Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the GAQM CEH-001 Exam: A Detailed Certified Ethical Hacker (CEH) Guide

Questions 21

To see how some of the hosts on your network react, Winston sends out SYN packets to an IP range. A number of IPs respond with a SYN/ACK response. Before the connection is established he sends RST packets to those hosts to stop the session. Winston has done this to see how his intrusion detection system will log the traffic. What type of scan is Winston attempting here?

Options:

A.

Winston is attempting to find live hosts on your company's network by using an XMAS scan.

B.

He is utilizing a SYN scan to find live hosts that are listening on your network.

C.

This type of scan he is using is called a NULL scan.

D.

He is using a half-open scan to find live hosts on your network.

Buy Now
Questions 22

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

Options:

A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

Buy Now
Questions 23

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

Options:

A.

Drops the packet and moves on to the next one

B.

Continues to evaluate the packet until all rules are checked

C.

Stops checking rules, sends an alert, and lets the packet continue

D.

Blocks the connection with the source IP address in the packet

Buy Now
Questions 24

What type of port scan is shown below?

CEH-001 Question 24

Options:

A.

Idle Scan

B.

Windows Scan

C.

XMAS Scan

D.

SYN Stealth Scan

Buy Now
Questions 25

Which of the following types of firewall inspects only header information in network traffic?

Options:

A.

Packet filter

B.

Stateful inspection

C.

Circuit-level gateway

D.

Application-level gateway

Buy Now
Questions 26

In the software security development life cyle process, threat modeling occurs in which phase?

Options:

A.

Design

B.

Requirements

C.

Verification

D.

Implementation

Buy Now
Questions 27

Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity?

Options:

A.

CI Gathering

B.

Scanning

C.

Dumpster Diving

D.

Garbage Scooping

Buy Now
Questions 28

Which of the following represent weak password? (Select 2 answers)

Options:

A.

Passwords that contain letters, special characters, and numbers ExamplE. ap1$%##f@52

B.

Passwords that contain only numbers ExamplE. 23698217

C.

Passwords that contain only special characters ExamplE. &*#@!(%)

D.

Passwords that contain letters and numbers ExamplE. meerdfget123

E.

Passwords that contain only letters ExamplE. QWERTYKLRTY

F.

Passwords that contain only special characters and numbers ExamplE. 123@$45

G.

Passwords that contain only letters and special characters ExamplE. bob@&ba

Buy Now
Questions 29

June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus?

Options:

A.

Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus

B.

Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus

C.

No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program

D.

No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus

Buy Now
Questions 30

Which of the following items of a computer system will an anti-virus program scan for viruses?

Options:

A.

Boot Sector

B.

Deleted Files

C.

Windows Process List

D.

Password Protected Files

Buy Now
Questions 31

Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

Options:

A.

Cross-site scripting

B.

SQL injection

C.

VPath injection

D.

XML denial of service issues

Buy Now
Questions 32

Kevin is an IT security analyst working for Emerson Time Makers, a watch manufacturing company in Miami. Kevin and his girlfriend Katy recently broke up after a big fight. Kevin believes that she was seeing another person. Kevin, who has an online email account that he uses for most of his mail, knows that Katy has an account with that same company. Kevin logs into his email account online and gets the following URL after successfully logged in: http://www.youremailhere.com/mail.asp?mailbox=Kevin &Smith=121%22 Kevin changes the URL to: http://www.youremailhere.com/mail.asp?mailbox=Katy &Sanchez=121%22 Kevin is trying to access her email account to see if he can find out any information. What is Kevin attempting here to gain access to Katy's mailbox?

Options:

A.

This type of attempt is called URL obfuscation when someone manually changes a URL to try and gain unauthorized access

B.

By changing the mailbox's name in the URL, Kevin is attempting directory transversal

C.

Kevin is trying to utilize query string manipulation to gain access to her email account

D.

He is attempting a path-string attack to gain access to her mailbox

Buy Now
Questions 33

Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide?

Options:

A.

Incident response services to any user, company, government agency, or organization in partnership with the Department of Homeland Security

B.

Maintenance of the nation’s Internet infrastructure, builds out new Internet infrastructure, and decommissions old Internet infrastructure

C.

Registration of critical penetration testing for the Department of Homeland Security and public and private sectors

D.

Measurement of key vulnerability assessments on behalf of the Department of Defense (DOD) and State Department, as well as private sectors

Buy Now
Questions 34

Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?

alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert

Options:

A.

The payload of 485 is what this Snort signature will look for.

B.

Snort will look for 0d0a5b52504c5d3030320d0a in the payload.

C.

Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.

D.

From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.

Buy Now
Questions 35

Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'

What will the SQL statement accomplish?

Options:

A.

If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin

B.

This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com

C.

This Select SQL statement will log James in if there are any users with NULL passwords

D.

James will be able to see if there are any default user accounts in the SQL database

Buy Now
Questions 36

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Options:

A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

Buy Now
Questions 37

John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the log files to investigate the attack. Take a look at the following Linux log file snippet. The hacker compromised and "owned" a Linux machine. What is the hacker trying to accomplish here?

CEH-001 Question 37

Options:

A.

The hacker is attempting to compromise more machines on the network

B.

The hacker is planting a rootkit

C.

The hacker is running a buffer overflow exploit to lock down the system

D.

The hacker is trying to cover his tracks

Buy Now
Questions 38

Which of the following Registry location does a Trojan add entries to make it persistent on Windows 7? (Select 2 answers)

CEH-001 Question 38

Options:

A.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

B.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\System32\CurrentVersion\ Run

C.

HKEY_CURRENT_USER\Software\Microsoft\Windows\System32\CurrentVersion\Run

D.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Buy Now
Questions 39

Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across what appears to be SYN requests to an internal computer from a spoofed IP address. What is Jacob seeing here?

Options:

A.

Jacob is seeing a Smurf attack.

B.

Jacob is seeing a SYN flood.

C.

He is seeing a SYN/ACK attack.

D.

He has found evidence of an ACK flood.

Buy Now
Questions 40

In order to show improvement of security over time, what must be developed?

Options:

A.

Reports

B.

Testing tools

C.

Metrics

D.

Taxonomy of vulnerabilities

Buy Now
Exam Code: CEH-001
Exam Name: Certified Ethical Hacker (CEH)
Last Update: Dec 13, 2024
Questions: 878

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42