GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 451:

  What type of Trojan is this?

  

  A. RAT Trojan
  B. E-Mail Trojan
  C. Defacement Trojan
  D. Destructing Trojan
  E. Denial of Service Trojan
  C. Defacement Trojan

• Question 452:

  An IT security engineer notices that the company's web server is currently being hacked. What should the engineer do next?

  A. Unplug the network connection on the company's web server.
  B. Determine the origin of the attack and launch a counterattack.
  C. Record as much information as possible from the attack.
  D. Perform a system restart on the company's web server.
  C. Record as much information as possible from the attack.

• Question 453:

  Ivan is auditing a corporate website. Using Winhex, he alters a cookie as shown below.

  Before Alteration: Cookie: lang=en-us; ADMIN=no; y=1 ; time=10:30GMT ;

  After Alteration: Cookie: lang=en-us; ADMIN=yes; y=1 ; time=12:30GMT ;

  What attack is being depicted here?

  A. Cookie Stealing
  B. Session Hijacking
  C. Cross Site Scripting
  D. Parameter Manipulation
  D. Parameter Manipulation

• Question 454:

  How do you defend against MAC attacks on a switch?

  

  A. Disable SPAN port on the switch
  B. Enable SNMP Trap on the switch
  C. Configure IP security on the switch
  D. Enable Port Security on the switch
  D. Enable Port Security on the switch

• Question 455:

  What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

  A. Legal, performance, audit
  B. Audit, standards based, regulatory
  C. Contractual, regulatory, industry
  D. Legislative, contractual, standards based
  D. Legislative, contractual, standards based

• Question 456:

  John is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI/ASPX scripts. Moreover, the database detects DDoS

  zombies and Trojans as well.

  What would be the name of this tool?

  A. hping2
  B. nessus
  C. nmap
  D. make
  B. nessus

• Question 457:

  An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.

  A. 2
  B. 256
  C. 512
  D. Over 10, 000
  C. 512

• Question 458:

  You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using ADS streams. How will you accomplish this?

  A. copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt
  B. copy secret.txt c:\windows\system32\tcpip.dll:secret.txt
  C. copy secret.txt c:\windows\system32\tcpip.dll |secret.txt
  D. copy secret.txt >< c:\windows\system32\tcpip.dll kernel secret.txt
  B. copy secret.txt c:\windows\system32\tcpip.dll:secret.txt

• Question 459:

  Which of the following is NOT true of cryptography?

  A. Science of protecting information by encoding it into an unreadable format
  B. Method of storing and transmitting data in a form that only those it is intended for can read and process
  C. Most (if not all) algorithms can be broken by both technical and non-technical means
  D. An effective way of protecting sensitive information in storage but not in transit
  D. An effective way of protecting sensitive information in storage but not in transit

• Question 460:

  Which of the following activities will NOT be considered as passive footprinting?

  A. Go through the rubbish to find out any information that might have been discarded.
  B. Search on financial site such as Yahoo Financial to identify assets.
  C. Scan the range of IP address found in the target DNS database.
  D. Perform multiples queries using a search engine.
  C. Scan the range of IP address found in the target DNS database.