Skip to content

Instantly share code, notes, and snippets.

@sudosuraj

sudosuraj/CEHv13 AI Question Dumps.md

Created February 12, 2025 17:40
Show Gist options
  • Save sudosuraj/9a0d39d9b45a4f3fc6cb855d2714519d to your computer and use it in GitHub Desktop.
Save sudosuraj/9a0d39d9b45a4f3fc6cb855d2714519d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CEHv13 AI Question Dumps.md

Certified Ethical Hacker (CEHv13) AI Question Dumps

  1. Which tool can be used to perform session splicing attacks?
  2. Which of the following characteristics is not true about the Simple Object Access Protocol?
  3. According to the Payment Card Industry Data Security Standard, when is it necessary to conduct external and internal penetration testing?
  4. What scanning technique does Alex use when he splits the TCP Header into many packets to make it difficult to determine their purpose?
  5. What kind of attack does Antonio perform when he uses several fake identities to create an illusion of traffic congestion in IoT networks?
  6. Which of the following wireless standards has a bandwidth of up to 54 Mbit/s and signals in a regulated frequency spectrum around 5 GHz?
  7. Which IDS evasion method depends on the Time-to-Live (TTL) fields of a TCP/IP packet?
  8. What is the method of determining the movement of a data packet from an untrusted external host to a protected internal host through a firewall?
  9. What is the name of the hacker's work stage where they gather maximum information about the company before attacking?
  10. Identify the Secure Hashing Algorithm that produces a 160-bit digest based on principles similar to MD4 and MD5.
  11. Which Nmap command allows you to most reduce the probability of detection by IDS when scanning common ports?
  12. What is a set of extensions to DNS that provide origin authentication, authenticated denial of existence, and data integrity but not availability or confidentiality?
  13. Which web application attack injects the special character elements "Carriage Return" and "Line Feed" into the user’s input?
  14. Which scanning technique will Elon use to make it difficult for a packet filter to determine the packet's purpose?
  15. What conclusion can you make from the given log output of a machine with multiple port scan attempts?
  16. What problem could Michael identify when websites are unreachable via URL but accessible via IP address?
  17. Which conceptual characteristic of an anomaly-based IDS makes it different from a signature-based IDS?
  18. Which command launches the Computer Management Console from "Run" as a local administrator in Windows 7?
  19. What type of attack did Victor use when he sent a phishing email using a spoofed boss's email address?
  20. Which regulation defines security and privacy controls for all U.S. federal information systems except those related to national security?
  21. Which Nmap command-line flag sets a stealth scan?
  22. What best describes two-factor authentication for a credit card (using a card and PIN)?
  23. What type of vulnerability is present when modifying URL parameters changes the displayed data?
  24. Which method will best suit Mark when his software methods fail to extract cryptographic keys?
  25. Which command-line tool is known as "Wireshark for CLI"?
  26. What is the best method to protect confidential information on a stolen laptop while traveling?
  27. What type of alert occurs when an IDS registers an attack, but it is actually a legitimate activity?
  28. Identify the type of jailbreaking that allows user-level access but not iBoot-level access.
  29. What type of attack are you performing if you make interactive queries, choosing plaintexts based on previous encryptions?
  30. Which of the following best describes code injection?
  31. The attacker tries to take advantage of a vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.
  32. What are the two main conditions for a digital signature?
  33. Which of the following is an encryption technique where data is encrypted by a sequence of photons that have a spinning trait while traveling from one end to another?
  34. Adam is a shopaholic, and he constantly surfs on the Internet in search of discounted products. The hacker decided to take advantage of this weakness and sent a fake email with a deceptive link.
  35. Which of the following parameters in Nmap helps evade IDS or firewalls?
  36. Which of the following commands checks for valid users on an SMTP server?
  37. What firewall evasion scanning technique makes use of a zombie system with low network activity and fragment identification numbers?
  38. What Wireshark filter will show the connections from the Snort machine to the Kiwi Syslog machine?
  39. What type of password attack uses statistical analysis to determine character placement probabilities?
  40. What is the common name for a vulnerability disclosure program opened by companies on platforms such as HackerOne?
  41. A DDoS attack is performed at layer 7 to take down web infrastructure by sending partial HTTP requests.
  42. What host discovery technique must be used to find active devices hidden behind a firewall?
  43. What kind of footprinting technique is used to gather domain information such as the target domain name, contact details, and registration details?
  44. What type of SQL injection attack returns no error messages and extracts data using conditional responses?
  45. Which rootkit is characterized by adding or replacing OS kernel code to hide a backdoor?
  46. What is the process of disassembling a mobile application to analyze its design flaws?
  47. What Nmap command quickly identifies all active machines in a network?
  48. Which of the following scanning techniques uses TCP SYN half-open scans to remain undetected?
  49. What is the name of a proxy-based web application security testing tool?
  50. What is the name of the attack that hijacks Bluetooth Low Energy (BLE) connections using Btlejack?
  51. What Google advanced search operator helps an attacker find websites similar to a specified target URL?
  52. What framework contains tools to facilitate data collection from open sources?
  53. What is the name of a scanning technique where an attacker infects some hosts and uses them to spread malware?
  54. What is the difference between white-hat, black-hat, and gray-hat hackers?
  55. What encryption method is used when data is encrypted using a quantum-based key exchange system?
  56. What SQL injection technique forces a database error to reveal information?
  57. What tool is used to decrypt hashed passwords obtained during penetration testing?
  58. What advanced attack technique exploits WPA3 vulnerabilities to recover keys?
  59. What is the scanning technique that detects live systems by sending ARP requests?
  60. What type of attack is performed by modifying a session token to gain unauthorized access?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment