CEH V11 Real Exam Questions And Answered
Let's Start Crack Exam
Larry, a security professional in an organization, has noticed some abnormalities in the user accounts on a web server. To thwart evolving attacks, he decided to harden the security of the web server by adopting a few countermeasures to secure the accounts on the web server.
Which of the following countermeasures must Larry implement to secure the user accounts on the web server?
Limit the administrator or root-level access to the minimum number of users
Retain all unused modules and application extensions
Enable unused default user accounts created during the installation of an OS
Enable all non-interactive accounts that should exist but do not require interactive login
Jude, a pen tester, examined a network from a hacker’s perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.
What is the type of vulnerability assessment that Jude performed on the organization?
External assessment
Passive assessment
Application assessment
Host-based assessment
Which of the following tactics uses malicious code to redirect users’ web traffic?
Pharming
Spear-phishing
Phishing
Spimming
Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim’s device, Mason further used Emotet to spread the infection across local networks and beyond to compromise as many machines as possible. In this process, he used a tool, which is a self-extracting RAR file, to retrieve information related to network resources such as writable share drives.
What is the tool employed by Mason in the above scenario?
Credential enumerator
NetPass.exe
WebBrowserPassView
Outlook scraper
Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network. Ultimately, he succeeded with one special command-line utility.
Which of the following command-line utilities allowed Morris to discover the WPS-enabled APs?
macof
wash
ntptrace
net view
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on Windows systems?
getsystem
getuid
autoroute
keylogrecorder
Which of the following protocols can be used to secure an LDAP service against anonymous queries?
NTLM
SSO
WPA
RADIUS
Allen, a professional pen tester, was hired by XpertTech Solutions to perform an attack simulation on the organization’s network resources. To perform the attack, he took advantage of the NetBIOS API and targeted the NetBIOS service. By enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration.
Identify the NetBIOS code used for obtaining the messenger service running for the logged-in user?
<20>
<03>
<1B>
<00>
Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim’s system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components.
What is the attack technique used by Stephen to damage the industrial systems?
Spear-phishing attack
HMI-based attack
SMishing attack
Reconnaissance attack
Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well-defined channels. For this purpose, he used an open-source technology that helped him in developing, packaging, and running applications; further, the technology provides PaaS through OS-level virtualization, delivers containerized software packages, and promotes fast software delivery.
What is the cloud technology employed by Alex in the above scenario?
Serverless computing
Zero trust network
Docker
Virtual machine