GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 721:

  John runs a Web server, IDS and firewall on his network. Recently his Web server has been under constant hacking attacks. He looks up the IDS log files and sees no intrusion attempts but the Web server constantly locks up and needs rebooting due to various brute force and buffer overflow attacks but still the IDS alerts no intrusion whatsoever. John becomes suspicious and views the Firewall logs and he notices huge SSL connections constantly hitting his Web server. Hackers have been using the encrypted HTTPS protocol to send exploits to the Web server and that was the reason the IDS did not detect the intrusions. How would John protect his network from these types of attacks?

  A. Install a proxy server and terminate SSL at the proxy
  B. Enable the IDS to filter encrypted HTTPS traffic
  C. Install a hardware SSL "accelerator" and terminate SSL at this layer
  D. Enable the Firewall to filter encrypted HTTPS traffic
  A. Install a proxy server and terminate SSL at the proxy
  C. Install a hardware SSL "accelerator" and terminate SSL at this layer

• Question 722:

  "Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.

  A. Vulnerability Scanning
  B. Penetration Testing
  C. Security Policy Implementation
  D. Designing Network Security
  B. Penetration Testing

• Question 723:

  Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

  A. DataThief
  B. NetCat
  C. Cain and Abel
  D. SQLInjector
  D. SQLInjector

• Question 724:

  What do you call a system where users need to remember only one username and password, and be authenticated for multiple services?

  A. Simple Sign-on
  B. Unique Sign-on
  C. Single Sign-on
  D. Digital Certificate
  C. Single Sign-on

• Question 725:

  Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob have to take in order to successfully implement this? (Select 2 answer.)

  A. Train users in the new policy.
  B. Disable all wireless protocols at the firewall.
  C. Disable SNMP on the network so that wireless devices cannot be configured.
  D. Continuously survey the area for wireless devices.
  A. Train users in the new policy.
  D. Continuously survey the area for wireless devices.

• Question 726:

  Exhibit

  

  Joe Hacker runs the hping2 hacking tool to predict the target host's sequence numbers in one of the hacking session. What does the first and second column mean? Select two.

  A. The first column reports the sequence number
  B. The second column reports the difference between the current and last sequence number
  C. The second column reports the next sequence number
  D. The first column reports the difference between current and last sequence number
  A. The first column reports the sequence number
  B. The second column reports the difference between the current and last sequence number

• Question 727:

  Which of the following statements about a zone transfer correct?(Choose three.

  A. A zone transfer is accomplished with the DNS
  B. A zone transfer is accomplished with the nslookup service
  C. A zone transfer passes all zone information that a DNS server maintains
  D. A zone transfer passes all zone information that a nslookup server maintains
  E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
  F. Zone transfers cannot occur on the Internet
  A. A zone transfer is accomplished with the DNS
  C. A zone transfer passes all zone information that a DNS server maintains
  E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections

• Question 728:

  A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?

  A. white box
  B. grey box
  C. red box
  D. black box
  D. black box

• Question 729:

  In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive - though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

  A. Full Blown Attack
  B. Thorough Attack
  C. Hybrid Attack
  D. BruteDict Attack
  C. Hybrid Attack

• Question 730:

  Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored? (Choose the best answer)

  A. symmetric algorithms
  B. asymmetric algorithms
  C. hashing algorithms
  D. integrity algorithms
  C. hashing algorithms