Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GAQM Certified Ethical Hacker CEH CEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CEH-001 Premium Access

View all detail and faqs for the CEH-001 exam

Go to Exam

796 Students Passed

86% Average Score

93% Same Questions

Viewing page 12 out of 14 pages

Viewing questions 221-240 out of questions

Questions # 221:

Within the context of Computer Security, which of the following statements describes Social Engineering best?

Options:

Social Engineering is the act of publicly disclosing information

Social Engineering is the means put in place by human resource to perform time accounting

Social Engineering is the act of getting needed information from a person rather than breaking into a system

Social Engineering is a training program within sociology studies

Questions # 222:

Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean?

Options:

This response means the port he is scanning is open.

The RST/ACK response means the port Fred is scanning is disabled.

This means the port he is scanning is half open.

This means that the port he is scanning on the host is closed.

Questions # 223:

Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threats, but it does not secure the application from coding errors. It can provide data privacy; integrity and enable strong authentication but it cannot mitigate programming errors. What is a good example of a programming error that Bob can use to explain to the management how encryption will not address all their security concerns?

Options:

Bob can explain that using a weak key management technique is a form of programming error

Bob can explain that using passwords to derive cryptographic keys is a form of a programming error

Bob can explain that a buffer overflow is an example of programming error and it is a common mistake associated with poor programming technique

Bob can explain that a random number generator can be used to derive cryptographic keys but it uses a weak seed value and this is a form of a programming error

Questions # 224:

You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

Options:

Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

"zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

"Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Questions # 225:

John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?

Options:

0xFFFFFFFFFFFF

0xDDDDDDDDDDDD

0xAAAAAAAAAAAA

0xBBBBBBBBBBBB

Questions # 226:

Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

Options:

Take over the session

Reverse sequence prediction

Guess the sequence numbers

Take one of the parties offline

Questions # 227:

Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network.

He receives the following SMS message during the weekend.

Question # 227

An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command.

Which of the following hping2 command is responsible for the above snort alert?

Options:

chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118

chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118

chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118

chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118

Questions # 228:

Take a look at the following attack on a Web Server using obstructed URL:

Question # 228

How would you protect from these attacks?

Options:

Configure the Web Server to deny requests involving "hex encoded" characters

Create rules in IDS to alert on strange Unicode requests

Use SSL authentication on Web Servers

Enable Active Scripts Detection at the firewall and routers

Questions # 229:

How do you defend against MAC attacks on a switch?

Question # 229

Options:

Disable SPAN port on the switch

Enable SNMP Trap on the switch

Configure IP security on the switch

Enable Port Security on the switch

Questions # 230:

You have successfully gained access to a victim's computer using Windows 2003 Server SMB Vulnerability. Which command will you run to disable auditing from the cmd?

Options:

stoplog stoplog ?

EnterPol /nolog

EventViewer o service

auditpol.exe /disable

Questions # 231:

How does a denial-of-service attack work?

Options:

A hacker prevents a legitimate user (or group of users) from accessing a service

A hacker uses every character, word, or letter he or she can think of to defeat authentication

A hacker tries to decipher a password by using a system, which subsequently crashes the network

A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Questions # 232:

Which of the following business challenges could be solved by using a vulnerability scanner?

Options:

Auditors want to discover if all systems are following a standard naming convention.

A web server was compromised and management needs to know if any further systems were compromised.

There is an emergency need to remove administrator access from multiple machines for an employee that quit.

There is a monthly requirement to test corporate compliance with host application usage and security policies.

Questions # 233:

Which of the following does proper basic configuration of snort as a network intrusion detection system require?

Options:

Limit the packets captured to the snort configuration file.

Capture every packet on the network segment.

Limit the packets captured to a single segment.

Limit the packets captured to the /var/log/snort directory.

Questions # 234:

Which of the following is a symmetric cryptographic standard?

Options:

DSA

PKI

RSA

3DES

Questions # 235:

Which of the following examples best represents a logical or technical control?

Options:

Security tokens

Heating and air conditioning

Smoke and fire alarms

Corporate security policy

Questions # 236:

Which of the following cryptography attack methods is usually performed without the use of a computer?

Options:

Ciphertext-only attack

Chosen key attack

Rubber hose attack

Rainbow table attack

Questions # 237:

Which of the following is a component of a risk assessment?

Options:

Physical security

Administrative safeguards

DMZ

Logical interface

Questions # 238:

Advanced encryption standard is an algorithm used for which of the following?

Options:

Data integrity

Key discovery

Bulk data encryption

Key recovery

Questions # 239:

A Network Administrator was recently promoted to Chief Security Officer at a local university. One of employee's new responsibilities is to manage the implementation of an RFID card access system to a new server room on campus. The server room will house student enrollment information that is securely backed up to an off-site location.

During a meeting with an outside consultant, the Chief Security Officer explains that he is concerned that the existing security controls have not been designed properly. Currently, the Network Administrator is responsible for approving and issuing RFID card access to the server room, as well as reviewing the electronic access logs on a weekly basis.

Which of the following is an issue with the situation?

Options:

Segregation of duties

Undue influence

Lack of experience

Inadequate disaster recovery plan

Questions # 240:

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?