After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem?
A. Install pactehs
B. Setup a backdoor
C. Cover your tracks
D. Install a zombie for DDOS
You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts.
Which of the following commands accomplish this?
A. Machine A #yes AAAAAAAAAAAAAAAAAAAAAA | nc 2222 > /dev/null Machine B #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 > /dev/null
B. Machine A cat somefile | nc 2222 Machine B cat somefile | nc othermachine 2222
C. Machine A nc 1234 | uncompress | tar xvfp Machine B tar cfp - /some/dir | compress | nc 3 machinea 1234
D. Machine A while true : do nc 6000 machineb 2 Machine B while true ; do nc 6000 machinea 2 done
Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?
A. Spoof Attack
B. Smurf Attack
C. Man inthe Middle Attack
D. Trojan Horse Attack
E. Back Orifice Attack
What is a Trojan Horse?
A. A malicious program that captures your username and password
B. Malicious code masquerading as or replacing legitimate code
C. An unauthorized user who gains access to your user database and adds themselves as a user
D. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity
In the following example, which of these is the "exploit"?
Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites.
Select the best answer.
A. Microsoft Corporation is the exploit.
B. The security "hole" in the product is the exploit.
C. Windows 2003 Server
D. The exploit is the hacker that would use this vulnerability.
E. The documented method of how to use the vulnerability to gain unprivileged access.
You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where?
Select the best answer.
A. %windir%\\etc\\services
B. system32\\drivers\\etc\\services
C. %windir%\\system32\\drivers\\etc\\services
D. /etc/services
E. %windir%/system32/drivers/etc/services
One of your junior administrator is concerned with Windows LM hashes and password cracking. In your discussion with them, which of the following are true statements that you would point out?
Select the best answers.
A. John the Ripper can be used to crack a variety of passwords, but one limitation is that the output doesn't show if the password is upper or lower case.
B. BY using NTLMV1, you have implemented an effective countermeasure to password cracking.
C. SYSKEY is an effective countermeasure.
D. If a Windows LM password is 7 characters or less, the hash will be passed with the following characters, in HEX- 00112233445566778899.
E. Enforcing Windows complex passwords is an effective countermeasure.
_____ is the process of converting something from one representation to the simplest form. It deals with the way in which systems convert data from one form to another.
A. Canonicalization
B. Character Mapping
C. Character Encoding
D. UCS transformation formats
Which type of attack is port scanning?
A. Web server attack
B. Information gathering
C. Unauthorized access
D. Denial of service attack
LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP?
A. Stop the LM service in Windows XP
B. Disable LSASS service in Windows XP
C. Disable LM authentication in the registry
D. Download and install LMSHUT.EXE tool from Microsoft website
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.