GAQM GAQM Certifications CEH-001 Questions & Answers

• Question 321:

  Use the traceroute results shown above to answer the following question:

  

  The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.

  A. True

  B. False

  Correct Answer: A

• Question 322:

  While attempting to discover the remote operating system on the target computer, you receive the following results from an nmap scan:

  

  Remote operating system guess: Too many signatures match to reliably guess the OS.

  Nmap run completed -- 1 IP address (1 host up) scanned in 277.483 seconds

  What should be your next step to identify the OS?

  A. Perform a firewalk with that system as the target IP

  B. Perform a tcp traceroute to the system using port 53

  C. Run an nmap scan with the -v-v option to give a better output

  D. Connect to the active services and review the banner information

  Correct Answer: D

• Question 323:

  What ICMP message types are used by the ping command?

  A. Timestamp request (13) and timestamp reply (14)

  B. Echo request (8) and Echo reply (0)

  C. Echo request (0) and Echo reply (1)

  D. Ping request (1) and Ping reply (2)

  Correct Answer: B

• Question 324:

  Which of the following systems would not respond correctly to an nmap XMAS scan?

  A. Windows 2000 Server running IIS 5

  B. Any Solaris version running SAMBA Server

  C. Any version of IRIX

  D. RedHat Linux 8.0 running Apache Web Server

  Correct Answer: A

• Question 325:

  Because UDP is a connectionless protocol: (Select 2)

  A. UDP recvfrom() and write() scanning will yield reliable results

  B. It can only be used for Connect scans

  C. It can only be used for SYN scans

  D. There is no guarantee that the UDP packets will arrive at their destination

  E. ICMP port unreachable messages may not be returned successfully

  Correct Answer: DE

• Question 326:

  What port scanning method is the most reliable but also the most detectable?

  A. Null Scanning

  B. Connect Scanning

  C. ICMP Scanning

  D. Idlescan Scanning

  E. Half Scanning

  F. Verbose Scanning

  Correct Answer: B

• Question 327:

  What does an ICMP (Code 13) message normally indicates?

  A. It indicates that the destination host is unreachable

  B. It indicates to the host that the datagram which triggered the source quench message will need to be re-sent

  C. It indicates that the packet has been administratively dropped in transit

  D. It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination

  Correct Answer: C

• Question 328:

  An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified: 21 ftp

  23 telnet

  80 http

  443 https

  What does this suggest?

  A. This is a Windows Domain Controller

  B. The host is not firewalled

  C. The host is not a Linux or Solaris system

  D. The host is not properly patched

  Correct Answer: C

• Question 329:

  What port scanning method involves sending spoofed packets to a target system and then looking for adjustments to the IPID on a zombie system?

  A. Blind Port Scanning

  B. Idle Scanning

  C. Bounce Scanning

  D. Stealth Scanning

  E. UDP Scanning

  Correct Answer: B

• Question 330:

  John has scanned the web server with NMAP. However, he could not gather enough information to help him identify the operating system running on the remote host accurately.

  What would you suggest to John to help identify the OS that is being used on the remote web server?

  A. Connect to the web server with a browser and look at the web page.

  B. Connect to the web server with an FTP client.

  C. Telnet to port 8080 on the web server and look at the default page code.

  D. Telnet to an open port and grab the banner.

  Correct Answer: D