Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GAQM Certified Ethical Hacker CEH CEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam CEH-001 Premium Access

View all detail and faqs for the CEH-001 exam

Go to Exam

796 Students Passed

86% Average Score

93% Same Questions
Viewing page 3 out of 14 pages
Viewing questions 41-60 out of questions
Questions # 41:

Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a 32-bit address to a 48-bit address?

Options:

A.

ICPM

B.

ARP

C.

RARP

D.

ICMP

Questions # 42:

Bluetooth uses which digital modulation technique to exchange information between paired devices?

Options:

A.

PSK (phase-shift keying)

B.

FSK (frequency-shift keying)

C.

ASK (amplitude-shift keying)

D.

QAM (quadrature amplitude modulation)

Questions # 43:

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

Options:

A.

Recipient's private key

B.

Recipient's public key

C.

Master encryption key

D.

Sender's public key

Questions # 44:

Smart cards use which protocol to transfer the certificate in a secure manner?

Options:

A.

Extensible Authentication Protocol (EAP)

B.

Point to Point Protocol (PPP)

C.

Point to Point Tunneling Protocol (PPTP)

D.

Layer 2 Tunneling Protocol (L2TP)

Questions # 45:

What is the outcome of the comm”nc -l -p 2222 | nc 10.1.0.43 1234"?

Options:

A.

Netcat will listen on the 10.1.0.43 interface for 1234 seconds on port 2222.

B.

Netcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43 port 1234.

C.

Netcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.

D.

Netcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

Questions # 46:

Which command line switch would be used in NMAP to perform operating system detection?

Options:

A.

-OS

B.

-sO

C.

-sP

D.

-O

Questions # 47:

Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?

Options:

A.

Regulatory compliance

B.

Peer review

C.

Change management

D.

Penetration testing

Questions # 48:

While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web sitE.

<script>alert(" Testing Testing Testing ")</script>

Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?

Options:

A.

Buffer overflow

B.

Cross-site request forgery

C.

Distributed denial of service

D.

Cross-site scripting

Questions # 49:

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

Options:

A.

Network tap

B.

Layer 3 switch

C.

Network bridge

D.

Application firewall

Questions # 50:

How do employers protect assets with security policies pertaining to employee surveillance activities?

Options:

A.

Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness.

B.

Employers use informal verbal communication channels to explain employee monitoring activities to employees.

C.

Employers use network surveillance to monitor employee email traffic, network access, and to record employee keystrokes.

D.

Employers provide employees written statements that clearly discuss the boundaries of monitoring activities and consequences.

Questions # 51:

The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

Options:

A.

Investigate based on the maintenance schedule of the affected systems.

B.

Investigate based on the service level agreements of the systems.

C.

Investigate based on the potential effect of the incident.

D.

Investigate based on the order that the alerts arrived in.

Questions # 52:

Which of the following is a detective control?

Options:

A.

Smart card authentication

B.

Security policy

C.

Audit trail

D.

Continuity of operations plan

Questions # 53:

A security administrator notices that the log file of the company`s webserver contains suspicious entries:

Question # 53

Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

Options:

A.

command injection.

B.

SQL injection.

C.

directory traversal.

D.

LDAP injection.

Questions # 54:

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?

Options:

A.

False positive

B.

False negative

C.

True positve

D.

True negative

Questions # 55:

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

Options:

A.

Set a BIOS password.

B.

Encrypt the data on the hard drive.

C.

Use a strong logon password to the operating system.

D.

Back up everything on the laptop and store the backup in a safe place.

Questions # 56:

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

Options:

A.

Passive

B.

Reflective

C.

Active

D.

Distributive

Questions # 57:

A security policy will be more accepted by employees if it is consistent and has the support of

Options:

A.

coworkers.

B.

executive management.

C.

the security officer.

D.

a supervisor.

Questions # 58:

What is a successful method for protecting a router from potential smurf attacks?

Options:

A.

Placing the router in broadcast mode

B.

Enabling port forwarding on the router

C.

Installing the router outside of the network's firewall

D.

Disabling the router from accepting broadcast ping messages

Questions # 59:

Which of the following is an example of IP spoofing?

Options:

A.

SQL injections

B.

Man-in-the-middle

C.

Cross-site scripting

D.

ARP poisoning

Questions # 60:

How can rainbow tables be defeated?

Options:

A.

Password salting

B.

Use of non-dictionary words

C.

All uppercase character passwords

D.

Lockout accounts under brute force password cracking attempts

Viewing page 3 out of 14 pages
Viewing questions 41-60 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PCNSE
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA