GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 681:

  Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

  Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

  The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

  

  What is the risk of installing Fake AntiVirus?

  A. Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums
  B. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker
  C. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk
  D. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network
  B. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

• Question 682:

  Blane is a network security analyst for his company. From an outside IP, Blane performs an XMAS scan using Nmap. Almost every port scanned does not illicit a response. What can he infer from this kind of response?

  A. These ports are open because they do not illicit a response.
  B. He can tell that these ports are in stealth mode.
  C. If a port does not respond to an XMAS scan using NMAP, that port is closed.
  D. The scan was not performed correctly using NMAP since all ports, no matter what their state, will illicit some sort of response from an XMAS scan.
  A. These ports are open because they do not illicit a response.

• Question 683:

  Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?

  A. Regulatory compliance
  B. Peer review
  C. Change management
  D. Penetration testing
  C. Change management

• Question 684:

  A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

  A. The gateway is not routing to a public IP address.
  B. The computer is using an invalid IP address.
  C. The gateway and the computer are not on the same network.
  D. The computer is not using a private IP address.
  A. The gateway is not routing to a public IP address.

• Question 685:

  Once an intruder has gained access to a remote system with a valid username and password, the attacker will attempt to increase his privileges by escalating the used account to one that has increased privileges. such as that of an administrator. What would be the best countermeasure to protect against escalation of priveges?

  A. Give users tokens
  B. Give user the least amount of privileges
  C. Give users two passwords
  D. Give users a strong policy document
  B. Give user the least amount of privileges

• Question 686:

  Which of the following statements are true regarding N-tier architecture? (Choose two.)

  A. Each layer must be able to exist on a physically independent system.
  B. The N-tier architecture must have at least one logical layer.
  C. Each layer should exchange information only with the layers above and below it.
  D. When a layer is changed or updated, the other layers must also be recompiled or modified.
  A. Each layer must be able to exist on a physically independent system.
  C. Each layer should exchange information only with the layers above and below it.

• Question 687:

  Which of the following lists are valid data-gathering activities associated with a risk assessment?

  A. Threat identification, vulnerability identification, control analysis
  B. Threat identification, response identification, mitigation identification
  C. Attack profile, defense profile, loss profile
  D. System profile, vulnerability identification, security determination
  A. Threat identification, vulnerability identification, control analysis

• Question 688:

  What is the main difference between a "Normal" SQL Injection and a "Blind" SQL Injection vulnerability?

  A. The request to the web server is not visible to the administrator of the vulnerable application.
  B. The attack is called "Blind" because, although the application properly filters user input, it is still vulnerable to code injection.
  C. The successful attack does not show an error message to the administrator of the affected application.
  D. The vulnerable application does not display errors with information about the injection results to the attacker.
  D. The vulnerable application does not display errors with information about the injection results to the attacker.

• Question 689:

  Which of the following is an application that requires a host application for replication?

  A. Micro
  B. Worm
  C. Trojan
  D. Virus
  D. Virus

• Question 690:

  E-mail tracking is a method to monitor and spy the delivered e-mails to the intended recipient.

  

  Select a feature, which you will NOT be able to accomplish with this probe?

  A. When the e-mail was received and read
  B. Send destructive e-mails
  C. GPS location and map of the recipient
  D. Time spent on reading the e-mails
  E. Whether or not the recipient visited any links sent to them
  F. Track PDF and other types of attachments
  G. Set messages to expire after specified time
  H. Remote control the User's E-mail client application and hijack the traffic
  H. Remote control the User's E-mail client application and hijack the traffic