Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

Certified Ethical Hacker Exam (CEH v12) Free Questions - Part 10

Question No : 136) Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob's boss is very worried because of regulations that protect those data. Which of the following regulations is mostly violated?
A. HIPPA/PHl 

B. Pll

C. PCIDSS 

D. ISO 2002

Question No : 137) What is the following command used for? net use \targetipc$ "" /u:""
A. Grabbing the etc/passwd file

B. Grabbing the SAM

C. Connecting to a Linux computer through Samba. 

D. This command is used to connect as a null session E. Enumeration of Cisco routers

Question No : 138) Within the context of Computer Security, which of the following statements describes Social Engineering best?
A. Social Engineering is the act of publicly disclosing information
B. Social Engineering is the means put in place by human resource to perform time accounting
C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
D. Social Engineering is a training program within sociology studies

Question No : 139) What is the minimum number of network connections in a multi homed firewall?
A. 3 

B. 5 

C. 4 

D. 2

Question No : 140) Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Tess King is trying to accomplish? Select the best answer.
A. A zone harvesting 

B. A zone transfer 

C. A zone update

D. A zone estimate

Question No : 141) A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?
A. White Hat

B. Suicide Hacker 

C. Gray Hat

D. Black Hat

Question No : 142) When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you with this task?
A. http-methods 

B. http enum

C. http-headers 

D. http-git

Question No : 143) What is the role of test automation in security testing?
A. It is an option but it tends to be very expensive.
B. It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.
C. Test automation is not usable in security due to the complexity of the tests.
D. It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.

Question No : 144) You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page. What Is the best Linux pipe to achieve your milestone?
A. dirb https://site.com | grep "site"

B. curl -s https://sile.com | grep ‘’< a href-\’http" | grep "Site-com- | cut -d "V" -f 2 

C. wget https://stte.com | grep "< a href=\*http" | grep "site.com"

D. wgethttps://site.com | cut-d"http-

Question No : 145) What tool can crack Windows SMB passwords simply by listening to network traffic?
A. This is not possible 

B. Netbus

C. NTFSDOS

D. L0phtcrack

Question No : 146) Which of the following is a low-tech way of gaining unauthorized access to systems?
A. Social Engineering 

B. Eavesdropping

C. Scanning

D. Sniffing

Question No : 147) Which of the following tactics uses malicious code to redirect users' web traffic?
A. Spimming
B. Pharming
C. Phishing
D. Spear-phishing

Question No : 148) Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?
A. Wardriving

B. KRACK attack

C. jamming signal attack 

D. aLTEr attack

Question No : 149) Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven’s iPhone through the infected computer and is able to monitor and read all of Steven’s activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in above scenario?
A. IOS trustjacking

B. lOS Jailbreaking

C. Exploiting SS7 vulnerability 

D. Man-in-the-disk attack

Question No : 150) What is not a PCI compliance recommendation?
A. Use a firewall between the public network and the payment card data.

B. Use encryption to protect all transmission of card holder data over any public network. 

C. Rotate employees handling credit card transactions on a yearly basis to different departments.

D. Limit access to card holder data to as few individuals as possible.

 

312-50v12 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.