GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 301:

  A security administrator notices that the log file of the company`s webserver contains suspicious entries:

  

  Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

  A. command injection.
  B. SQL injection.
  C. directory traversal.
  D. LDAP injection.
  B. SQL injection.

• Question 302:

  Vulnerability mapping occurs after which phase of a penetration test?

  A. Host scanning
  B. Passive information gathering
  C. Analysis of host scanning
  D. Network level discovery
  C. Analysis of host scanning

• Question 303:

  A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?

  A. Paros Proxy
  B. BBProxy
  C. BBCrack
  D. Blooover
  B. BBProxy

• Question 304:

  What is the tool Firewalk used for?

  A. To test the IDS for proper operation
  B. To test a firewall for proper operation
  C. To determine what rules are in place for a firewall
  D. To test the webserver configuration
  E. Firewalk is a firewall auto configuration tool
  C. To determine what rules are in place for a firewall

• Question 305:

  Lori is a Certified Ethical Hacker as well as a Certified Hacking Forensics Investigator working as an IT security consultant. Lori has been hired on by Kiley Innovators, a large marketing firm that recently underwent a string of thefts and corporate espionage incidents. Lori is told that a rival marketing company came out with an exact duplicate product right before Kiley Innovators was about to release it. The executive team believes that an employee is leaking information to the rival company. Lori questions all employees, reviews server logs, and firewall logs; after which she finds nothing. Lori is then given permission to search through the corporate email system. She searches by email being sent to and sent from the rival marketing company. She finds one employee that appears to be sending very large email to this other marketing company, even though they should have no reason to be communicating with them. Lori tracks down the actual emails sent and upon opening them, only finds picture files attached to them. These files seem perfectly harmless, usually containing some kind of joke. Lori decides to use some special software to further examine the pictures and finds that each one had hidden text that was stored in each picture.

  What technique was used by the Kiley Innovators employee to send information to the rival marketing company?

  A. The Kiley Innovators employee used cryptography to hide the information in the emails sent
  B. The method used by the employee to hide the information was logical watermarking
  C. The employee used steganography to hide information in the picture attachments
  D. By using the pictures to hide information, the employee utilized picture fuzzing
  C. The employee used steganography to hide information in the picture attachments

• Question 306:

  Which are true statements concerning the BugBear and Pretty Park worms?

  Select the best answers.

  A. Both programs use email to do their work.
  B. Pretty Park propagates via network shares and email
  C. BugBear propagates via network shares and email
  D. Pretty Park tries to connect to an IRC server to send your personal passwords.
  E. Pretty Park can terminate anti-virus applications that might be running to bypass them.
  A. Both programs use email to do their work.
  C. BugBear propagates via network shares and email
  D. Pretty Park tries to connect to an IRC server to send your personal passwords.

• Question 307:

  You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

  A. To learn about the IP range used by the target network
  B. To identify the number of employees working for the company
  C. To test the limits of the corporate security policy enforced in the company
  D. To learn about the operating systems, services and applications used on the network
  D. To learn about the operating systems, services and applications used on the network

• Question 308:

  Which of the following are valid types of rootkits? (Choose three.)

  A. Hypervisor level
  B. Network level
  C. Kernel level
  D. Application level
  E. Physical level
  F. Data access level
  A. Hypervisor level
  C. Kernel level
  D. Application level

• Question 309:

  You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of which protocols are being used. You need to discover as many different protocols as possible.

  Which kind of scan would you use to achieve this? (Choose the best answer)

  A. Nessus scan with TCP based pings.
  B. Nmap scan with the P (Ping scan) switch.
  C. Netcat scan with the switches.
  D. Nmap with the O (Raw IP packets) switch.
  D. Nmap with the O (Raw IP packets) switch.

• Question 310:

  Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

  A. Sarbanes-Oxley Act (SOX)
  B. Gramm-Leach-Bliley Act (GLBA)
  C. Fair and Accurate Credit Transactions Act (FACTA)
  D. Federal Information Security Management Act (FISMA)
  A. Sarbanes-Oxley Act (SOX)