Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GAQM Certified Ethical Hacker CEH CEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CEH-001 Premium Access

View all detail and faqs for the CEH-001 exam

Go to Exam

796 Students Passed

86% Average Score

93% Same Questions

Viewing page 5 out of 14 pages

Viewing questions 81-100 out of questions

Questions # 81:

A company has made the decision to host their own email and basic web services. The administrator needs to set up the external firewall to limit what protocols should be allowed to get to the public part of the company's network. Which ports should the administrator open? (Choose three.)

Questions # 82:

You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?

Question # 82

Options:

Ping packets cannot bypass firewalls

You must use ping 10.2.3.4 switch

Hping2 uses stealth TCP packets to connect

Hping2 uses TCP instead of ICMP by default

Questions # 83:

Which of the following are valid types of rootkits? (Choose three.)

Options:

Hypervisor level

Network level

Kernel level

Application level

Physical level

Data access level

Questions # 84:

Which of the following are password cracking tools? (Choose three.)

Questions # 85:

Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?

Options:

Neil has used a tailgating social engineering attack to gain access to the offices

He has used a piggybacking technique to gain unauthorized access

This type of social engineering attack is called man trapping

Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics

Questions # 86:

Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide?

Options:

Incident response services to any user, company, government agency, or organization in partnership with the Department of Homeland Security

Maintenance of the nation’s Internet infrastructure, builds out new Internet infrastructure, and decommissions old Internet infrastructure

Registration of critical penetration testing for the Department of Homeland Security and public and private sectors

Measurement of key vulnerability assessments on behalf of the Department of Defense (DOD) and State Department, as well as private sectors

Questions # 87:

An attacker is attempting to telnet into a corporation's system in the DMZ. The attacker doesn't want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?

Options:

The firewall is blocking port 23 to that system

He needs to use an automated tool to telnet in

He cannot spoof his IP and successfully use TCP

He is attacking an operating system that does not reply to telnet even when open

Questions # 88:

What command would you type to OS fingerprint a server using the command line?

Question # 88

Options:

Option A

Option B

Option C

Option D

Questions # 89:

Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to the network? (Choose three.)

Options:

Port Security

IPSec Encryption

Network Admission Control (NAC)

802.1q Port Based Authentication

802.1x Port Based Authentication

Intrusion Detection System (IDS)

Questions # 90:

How do you defend against ARP Poisoning attack? (Select 2 answers)

Question # 90

Options:

Enable DHCP Snooping Binding Table

Restrict ARP Duplicates

Enable Dynamic ARP Inspection

Enable MAC snooping Table

Questions # 91:

What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

Options:

Scripting languages are hard to learn.

Scripting languages are not object-oriented.

Scripting languages cannot be used to create graphical user interfaces.

Scripting languages are slower because they require an interpreter to run the code.

Questions # 92:

Kevin is an IT security analyst working for Emerson Time Makers, a watch manufacturing company in Miami. Kevin and his girlfriend Katy recently broke up after a big fight. Kevin believes that she was seeing another person. Kevin, who has an online email account that he uses for most of his mail, knows that Katy has an account with that same company. Kevin logs into his email account online and gets the following URL after successfully logged in: http://www.youremailhere.com/mail.asp?mailbox=Kevin &Smith=121%22 Kevin changes the URL to: http://www.youremailhere.com/mail.asp?mailbox=Katy &Sanchez=121%22 Kevin is trying to access her email account to see if he can find out any information. What is Kevin attempting here to gain access to Katy's mailbox?

Options:

This type of attempt is called URL obfuscation when someone manually changes a URL to try and gain unauthorized access

By changing the mailbox's name in the URL, Kevin is attempting directory transversal

Kevin is trying to utilize query string manipulation to gain access to her email account

He is attempting a path-string attack to gain access to her mailbox

Questions # 93:

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

Options:

Drops the packet and moves on to the next one

Continues to evaluate the packet until all rules are checked

Stops checking rules, sends an alert, and lets the packet continue

Blocks the connection with the source IP address in the packet

Questions # 94:

The SNMP Read-Only Community String is like a password. The string is sent along with each SNMP Get-Request and allows (or denies) access to a device. Most network vendors ship their equipment with a default password of "public". This is the so-called "default public community string". How would you keep intruders from getting sensitive information regarding the network devices using SNMP? (Select 2 answers)

Options:

Enable SNMPv3 which encrypts username/password authentication

Use your company name as the public community string replacing the default 'public'

Enable IP filtering to limit access to SNMP device

The default configuration provided by device vendors is highly secure and you don't need to change anything

Questions # 95:

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

Options:

The victim user must open the malicious link with an Internet Explorer prior to version 8.

The session cookies generated by the application do not have the HttpOnly flag set.

The victim user must open the malicious link with a Firefox prior to version 3.

The web application should not use random tokens.

Questions # 96:

You are writing security policy that hardens and prevents Footprinting attempt by Hackers. Which of the following countermeasures will NOT be effective against this attack?

Options:

Configure routers to restrict the responses to Footprinting requests

Configure Web Servers to avoid information leakage and disable unwanted protocols

Lock the ports with suitable Firewall configuration

Use an IDS that can be configured to refuse suspicious traffic and pick up Footprinting patterns

Evaluate the information before publishing it on the Website/Intranet

Monitor every employee computer with Spy cameras, keyloggers and spy on them

Perform Footprinting techniques and remove any sensitive information found on DMZ sites

Questions # 97:

WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. How will you stop web spiders from crawling certain directories on your website?

Options:

Place robots.txt file in the root of your website with listing of directories that you don't want to be crawled

Place authentication on root directories that will prevent crawling from these spiders

Enable SSL on the restricted directories which will block these spiders from crawling

Place "HTTP:NO CRAWL" on the html pages that you don't want the crawlers to index

Questions # 98:

Which tool would be used to collect wireless packet data?

Options:

NetStumbler

John the Ripper

Nessus

Netcat

Questions # 99:

You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session.

Here is the captured data in tcpdump.

Question # 99