GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 461:

  During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?

  A. The web application does not have the secure flag set.
  B. The session cookies do not have the HttpOnly flag set.
  C. The victim user should not have an endpoint security solution.
  D. The victim's browser must have ActiveX technology enabled.
  B. The session cookies do not have the HttpOnly flag set.

• Question 462:

  What are the three phases involved in security testing?

  A. Reconnaissance, Conduct, Report
  B. Reconnaissance, Scanning, Conclusion
  C. Preparation, Conduct, Conclusion
  D. Preparation, Conduct, Billing
  C. Preparation, Conduct, Conclusion

• Question 463:

  Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity?

  A. CI Gathering
  B. Scanning
  C. Dumpster Diving
  D. Garbage Scooping
  C. Dumpster Diving

• Question 464:

  Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

  A. Microsoft Security Baseline Analyzer
  B. Retina
  C. Core Impact
  D. Microsoft Baseline Security Analyzer
  D. Microsoft Baseline Security Analyzer

• Question 465:

  Data hiding analysis can be useful in

  A. determining the level of encryption used to encrypt the data.
  B. detecting and recovering data that may indicate knowledge, ownership or intent.
  C. identifying the amount of central processing unit (cpu) usage over time to process the data.
  D. preventing a denial of service attack on a set of enterprise servers to prevent users from accessing the data.
  B. detecting and recovering data that may indicate knowledge, ownership or intent.

• Question 466:

  Which of the following are potential attacks on cryptography? (Select 3)

  A. One-Time-Pad Attack
  B. Chosen-Ciphertext Attack
  C. Man-in-the-Middle Attack
  D. Known-Ciphertext Attack
  E. Replay Attack
  B. Chosen-Ciphertext Attack
  C. Man-in-the-Middle Attack
  E. Replay Attack

• Question 467:

  Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security. Maintaining the security of a Web server will usually involve the following steps:

  1.

  Configuring, protecting, and analyzing log files

  2.

  Backing up critical information frequently

  3.

  Maintaining a protected authoritative copy of the organization's Web content

  4.

  Establishing and following procedures for recovering from compromise

  5.

  Testing and applying patches in a timely manner

  6.

  Testing security periodically.

  In which step would you engage a forensic investigator?

  A. 1
  B. 2
  C. 3
  D. 4
  E. 5
  F. 6
  D. 4

• Question 468:

  Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

  A. To create a denial of service attack.
  B. To verify information about the mail administrator and his address.
  C. To gather information about internal hosts used in email treatment.
  D. To gather information about procedures that are in place to deal with such messages.
  C. To gather information about internal hosts used in email treatment.

• Question 469:

  Blake is in charge of securing all 20 of his company's servers. He has enabled hardware and software firewalls, hardened the operating systems, and disabled all unnecessary services on all the servers. Unfortunately, there is proprietary AS400 emulation software that must run on one of the servers that requires the telnet service to function properly. Blake is especially concerned about this since telnet can be a very large security risk in an organization. Blake is concerned about how this particular server might look to an outside attacker so he decides to perform some footprinting, scanning, and penetration tests on the server. Blake telnets into the server using Port 80 and types in the following command:

  HEAD / HTTP/1.0

  After pressing enter twice, Blake gets the following results: What has Blake just accomplished?

  

  A. Downloaded a file to his local computer
  B. Submitted a remote command to crash the server
  C. Poisoned the local DNS cache of the server
  D. Grabbed the Operating System banner
  D. Grabbed the Operating System banner

• Question 470:

  Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the

  following command.

  For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator" %%a

  What is Eve trying to do?

  A. Eve is trying to connect as an user with Administrator privileges
  B. Eve is trying to enumerate all users with Administrative privileges
  C. Eve is trying to carry out a password crack for user Administrator
  D. Eve is trying to escalate privilege of the null user to that of Administrator
  C. Eve is trying to carry out a password crack for user Administrator