Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GAQM CEH-001 - Certified Ethical Hacker (CEH)

Page: 4 / 14
Total 878 questions

John is using tokens for the purpose of strong authentication. He is not confident that his security is considerably strong.

In the context of Session hijacking why would you consider this as a false sense of security?

A.

The token based security cannot be easily defeated.

B.

The connection can be taken over after authentication.

C.

A token is not considered strong authentication.

D.

Token security is not widely used in the industry.

Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs. What is this attack most appropriately called?

A.

Spoof attack

B.

Replay attack

C.

Injection attack

D.

Rebound attack

When working with Windows systems, what is the RID of the true administrator account?

A.

500

B.

501

C.

1000

D.

1001

E.

1024

F.

512

If you come across a sheepdip machaine at your client site, what would you infer?

A.

A sheepdip computer is used only for virus checking.

B.

A sheepdip computer is another name for honeypop.

C.

A sheepdip coordinates several honeypots.

D.

A sheepdip computer defers a denial of service attack.

Which of the following is one of the key features found in a worm but not seen in a virus?

A.

The payload is very small, usually below 800 bytes.

B.

It is self replicating without need for user intervention.

C.

It does not have the ability to propagate on its own.

D.

All of them cannot be detected by virus scanners.

Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain functions are executed on his local system under his privileges, which allow Kevin access to information used on the BBS. However, no executables are downloaded and run on the local system. What would you term this attack?

A.

Phishing

B.

Denial of Service

C.

Cross Site Scripting

D.

Backdoor installation

Which of the following is a client-server tool utilized to evade firewall inspection?

A.

tcp-over-dns

B.

kismet

C.

nikto

D.

hping

Which of the following business challenges could be solved by using a vulnerability scanner?

A.

Auditors want to discover if all systems are following a standard naming convention.

B.

A web server was compromised and management needs to know if any further systems were compromised.

C.

There is an emergency need to remove administrator access from multiple machines for an employee that quit.

D.

There is a monthly requirement to test corporate compliance with host application usage and security policies.

Which of the following is a strong post designed to stop a car?

A.

Gate

B.

Fence

C.

Bollard

D.

Reinforced rebar

Fingerprinting VPN firewalls is possible with which of the following tools?

A.

Angry IP

B.

Nikto

C.

Ike-scan

D.

Arp-scan

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

A.

Semicolon

B.

Single quote

C.

Exclamation mark

D.

Double quote

A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the followinG.

Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.

Which of the following actions should the security administrator take?

A.

Log the event as suspicious activity and report this behavior to the incident response team immediately.

B.

Log the event as suspicious activity, call a manager, and report this as soon as possible.

C.

Run an anti-virus scan because it is likely the system is infected by malware.

D.

Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP port 21 – no response TCP port 22 – no response TCP port 23 – Time-to-live exceeded

A.

The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.

B.

The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.

C.

The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.

D.

The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.

Which of the following are variants of mandatory access control mechanisms? (Choose two.)

A.

Two factor authentication

B.

Acceptable use policy

C.

Username / password

D.

User education program

E.

Sign in register

A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

A.

Issue the pivot exploit and set the meterpreter.

B.

Reconfigure the network settings in the meterpreter.

C.

Set the payload to propagate through the meterpreter.

D.

Create a route statement in the meterpreter.

What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

A.

Blue Book

B.

ISO 26029

C.

Common Criteria

D.

The Wassenaar Agreement

Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

A.

A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications

B.

A reduction in network and application monitoring since all recording will be completed at the SSO system

C.

A reduction in system administration overhead since any user login problems can be resolved at the SSO system

D.

A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?

A.

Paros Proxy

B.

BBProxy

C.

BBCrack

D.

Blooover

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

A.

-sO

B.

-sP

C.

-sS

D.

-sU

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

A.

Netsh firewall show config

B.

WMIC firewall show config

C.

Net firewall show config

D.

Ipconfig firewall show config