Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM CEH-001 - Certified Ethical Hacker (CEH)

GAQM CEH-001 Premium Access     Download Demo    
Page: 12 / 14
Total 878 questions

A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

Untrust (Internet) – (Remote network = 217.77.88.0/24)

DMZ (DMZ) – (11.12.13.0/24)

Trust (Intranet) – (192.168.0.0/24)

The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?

A.

Permit 217.77.88.0/24 11.12.13.0/24 RDP 3389

B.

Permit 217.77.88.12 11.12.13.50 RDP 3389

C.

Permit 217.77.88.12 11.12.13.0/24 RDP 3389

D.

Permit 217.77.88.0/24 11.12.13.50 RDP 3389

Which results will be returned with the following Google search query?

site:target.com -site:Marketing.target.com accounting

A.

Results matching all words in the query

B.

Results matching “accounting” in domain target.com but not on the site Marketing.target.com

C.

Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting

D.

Results for matches on target.com and Marketing.target.com that include the word “accounting”

Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

A.

Detective

B.

Passive

C.

Intuitive

D.

Reactive

Which of the following is an example of two factor authentication?

A.

PIN Number and Birth Date

B.

Username and Password

C.

Digital Certificate and Hardware Token

D.

Fingerprint and Smartcard ID

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?

A.

g++ hackersExploit.cpp -o calc.exe

B.

g++ hackersExploit.py -o calc.exe

C.

g++ -i hackersExploit.pl -o calc.exe

D.

g++ --compile –i hackersExploit.cpp -o calc.exe

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

A.

Timing attack

B.

Replay attack

C.

Memory trade-off attack

D.

Chosen plain-text attack

Which type of security document is written with specific step-by-step details?

A.

Process

B.

Procedure

C.

Policy

D.

Paradigm

What is the main difference between a “Normal” SQL Injection and a “Blind” SQL Injection vulnerability?

A.

The request to the web server is not visible to the administrator of the vulnerable application.

B.

The attack is called “Blind” because, although the application properly filters user input, it is still vulnerable to code injection.

C.

The successful attack does not show an error message to the administrator of the affected application.

D.

The vulnerable application does not display errors with information about the injection results to the attacker.

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

A.

Network tap

B.

Layer 3 switch

C.

Network bridge

D.

Application firewall

The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:

Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:21 Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

What type of activity has been logged?

A.

Port scan targeting 192.168.1.103

B.

Teardrop attack targeting 192.168.1.106

C.

Denial of service attack targeting 192.168.1.103

D.

Port scan targeting 192.168.1.106

Which of the following programs is usually targeted at Microsoft Office products?

A.

Polymorphic virus

B.

Multipart virus

C.

Macro virus

D.

Stealth virus

If an attacker's computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?

A.

The zombie computer will respond with an IPID of 24334.

B.

The zombie computer will respond with an IPID of 24333.

C.

The zombie computer will not send a response.

D.

The zombie computer will respond with an IPID of 24335.

What type of port scan is shown below?

A.

Idle Scan

B.

Windows Scan

C.

XMAS Scan

D.

SYN Stealth Scan

A covert channel is a channel that

A.

transfers information over, within a computer system, or network that is outside of the security policy.

B.

transfers information over, within a computer system, or network that is within the security policy.

C.

transfers information via a communication path within a computer system, or network for transfer of data.

D.

transfers information over, within a computer system, or network that is encrypted.

What is the broadcast address for the subnet 190.86.168.0/22?

A.

190.86.168.255

B.

190.86.255.255

C.

190.86.171.255

D.

190.86.169.255

What do you call a pre-computed hash?

A.

Sun tables

B.

Apple tables

C.

Rainbow tables

D.

Moon tables

SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

A.

SSL is redundant if you already have IDS's in place

B.

SSL will trigger rules at regular interval and force the administrator to turn them off

C.

SSL will slow down the IDS while it is breaking the encryption to see the packet content

D.

SSL will blind the content of the packet and Intrusion Detection Systems will not be able to detect them

Which of the following statements are true regarding N-tier architecture? (Choose two.)

A.

Each layer must be able to exist on a physically independent system.

B.

The N-tier architecture must have at least one logical layer.

C.

Each layer should exchange information only with the layers above and below it.

D.

When a layer is changed or updated, the other layers must also be recompiled or modified.

You are writing security policy that hardens and prevents Footprinting attempt by Hackers. Which of the following countermeasures will NOT be effective against this attack?

A.

Configure routers to restrict the responses to Footprinting requests

B.

Configure Web Servers to avoid information leakage and disable unwanted protocols

C.

Lock the ports with suitable Firewall configuration

D.

Use an IDS that can be configured to refuse suspicious traffic and pick up Footprinting patterns

E.

Evaluate the information before publishing it on the Website/Intranet

F.

Monitor every employee computer with Spy cameras, keyloggers and spy on them

G.

Perform Footprinting techniques and remove any sensitive information found on DMZ sites

What will the following command produce on a website's login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email = 'someone@somewhere.com'; DROP TABLE members; --'

A.

This code will insert the someone@somewhere.com email address into the members table.

B.

This command will delete the entire members table.

C.

It retrieves the password for the first user in the members table.

D.

This command will not produce anything since the syntax is incorrect.