New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the GAQM CEH-001 Exam: A Detailed Certified Ethical Hacker (CEH) Guide

Questions 181

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?

Options:
A.

The switches will drop into hub mode if the ARP cache is successfully flooded.

B.

If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.

C.

Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.

D.

The switches will route all traffic to the broadcast address created collisions.

GAQM CEH-001 Premium Access
Questions 182

Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean?

Options:
A.

This response means the port he is scanning is open.

B.

The RST/ACK response means the port Fred is scanning is disabled.

C.

This means the port he is scanning is half open.

D.

This means that the port he is scanning on the host is closed.

Questions 183

While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

<script>alert('Testing Testing Testing')</script>

Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?

Options:
A.

Cross Site Scripting

B.

Password attacks

C.

A Buffer Overflow

D.

A hybrid attack

Questions 184

William has received a Chess game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Chess.

CEH-001 Question 184

After William installs the game, he plays it for a couple of hours. The next day, William plays the Chess game again and notices that his machine has begun to slow down. He brings up his Task Manager and sees the following programs running:

CEH-001 Question 184

What has William just installed?

Options:
A.

Zombie Zapper (ZoZ)

B.

Remote Access Trojan (RAT)

C.

Bot IRC Tunnel (BIT)

D.

Root Digger (RD)

Questions 185

One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker's source IP address.

You send a ping request to the broadcast address 192.168.5.255.

CEH-001 Question 185

There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why?

Options:
A.

Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.

B.

Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.

C.

You should send a ping request with this command ping ? 192.168.5.0-255

D.

You cannot ping a broadcast address. The above scenario is wrong.

Questions 186

Which of the following Trojans would be considered 'Botnet Command Control Center'?

Options:
A.

YouKill DOOM

B.

Damen Rock

C.

Poison Ivy

D.

Matten Kit

Questions 187

What is the default Password Hash Algorithm used by NTLMv2?

Options:
A.

MD4

B.

DES

C.

SHA-1

D.

MD5

Questions 188

You have successfully gained access to a victim's computer using Windows 2003 Server SMB Vulnerability. Which command will you run to disable auditing from the cmd?

Options:
A.

stoplog stoplog ?

B.

EnterPol /nolog

C.

EventViewer o service

D.

auditpol.exe /disable

Questions 189

Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces?

Options:
A.

Image Hide

B.

Snow

C.

Gif-It-Up

D.

NiceText

Questions 190

What port number is used by LDAP protocol?

Options:
A.

110

B.

389

C.

464

D.

445

Questions 191

Hampton is the senior security analyst for the city of Columbus in Ohio. His primary responsibility is to ensure that all physical and logical aspects of the city's computer network are secure from all angles. Bill is an IT technician that works with Hampton in the same IT department. Bill's primary responsibility is to keep PC's and servers up to date and to keep track of all the agency laptops that the company owns and lends out to its employees. After Bill setup a wireless network for the agency, Hampton made sure that everything was secure. He instituted encryption, rotating keys, turned off SSID broadcasting, and enabled MAC filtering. According to agency policy, only company laptops are allowed to use the wireless network, so Hampton entered all the MAC addresses for those laptops into the wireless security utility so that only those laptops should be able to access the wireless network.

Hampton does not keep track of all the laptops, but he is pretty certain that the agency only purchases Dell laptops. Hampton is curious about this because he notices Bill working on a Toshiba laptop one day and saw that he was on the Internet. Instead of jumping to conclusions, Hampton decides to talk to Bill's boss and see if they had purchased a Toshiba laptop instead of the usual Dell. Bill's boss said no, so now Hampton is very curious to see how Bill is accessing the Internet. Hampton does site surveys every couple of days, and has yet to see any outside wireless network signals inside the company's building.

How was Bill able to get Internet access without using an agency laptop?

Options:
A.

Bill spoofed the MAC address of Dell laptop

B.

Bill connected to a Rogue access point

C.

Toshiba and Dell laptops share the same hardware address

D.

Bill brute forced the Mac address ACLs

Questions 192

Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company's intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage.

What Google search will accomplish this?

Options:
A.

related:intranet allinurl:intranet:"human resources"

B.

cache:"human resources" inurl:intranet(SharePoint)

C.

intitle:intranet inurl:intranet+intext:"human resources"

D.

site:"human resources"+intext:intranet intitle:intranet

Questions 193

Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment.

Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it.

What kind of Denial of Service attack was best illustrated in the scenario above?

Options:
A.

Simple DDoS attack

B.

DoS attacks which involves flooding a network or system

C.

DoS attacks which involves crashing a network or system

D.

DoS attacks which is done accidentally or deliberately

Questions 194

Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

Options:
A.

They are using UDP that is always authorized at the firewall

B.

They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended

C.

They have been able to compromise the firewall, modify the rules, and give themselves proper access

D.

They are using an older version of Internet Explorer that allow them to bypass the proxy server

Questions 195

Joseph has just been hired on to a contractor company of the Department of Defense as their Senior Security Analyst. Joseph has been instructed on the company's strict security policies that have been implemented, and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph's supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number. Joseph's company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication?

Options:
A.

Biometric device

B.

OTP

C.

Proximity cards

D.

Security token

Questions 196

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.

CEH-001 Question 196

Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

Options:
A.

Do not reply to email messages or popup ads asking for personal or financial information

B.

Do not trust telephone numbers in e-mails or popup ads

C.

Review credit card and bank account statements regularly

D.

Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

E.

Do not send credit card numbers, and personal or financial information via e-mail

Questions 197

When writing shellcodes, you must avoid ____________ because these will end the string.

CEH-001 Question 197

Options:
A.

Root bytes

B.

Null bytes

C.

Char bytes

D.

Unicode bytes

Questions 198

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him. What would Yancey be considered?

Options:
A.

Yancey would be considered a Suicide Hacker

B.

Since he does not care about going to jail, he would be considered a Black Hat

C.

Because Yancey works for the company currently; he would be a White Hat

D.

Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Questions 199

In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

CEH-001 Question 199

Options:
A.

Token Injection Replay attacks

B.

Shoulder surfing attack

C.

Rainbow and Hash generation attack

D.

Dumpster diving attack

Questions 200

You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

Options:
A.

To learn about the IP range used by the target network

B.

To identify the number of employees working for the company

C.

To test the limits of the corporate security policy enforced in the company

D.

To learn about the operating systems, services and applications used on the network