Halloween Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM CPEH-001 - Certified Professional Ethical Hacker (CPEH)

GAQM CPEH-001 Premium Access     Download Demo    
Page: 13 / 15
Total 736 questions

Which of the following statements about a zone transfer is correct? (Choose three.)

A.

A zone transfer is accomplished with the DNS

B.

A zone transfer is accomplished with the nslookup service

C.

A zone transfer passes all zone information that a DNS server maintains

D.

A zone transfer passes all zone information that a nslookup server maintains

E.

A zone transfer can be prevented by blocking all inbound TCP port 53 connections

F.

Zone transfers cannot occur on the Internet

The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:

You are hired to conduct security testing on their network.

You successfully brute-force the SNMP community string using a SNMP crack tool.

The access-list configured at the router prevents you from establishing a successful connection.

You want to retrieve the Cisco configuration from the router. How would you proceed?

A.

Use the Cisco's TFTP default password to connect and download the configuration file

B.

Run a network sniffer and capture the returned traffic with the configuration file from the router

C.

Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

D.

Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0

This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

What is this attack?

A.

Cross-site-scripting attack

B.

SQL Injection

C.

URL Traversal attack

D.

Buffer Overflow attack

Which of the following are well known password-cracking programs?

A.

L0phtcrack

B.

NetCat

C.

Jack the Ripper

D.

Netbus

E.

John the Ripper

How does a denial-of-service attack work?

A.

A hacker prevents a legitimate user (or group of users) from accessing a service

B.

A hacker uses every character, word, or letter he or she can think of to defeat authentication

C.

A hacker tries to decipher a password by using a system, which subsequently crashes the network

D.

A hacker attempts to imitate a legitimate user by confusing a computer or even another person

What is the proper response for a NULL scan if the port is open?

A.

SYN

B.

ACK

C.

FIN

D.

PSH

E.

RST

F.

No response

You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

A.

wireshark --fetch ''192.168.8*''

B.

wireshark --capture --local masked 192.168.8.0 ---range 24

C.

tshark -net 192.255.255.255 mask 192.168.8.0

D.

sudo tshark -f''net 192 .68.8.0/24''

What tool can crack Windows SMB passwords simply by listening to network traffic?

A.

This is not possible

B.

Netbus

C.

NTFSDOS

D.

L0phtcrack

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?

A.

137 and 139

B.

137 and 443

C.

139 and 443

D.

139 and 445

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

A.

Nikto

B.

Nmap

C.

Metasploit

D.

Armitage

An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.

How would the attacker use netcat to encrypt the information before transmitting onto the wire?

A.

Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat 1234

B.

Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat 1234

C.

Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password

D.

Use cryptcat instead of netcat

What port number is used by LDAP protocol?

A.

110

B.

389

C.

464

D.

445

Your company was hired by a small healthcare provider to perform a technical assessment on the network.

What is the best approach for discovering vulnerabilities on a Windows-based computer?

A.

Use a scan tool like Nessus

B.

Use the built-in Windows Update tool

C.

Check MITRE.org for the latest list of CVE findings

D.

Create a disk image of a clean Windows installation

After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?

A.

Create User Account

B.

Disable Key Services

C.

Disable IPTables

D.

Download and Install Netcat

What is the process of logging, recording, and resolving events that take place in an organization?

A.

Incident Management Process

B.

Security Policy

C.

Internal Procedure

D.

Metrics