Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
GAQM
Certified Ethical Hacker CEH
CEH-001
Certified Ethical Hacker (CEH) Questions and Answers

Pass the GAQM Certified Ethical Hacker CEH CEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CEH-001 Premium Access

View all detail and faqs for the CEH-001 exam

Go to Exam

796 Students Passed

86% Average Score

93% Same Questions

Viewing page 13 out of 14 pages

Viewing questions 241-260 out of questions

Questions # 241:

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

Options:

Netsh firewall show config

WMIC firewall show config

Net firewall show config

Ipconfig firewall show config

Answer

Questions # 242:

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

Options:

Teardrop

SYN flood

Smurf attack

Ping of death

Answer

Questions # 243:

If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this secret entry point known as?

Options:

SDLC process

Honey pot

SQL injection

Trap door

Answer

Questions # 244:

The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

Options:

An extensible security framework named COBIT

A list of flaws and how to fix them

Web application patches

A security certification for hardened web applications

Answer

Questions # 245:

What are common signs that a system has been compromised or hacked? (Choose three.)

Options:

Increased amount of failed logon events

Patterns in time gaps in system and/or event logs

New user accounts created

Consistency in usage baselines

Partitions are encrypted

Server hard drives become fragmented

Answer

A, B, C

Questions # 246:

What are the three types of authentication?

Options:

Something you: know, remember, prove

Something you: have, know, are

Something you: show, prove, are

Something you: show, have, prove

Answer

Questions # 247:

What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?

Options:

A stealth scan, opening port 123 and 153

A stealth scan, checking open ports 123 to 153

A stealth scan, checking all open ports excluding ports 123 to 153

A stealth scan, determine operating system, and scanning ports 123 to 153

Answer

Questions # 248:

Which property ensures that a hash function will not produce the same hashed value for two different messages?

Options:

Collision resistance

Bit length

Key strength

Entropy

Answer

Questions # 249:

Which of the following is a client-server tool utilized to evade firewall inspection?

Options:

tcp-over-dns

kismet

nikto

hping

Answer

Questions # 250:

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

Options:

64 bit and CCMP

128 bit and CRC

128 bit and CCMP

128 bit and TKIP

Answer

Questions # 251:

Fingerprinting VPN firewalls is possible with which of the following tools?

Options:

Angry IP

Nikto

Ike-scan

Arp-scan

Answer

Questions # 252:

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

Options:

MD5

SHA-1

RC4

MD4

Answer

Questions # 253:

Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?

Options:

Poly key exchange

Cross certification

Poly key reference

Cross-site exchange

Answer

Questions # 254:

A botnet can be managed through which of the following?

Options:

IRC

E-Mail

Linkedin and Facebook

A vulnerable FTP server

Answer

Questions # 255:

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

Options:

Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.

To get messaging programs to function with this algorithm requires complex configurations.

It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

Answer

Questions # 256:

Which statement best describes a server type under an N-tier architecture?

Options:

A group of servers at a specific layer

A single server with a specific role

A group of servers with a unique role

A single server at a specific layer

Answer

Questions # 257:

Which of the following techniques does a vulnerability scanner use in order to detect a vulnerability on a target service?

Options:

Port scanning

Banner grabbing

Injecting arbitrary data

Analyzing service response

Answer

Questions # 258:

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?