Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

Certified Ethical Hacker Exam (CEH v12) Free Questions - Part 14

Question No : 196) Judy created a forum, one day. she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the following code is hidden behind those images:

 


document.writef); 
 

 

What issue occurred for the users who clicked on the image?

A. The code inject a new cookie to the browser.
B. The code redirects the user to another site.
C. The code is a virus that is attempting to gather the users username and password.
D. This php file silently executes the code and grabs the users session cookie and session ID.

Question No : 197) From the following table, identify the wrong answer in terms of Range (ft).
Standard Range (ft)
802.11a 150-150
802.11b 150-150
802.11g 150-150
802.16 (WiMax) 30 miles
A. 802.16 (WiMax) 

B. 802.11g

C. 802.11b

D. 802.11a

Question No : 198) Consider the following Nmap output: 

Consider the following Nmap output:

what command-line parameter could you use to determine the type and version number of the web server?
A. -sv 

B. -Pn 

C. -V 

D. -ss

Question No : 199) Which of the following is the BEST way to defend against network sniffing?
A. Using encryption protocols to secure network communications
B. Register all machines MAC Address in a Centralized Database
C. Use Static IP Address
D. Restrict Physical Access to Server Rooms hosting Critical Servers

Question No : 200) Suppose that you test an application for the SQL injection vulnerability. You know that the backend database
is based on Microsoft SQL Server. In the login/password form, you enter the following credentials:
Username: attack' or 1=1 -
Password: 123456
Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?
A. select * from Users where UserName = ‘attack’ ’ or 1=1 -- and UserPassword = ‘123456’ 

B. select * from Users where UserName = ‘attack’ or 1=1 -- and UserPassword = ‘123456’ 

C. select * from Users where UserName = ‘attack or 1=1 -- and UserPassword = ‘123456’ 

D. select * from Users where UserName = ‘attack’ or 1=1 --’ and UserPassword = ‘123456’

Question No : 201) You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are starting an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?
A. IDS log

B. Event logs on domain controller 

C. Internet Firewall/Proxy log.

D. Event logs on the PC

Question No : 202) When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A. Data items and vulnerability scanning

B. Interviewing employees and network engineers 

C. Reviewing the firewalls configuration

D. Source code review

Question No : 203) A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm’s public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag:“b0aac0542e25c31:89d”
Content-Length: 7369
Which of the following is an example of what the engineer performed?
A. Banner grabbing

B. SQL injection

C. Whois database query 

D. Cross-site scripting

Question No : 204) Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packets with Bob's IP address to the host machine. The host machine responded with <| packet having an Incremented ISN. Consequently. Bob's connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by Samuel in the above scenario?
A. UDP hijacking 

B. Blind hijacking 

C. TCP/IP hacking 

D. Forbidden attack

Question No : 205) The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host
10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?
access-list 102 deny tcp any any
access-list 104 permit udp host 10.0.0.3 any
access-list 110 permit tcp host 10.0.0.2 eq www any
access-list 108 permit tcp any eq ftp any
A. The ACL 104 needs to be first because is UDP
B. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router
C. The ACL for FTP must be before the ACL 110
D. The ACL 110 needs to be changed to port 80

Question No : 206) John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?
A. Advanced persistent 

B. threat Diversion theft 

C. Spear-phishing sites 

D. insider threat

Question No : 207) Widespread fraud ac Enron. WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This law is known by what acronym?
A. Fed RAMP 

B. PCIDSS 

C. SOX

D. HIPAA

Question No : 208) While performing an Nmap scan against a host, Paola determines the existence of a firewall. In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?
A. -sA 

B. -sX 

C. -sT 

D. -sF

Question No : 209) John the Ripper is a technical assessment tool used to test the weakness of which of the following?
A. Passwords

B. File permissions 

C. Firewall rulesets 

D. Usernames

Question No : 210) Take a look at the following attack on a Web Server using obstructed URL:

Take a look at the following attack on a Web Server using obstructed URL

How would you protect from these attacks?
A. Configure the Web Server to deny requests involving "hex encoded" characters 

B. Create rules in IDS to alert on strange Unicode requests

C. Use SSL authentication on Web Servers

D. Enable Active Scripts Detection at the firewall and routers

 

312-50v12 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.