookout and Snort can help detect intrusions. VisualLookout is a software tool that monitors network traffic and identifies any suspicious activities or anomalies that may indicate an intrusion. Snort, on the other hand, is an open-source intrusion detection system that analyzes network packets in real-time to detect and alert on potential attacks. Both tools are designed to enhance network security by identifying and responding to intrusions in a timely manner.

    Rate this question:

  • 10. 

    Which of the following would you use to determine if an email that you have sent gets opened?

    • A.

      VisualRoute Mail Tracker

    • B.

      Mailtracking.com

    • C.

      Sam Spade

    • D.

      EMailTrackerPro

    Correct Answer
    B. Mailtracking.com
    Explanation
    Mailtracking.com is the correct answer because it is a service specifically designed to track email opens. It provides users with real-time notifications when their emails are opened, allowing them to monitor the success and effectiveness of their email campaigns. This service tracks various metrics such as open rates, click-through rates, and even location data of the recipients. By using Mailtracking.com, users can gain valuable insights into the engagement and reach of their emails.

    Rate this question:

  • 11. 

    How might one determine if network hosts are alive?

    • A.

      War dialers

    • B.

      DoS Scripts

    • C.

      Netcat

    • D.

      Trojan horses

    • E.

      Ping utilities

    Correct Answer(s)
    A. War dialers
    E. Ping utilities
    Explanation
    One can determine if network hosts are alive by using war dialers and ping utilities. War dialers are tools that automatically dial a range of phone numbers to identify active phone lines, which can be used to determine if network hosts are alive. On the other hand, ping utilities send a small packet of data to a specific IP address and wait for a response, indicating if the host is alive or not. Therefore, both war dialers and ping utilities are effective methods for determining the status of network hosts.

    Rate this question:

  • 12. 

    Which of the following might one use to war dial?

    • A.

      Dialnet

    • B.

      Snort

    • C.

      THC-Scan

    • D.

      ToneLoc

    Correct Answer(s)
    C. THC-Scan
    D. ToneLoc
    Explanation
    THC-Scan and ToneLoc are both tools that can be used for war dialing. War dialing is the process of dialing a large range of telephone numbers in order to identify computer systems that may be connected to modems. THC-Scan and ToneLoc are specifically designed for this purpose and provide features such as automated scanning, detection of modems, and logging of results. These tools are commonly used by security professionals to identify vulnerable systems and potential entry points for unauthorized access.

    Rate this question:

  • 13. 

    Identify utilities for pinging

    • A.

      Icmpenum

    • B.

      Genius

    • C.

      BlackICE

    • D.

      Netscan Tools

    • E.

      Hping

    Correct Answer(s)
    A. Icmpenum
    D. Netscan Tools
    E. Hping
    Explanation
    The utilities mentioned in the answer are icmpenum, Netscan Tools, and Hping. These are all tools that can be used for pinging. icmpenum is a tool specifically designed for ICMP enumeration, Netscan Tools is a comprehensive network scanning tool that includes a ping utility, and Hping is a command-line tool that can send custom ICMP packets for various purposes, including ping. These utilities can be used to test network connectivity and check the availability of hosts.

    Rate this question:

  • 14. 

    An open scan would be also known as a

    • A.

      UDP scan

    • B.

      Strobe scan

    • C.

      Vanilla scan

    • D.

      Sweep scan

    Correct Answer
    C. Vanilla scan
    Explanation
    The term "vanilla scan" refers to an open scan. This type of scan involves sending a series of packets to a target system in order to gather information about open ports and services. It is called "vanilla" because it is a basic and straightforward method of scanning, without any additional techniques or complexities. Other options mentioned in the question, such as UDP scan, Strobe scan, and Sweep scan, are different types of scanning techniques with their own characteristics and purposes.

    Rate this question:

  • 15. 

    Which type of scans sends a packet with no flags set?

    • A.

      Half-open scan

    • B.

      Null scan

    • C.

      Xmas scan

    • D.

      Open scan

    Correct Answer
    B. Null scan
    Explanation
    A null scan is a type of scan where a packet is sent with no flags set. This means that no specific request or action is being made to the target system. By sending a null scan, the attacker can determine the state of the port based on the response received. If the port is open, no response will be received, indicating that the port is filtered or protected. If the port is closed, a response will be received, indicating that the port is closed and accessible. This type of scan is often used by attackers to gather information about a target system without triggering any alarms.

    Rate this question:

  • 16. 

    Which type of scan has all of the available flags in the TCP header set?

    • A.

      Xmas

    • B.

      Closed

    • C.

      Open

    • D.

      Full

    Correct Answer
    A. Xmas
    Explanation
    An Xmas scan is a type of TCP scan where all the available flags in the TCP header are set to 1. This includes the URG, PSH, and FIN flags. By sending packets with these flags set, the scanner attempts to elicit responses from the target system. If the target system responds with a RST packet, it indicates that the port is closed. If there is no response, it suggests that the port is open. Therefore, an Xmas scan is used to identify open and closed ports on a target system.

    Rate this question:

  • 17. 

    The "ipsecscan" utility is useful for scanning for the existence of VPN implementations by searching for IPSec characteristics on the remote device. IPSec supports which of the following encryption modes?

    • A.

      Relay

    • B.

      Peer to peer

    • C.

      Transfer

    • D.

      Transport

    • E.

      Tunnel

    Correct Answer(s)
    D. Transport
    E. Tunnel
    Explanation
    The "ipsecscan" utility is used to scan for the existence of VPN implementations by searching for IPSec characteristics on the remote device. IPSec supports two encryption modes: transport and tunnel. In transport mode, only the payload of the IP packet is encrypted, while in tunnel mode, the entire IP packet is encapsulated and encrypted. Both transport and tunnel modes provide secure communication, but they differ in the level of encryption applied.

    Rate this question:

  • 18. 

    The best port scanning tool currently available is?

    • A.

      Netscan Tools Pro

    • B.

      Superscan

    • C.

      Nmap

    • D.

      IpEye

    Correct Answer
    C. Nmap
    Explanation
    Nmap is considered the best port scanning tool currently available due to its extensive features and capabilities. It is an open-source and highly flexible tool that can be used for network exploration, security auditing, and vulnerability assessment. Nmap supports a wide range of scanning techniques, including TCP connect scanning, SYN scanning, and UDP scanning. It also provides advanced features like OS detection, version detection, script scanning, and the ability to scan thousands of ports quickly. Additionally, Nmap has a large and active community that constantly updates and improves its functionality, making it a reliable and widely trusted tool in the cybersecurity field.

    Rate this question:

  • 19. 

    What technique is used to determine the OS of a remote host?

    • A.

      OS ID

    • B.

      OS fingerprinting

    • C.

      OS scanning

    • D.

      OS investigation

    Correct Answer
    B. OS fingerprinting
    Explanation
    OS fingerprinting is a technique used to determine the operating system (OS) of a remote host. It involves analyzing various characteristics and behaviors of network packets sent by the remote host. By comparing these patterns with a database of known OS fingerprints, the technique can identify the most likely OS running on the remote host. This information is valuable for network administrators to understand the target system's vulnerabilities and to tailor their security measures accordingly.

    Rate this question:

  • 20. 

    What type of fingerprinting captures traffic from a target host and analyzes it to determine the remote OS?

    • A.

      Sniffprinting

    • B.

      Passive fingerprinting

    • C.

      Packet fingerprinting

    • D.

      Open fingerprinting

    Correct Answer
    B. Passive fingerprinting
    Explanation
    Passive fingerprinting is the correct answer because it involves capturing traffic from a target host and analyzing it to determine the remote operating system without actively engaging with the host. This method allows for the collection of data without alerting the target host. Sniffprinting, packet fingerprinting, and open fingerprinting do not accurately describe the process of capturing traffic and analyzing it for remote OS determination.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 01, 2009
    Quiz Created by
    Cruizrisner
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.