Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

Certified Ethical Hacker Exam (CEH v12) Free Questions - Part 17

Question No : 241) Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?
A. Infoga 
B. WebCopier Pro 
C. Netsparker 
D. NCollector Studio 

Question No : 242) Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

A. Wireshark
B. Maltego
C. Metasploit
D. Nessus

Question No : 243) Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access? 

A. He must perform privilege escalation.
B. He needs to disable antivirus protection.
C. He needs to gain physical access.
D. He already has admin privileges, as shown by the “501” at the end of the SID.

Question No : 244) A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer. what tests would you perform to determine whether his computer Is Infected?
A. Use ExifTool and check for malicious content. 
B. You do not check; rather, you immediately restore a previous snapshot of the operating system. 
C. Upload the file to VirusTotal. 
D. Use netstat and check for outgoing connections to strange IP addresses or domain

Question No : 245) Which of the following LM hashes represent a password of less than 8 characters?(Choose two.)
A. BA810DBA98995F1817306D272A9441BB
B. 44EFCE164AB921CQAAD3B435B51404EE
C. 0182BD0BD4444BF836077A718CCDF409
D. CEC52EB9C8E3455DC2265B23734E0DAC
E. B757BF5C0D87772FAAD3B435B51404EE
F. E52CAC67419A9A224A3B108F3FA6CB6D

Question No : 246) A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the current time from the target host machine.
Which of the following Zenmap options must the analyst use to perform the ICMP timestamp ping scan?
A. -PY
B. -PU
C. -PP
D. -Pn

Question No : 247) These hackers have limited or no training and know how to use only basic techniques or tools.What kind of hackers are we talking about?
A. Black-Hat Hackers A 
B. Script Kiddies 
C. White-Hat Hackers 
D. Gray-Hat Hacker 

Question No : 248) Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system. Which of the following Nmap options must she use to perform service version discovery on the target host?

A. -SN
B. -SX
C. -sV
D. -SF

Question No : 249) How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?
A. Hash value 
B. Private key 
C. Digital signature 
D. Digital certificate 

Question No : 250) Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfilltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs, what type of malware did the attacker use to bypass the company's application whitelisting? 

A. Phishing malware
B. Zero-day malware
C. File-less malware
D. Logic bomb malware

Question No : 251) Which of the following statements about a zone transfer is correct? (Choose three.)
A. A zone transfer is accomplished with the DNS 
B. A zone transfer is accomplished with the nslookup service 
C. A zone transfer passes all zone information that a DNS server maintains 
D. A zone transfer passes all zone information that a nslookup server maintains 
E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections 
F. Zone transfers cannot occur on the Internet 

Question No : 252) Which of the following programs is usually targeted at Microsoft Office products?
A. Polymorphic virus 
B. Multipart virus 
C. Macro virus 
D. Stealth virus

Question No : 253) What does the –oX flag do in an Nmap scan?
A. Perform an eXpress scan
B. Output the results in truncated format to the screen
C. Output the results in XML format to a file
D. Perform an Xmas scan

Question No : 254) You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
A. All three servers need to be placed internally 
B. A web server facing the Internet, an application server on the internal network, a database server on the internal network 
C. A web server and the database server facing the Internet, an application server on the internal network 
D. All three servers need to face the Internet so that they can communicate between themselves

Question No : 255) Attempting an injection attack on a web server based on responses to True/False 

QUESTION NO:s is called which of the following?
A. Compound SQLi 
B. Blind SQLi 
C. Classic SQLi 
D. DMS-specific SQLi 

 

312-50v12 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.