GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 141:

  Lori was performing an audit of her company's internal Sharepoint pages when she came across the following codE. What is the purpose of this code?

  

  A. This JavaScript code will use a Web Bug to send information back to another server.
  B. This code snippet will send a message to a server at 192.154.124.55 whenever the "escape" key is pressed.
  C. This code will log all keystrokes.
  D. This bit of JavaScript code will place a specific image on every page of the RSS feed.
  C. This code will log all keystrokes.

• Question 142:

  Frederickson Security Consultants is currently conducting a security audit on the networks of Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises conducts business daily with the federal government, they must abide by very stringent security policies. Frederickson is testing all of Hawthorn's physical and logical security measures including biometrics, passwords, and permissions. The federal government requires that all users must utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson has confirmed that all Hawthorn employees use a random password generator for their network passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn's servers using Pwdump6 and are going to try and crack the network passwords. What method of attack is best suited to crack these passwords in the shortest amount of time?

  A. Brute force attack
  B. Birthday attack
  C. Dictionary attack
  D. Brute service attack
  A. Brute force attack

• Question 143:

  Fingerprinting an Operating System helps a cracker because:

  A. It defines exactly what software you have installed
  B. It opens a security-delayed window based on the port being scanned
  C. It doesn't depend on the patches that have been applied to fix existing security holes
  D. It informs the cracker of which vulnerabilities he may be able to exploit on your system
  D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

• Question 144:

  The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106: Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:21 Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP What type of activity has been logged?

  A. Port scan targeting 192.168.1.103
  B. Teardrop attack targeting 192.168.1.106
  C. Denial of service attack targeting 192.168.1.103
  D. Port scan targeting 192.168.1.106
  D. Port scan targeting 192.168.1.106

• Question 145:

  Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?

  A. CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide.
  B. CSIRT provides a computer security surveillance service to supply a government with important intelligence information on individuals travelling abroad.
  C. CSIRT provides a penetration testing service to support exception reporting on incidents worldwide by individuals and multi-national corporations.
  D. CSIRT provides a vulnerability assessment service to assist law enforcement agencies with profiling an individual's property or company's asset.
  A. CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide.

• Question 146:

  Why would an attacker want to perform a scan on port 137?

  A. To discover proxy servers on a network
  B. To disrupt the NetBIOS SMB service on the target host
  C. To check for file and print sharing on Windows systems
  D. To discover information about a target host using NBTSTAT
  D. To discover information about a target host using NBTSTAT

• Question 147:

  Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

  A. Jimmy can submit user input that executes an operating system command to compromise a target system
  B. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access
  C. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database
  D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system
  D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

• Question 148:

  What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

  A. Use fragmented IP packets
  B. Spoof your IP address when launching attacks and sniff responses from the server
  C. Overload the IDS with Junk traffic to mask your scan
  D. Use source routing (if possible)
  E. Connect to proxy servers or compromised Trojaned machines to launch attacks
  A. Use fragmented IP packets
  B. Spoof your IP address when launching attacks and sniff responses from the server
  D. Use source routing (if possible)
  E. Connect to proxy servers or compromised Trojaned machines to launch attacks

• Question 149:

  Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)

  A. Install DNS logger and track vulnerable packets
  B. Disable DNS timeouts
  C. Install DNS Anti-spoofing
  D. Disable DNS Zone Transfer
  C. Install DNS Anti-spoofing

• Question 150:

  A POP3 client contacts the POP3 server:

  A. To send mail
  B. To receive mail
  C. to send and receive mail
  D. to get the address to send mail to
  E. initiate a UDP SMTP connection to read mail
  B. To receive mail