You work as security technician at XYZ.com. While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which of the processes listed below would be a more efficient way of doing this type of validation?
A. Use mget to download all pages locally for further inspection.
B. Use wget to download all pages locally for further inspection.
C. Use get* to download all pages locally for further inspection.
D. Use get() to download all pages locally for further inspection.
Bart is looking for a Windows NT/2000/XP command-line tool that can be used to assign, display, or modify ACL's (access control lists) to files or folders and also one that can be used within batch files. Which of the following tools can be used for that purpose? (Choose the best answer)
A. PERM.exe
B. CACLS.exe
C. CLACS.exe
D. NTPERM.exe
Which of the following buffer overflow exploits are related to Microsoft IIS web server? (Choose three)
A. Internet Printing Protocol (IPP) buffer overflow
B. Code Red Worm
C. Indexing services ISAPI extension buffer overflow
D. NeXT buffer overflow
On a default installation of Microsoft IIS web server, under which privilege does the web server software execute?
A. Everyone
B. Guest
C. System
D. Administrator
You are gathering competitive intelligence on XYZ.com. You notice that they have jobs listed on a few Internet job-hunting sites. There are two job postings for network and system administrators. How can this help you in footprint the organization?
A. The IP range used by the target network
B. An understanding of the number of employees in the company
C. How strong the corporate security policy is
D. The types of operating systems and applications being used.
What are the three phases involved in security testing?
A. Reconnaissance, Conduct, Report
B. Reconnaissance, Scanning, Conclusion
C. Preparation, Conduct, Conclusion
D. Preparation, Conduct, Billing
You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 Server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permission. You need to know what your current privileges are within the shell. Which of the following options would be your current privileges?
A. Administrator
B. IUSR_COMPUTERNAME
C. LOCAL_SYSTEM
D. Whatever account IIS was installed with
You wish to determine the operating system and type of web server being used. At the same time you wish to arouse no suspicion within the target organization.
While some of the methods listed below work, which holds the least risk of detection?
A. Make some phone calls and attempt to retrieve the information using social engineering.
B. Use nmap in paranoid mode and scan the web server.
C. Telnet to the web server and issue commands to illicit a response.
D. Use the netcraft web site look for the target organization's web site.
Which of the following attacks takes best advantage of an existing authenticated connection?
A. Spoofing
B. Session Hijacking
C. Password Sniffing
D. Password Guessing
Tess King is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?
A. Basic authentication is broken
B. The password is never sent in clear text over the network
C. The password sent in clear text over the network is never reused.
D. It is based on Kerberos authentication protocol
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.