Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GAQM CPEH-001 - Certified Professional Ethical Hacker (CPEH)

GAQM CPEH-001 Premium Access     Download Demo    
Page: 1 / 15
Total 736 questions

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?

A.

The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.

B.

The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.

C.

The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.

D.

The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

A.

Perform a vulnerability scan of the system.

B.

Determine the impact of enabling the audit feature.

C.

Perform a cost/benefit analysis of the audit feature.

D.

Allocate funds for staffing of audit log review.

How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy?

A.

Defeating the scanner from detecting any code change at the kernel

B.

Replacing patch system calls with its own version that hides the rootkit (attacker's) actions

C.

Performing common services for the application process and replacing real applications with fake ones

D.

Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

From the two screenshots below, which of the following is occurring?

A.

10.0.0.253 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

B.

10.0.0.253 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

C.

10.0.0.2 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

D.

10.0.0.252 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

What is a successful method for protecting a router from potential smurf attacks?

A.

Placing the router in broadcast mode

B.

Enabling port forwarding on the router

C.

Installing the router outside of the network's firewall

D.

Disabling the router from accepting broadcast ping messages

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the tester come across a perl script that runs the following msadc functions:

Which exploit is indicated by this script?

A.

A buffer overflow exploit

B.

A chained exploit

C.

A SQL injection exploit

D.

A denial of service exploit

Which of the following business challenges could be solved by using a vulnerability scanner?

A.

Auditors want to discover if all systems are following a standard naming convention.

B.

A web server was compromised and management needs to know if any further systems were compromised.

C.

There is an emergency need to remove administrator access from multiple machines for an employee that quit.

D.

There is a monthly requirement to test corporate compliance with host application usage and security policies.

The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of security control?

A.

Physical

B.

Procedural

C.

Technical

D.

Compliance

Which of the following problems can be solved by using Wireshark?

A.

Tracking version changes of source code

B.

Checking creation dates on all webpages on a server

C.

Resetting the administrator password on multiple systems

D.

Troubleshooting communication resets between two systems

Which of the following is considered an acceptable option when managing a risk?

A.

Reject the risk.

B.

Deny the risk.

C.

Mitigate the risk.

D.

Initiate the risk.

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?

A.

False positive

B.

False negative

C.

True positve

D.

True negative

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

A.

Ping sweep of the 192.168.1.106 network

B.

Remote service brute force attempt

C.

Port scan of 192.168.1.106

D.

Denial of service attack on 192.168.1.106

What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?

A.

tcp.src == 25 and ip.host == 192.168.0.125

B.

host 192.168.0.125:25

C.

port 25 and host 192.168.0.125

D.

tcp.port == 25 and ip.host == 192.168.0.125

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

A.

Passive

B.

Reflective

C.

Active

D.

Distributive