Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

Certified Ethical Hacker Exam (CEH v12) Free Questions - Part 28

Question No : 406) Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.
A. SNMPUtil 
B. SNScan 
C. SNMPScan 
D. Solarwinds IP Network Browser 
E. NMap 

Question No : 407) Mary, a penetration tester, has found password hashes in a client system she managed to breach. She needs to use these passwords to continue with the test, but she does not have time to find the passwords that correspond to these hashes. Which type of attack can she implement in order to continue?

A. LLMNR/NBT-NS poisoning
B. Internal monologue attack
C. Pass the ticket
D. Pass the hash

Question No : 408) Kevin, a professional hacker, wants to penetrate CyberTech Inc.’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packet, but the target web server can decode them. What is the technique used by Kevin to evade the IDS system?
A. Desynchronization 
B. Obfuscating 
C. Session splicing 
D. Urgency flag 

Question No : 409) Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. Using this technique, he also imposed conditions such that employees can access only the resources required for their role. What is the technique employed by Eric to secure cloud resources?
A. Serverless computing 
B. Demilitarized zone 
C. Container technology 
D. Zero trust network 

Question No : 410) what firewall evasion scanning technique make use of a zombie system that has low network activity as well as its fragment identification numbers?
A. Decoy scanning 
B. Packet fragmentation scanning 
C. Spoof source address scanning 
D. Idle scanning 

Question No : 411) Which type of sniffing technique is generally referred as MiTM attack?

Which type of sniffing technique is generally referred as MiTM attack?

A. Password Sniffing 
B. ARP Poisoning 
C. Mac Flooding 
D. DHCP Sniffing 

Question No : 412) in this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstall the key, associated parameters such as the incremental transmit packet number and receive packet number are reset to their initial values. What is this attack called?

A. Chop chop attack
B. KRACK
C. Evil twin
D. Wardriving

Question No : 413) Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages?
A. CAST-128 
B. AES 
C. GOST block cipher 
D. DES

Question No : 414) What is the proper response for a NULL scan if the port is closed?
A. SYN 

B. ACK

C. FIN

D. PSH

E. RST

F. No response 

Question No : 415) Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?
] >

A. XXE

B. SQLi

C. IDOR

D. XXS

Question No : 416) What is a NULL scan?
A. A scan in which all flags are turned off 
B. A scan in which certain flags are off 
C. A scan in which all flags are on 
D. A scan in which the packet size is set to zero 
E. A scan with an illegal packet size

Question No : 417) A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?
A. Network elements must be hardened with user ids and strong passwords. Regular  security tests and audits should be performed.
B. As long as the physical access to the network elements is restricted, there is no need for additional measures.
C. There is no need for specific security measures on the network elements as long as  firewalls and IPS systems exist.
D. The operator knows that attacks and down time are inevitable and should have a backup site.

Question No : 418) You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?
A. c:\compmgmt.msc 
B. c:\services.msc 
C. c:\ncpa.cp 
D. c:\gpedit 

Question No : 419) Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs? 

A. Nikto
B. John the Ripper
C. Dsniff
D. Snort 

Question No : 420) Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

A. msfpayload
B. msfcli
C. msfd
D. msfencode

 

312-50v12 Answers

 

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.