Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GAQM Certified Ethical Hacker CEH CEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CEH-001 Premium Access

View all detail and faqs for the CEH-001 exam

Go to Exam

796 Students Passed

86% Average Score

93% Same Questions

Viewing page 10 out of 14 pages

Viewing questions 181-200 out of questions

Questions # 181:

John is using a special tool on his Linux platform that has a signature database and is therefore able to detect hundred of vulnerabilities in UNIX, Windows, and commonly-used web CGI scripts. Additionally, the database detects DDoS zombies and Trojans. What would be the name of this multifunctional tool?

Options:

nmap

hping

nessus

make

Questions # 182:

MX record priority increases as the number increases. (True/False.

Options:

True

False

Questions # 183:

According to the CEH methodology, what is the next step to be performed after footprinting?

Options:

Enumeration

Scanning

System Hacking

Social Engineering

Expanding Influence

Questions # 184:

What is "Hacktivism"?

Options:

Hacking for a cause

Hacking ruthlessly

An association which groups activists

None of the above

Questions # 185:

Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?

Options:

Network aliasing

Domain Name Server (DNS) poisoning

Reverse Address Resolution Protocol (ARP)

Port scanning

Questions # 186:

Which of the following LM hashes represents a password of less than 8 characters?

Options:

0182BD0BD4444BF836077A718CCDF409

44EFCE164AB921CQAAD3B435B51404EE

BA810DBA98995F1817306D272A9441BB

CEC52EB9C8E3455DC2265B23734E0DAC

B757BF5C0D87772FAAD3B435B51404EE

E52CAC67419A9A224A3B108F3FA6CB6D

Questions # 187:

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Options:

Overloading Port Address Translation

Dynamic Port Address Translation

Dynamic Network Address Translation

Static Network Address Translation

Questions # 188:

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

Options:

An attacker, working slowly enough, can evade detection by the IDS.

Network packets are dropped if the volume exceeds the threshold.

Thresholding interferes with the IDS’ ability to reassemble fragmented packets.

The IDS will not distinguish among packets originating from different sources.

Questions # 189:

Botnets are networks of compromised computers that are controlled remotely and surreptitiously by one or more cyber criminals. How do cyber criminals infect a victim's computer with bots? (Select 4 answers)

Options:

Attackers physically visit every victim's computer to infect them with malicious software

Home computers that have security vulnerabilities are prime targets for botnets

Spammers scan the Internet looking for computers that are unprotected and use these "open-doors" to install malicious software

Attackers use phishing or spam emails that contain links or attachments

Attackers use websites to host the bots utilizing Web Browser vulnerabilities

Questions # 190:

Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

Options:

To create a denial of service attack.

To verify information about the mail administrator and his address.

To gather information about internal hosts used in email treatment.

To gather information about procedures that are in place to deal with such messages.

Questions # 191:

While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out.

What is the most likely cause behind this response?

Options:

The firewall is dropping the packets.

An in-line IDS is dropping the packets.

A router is blocking ICMP.

The host does not respond to ICMP packets.

Questions # 192:

What does an ICMP (Code 13) message normally indicates?

Options:

It indicates that the destination host is unreachable

It indicates to the host that the datagram which triggered the source quench message will need to be re-sent

It indicates that the packet has been administratively dropped in transit

It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination

Questions # 193:

What is the essential difference between an ‘Ethical Hacker’ and a ‘Cracker’?

Options:

The ethical hacker does not use the same techniques or skills as a cracker.

The ethical hacker does it strictly for financial motives unlike a cracker.

The ethical hacker has authorization from the owner of the target.

The ethical hacker is just a cracker who is getting paid.

Questions # 194:

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

Options:

The packets were sent by a worm spoofing the IP addresses of 47 infected sites

ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Questions # 195:

John has scanned the web server with NMAP. However, he could not gather enough information to help him identify the operating system running on the remote host accurately.

What would you suggest to John to help identify the OS that is being used on the remote web server?

Options:

Connect to the web server with a browser and look at the web page.

Connect to the web server with an FTP client.

Telnet to port 8080 on the web server and look at the default page code.

Telnet to an open port and grab the banner.

Questions # 196:

Name two software tools used for OS guessing? (Choose two.

Questions # 197:

Which of the following tools are used for footprinting? (Choose four)

Options:

Sam Spade

NSLookup

Traceroute

Neotrace

Cheops

Questions # 198:

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts.

Which of the following features makes this possible? (Choose two)

Options:

It used TCP as the underlying protocol.

It uses community string that is transmitted in clear text.

It is susceptible to sniffing.

It is used by all network devices on the market.

Questions # 199:

You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

Options:

You should have used 3DES which is built into Windows

If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

Questions # 200:

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?