Tested CEH-001 Exam Questions and Answers 2019

It is impossible to pass GAQM CEH-001 exam without any help in the short term. Come to us soon and find the most advanced, correct and guaranteed CEH-001 Exam Questions. You will get a surprising result by our CEH-001 Exam Questions.

Online CEH-001 free questions and answers of New Version:

What are the two basic types of attacks? (Choose two.

  • A. DoS
  • B. Passive
  • C. Sniffing
  • D. Active
  • E. Cracking

Answer: BD

Explanation: Passive and active attacks are the two basic types of attacks.

Say that "abigcompany.com" had a security vulnerability in the javascript on their website in the past. They recently fixed the security vulnerability, but it had been there for many months. Is there some way to 4go back and see the code for that error?
Select the best answer.

  • A. archive.org
  • B. There is no way to get the changed webpage unless you contact someone at the company
  • C. Usenet
  • D. Javascript would not be in their html so a service like usenet or archive wouldn't help you

Answer: A

Explanation: Explanations:
Archive.org is a website that periodically archives internet content. They have archives of websites over many years. It could be used to go back and look at the javascript as javascript would be in the HTML code.

Which type of hacker represents the highest risk to your network?

  • A. black hat hackers
  • B. grey hat hackers
  • C. disgruntled employees
  • D. script kiddies

Answer: C

Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

  • A. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.
  • B. The root CA stores the user's hash value for safekeeping.
  • C. The CA is the trusted root that issues certificates.
  • D. The root CA is used to encrypt email messages to prevent unintended disclosure of data.

Answer: C

Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

  • A. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications
  • B. A reduction in network and application monitoring since all recording will be completed at the SSO system
  • C. A reduction in system administration overhead since any user login problems can be resolved at the SSO system
  • D. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

Answer: AC

William has received a Chess game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Chess.
CEH-001 dumps exhibit
After William installs the game, he plays it for a couple of hours. The next day, William plays the Chess game again and notices that his machine has begun to slow down. He brings up his Task Manager and sees the following programs running:
CEH-001 dumps exhibit
What has William just installed?

  • A. Zombie Zapper (ZoZ)
  • B. Remote Access Trojan (RAT)
  • C. Bot IRC Tunnel (BIT)
  • D. Root Digger (RD)

Answer: B

Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website.
Where can Stephanie go to see past versions and pages of a website?

  • A. She should go to the web page Samspade.org to see web pages that might no longer be on the website
  • B. If Stephanie navigates to Search.com; she will see old versions of the company website
  • C. Stephanie can go to Archive.org to see past versions of the company website
  • D. AddressPast.com would have any web pages that are no longer hosted on the company's website

Answer: C

Which of the following is an example of IP spoofing?

  • A. SQL injections
  • B. Man-in-the-middle
  • C. Cross-site scripting
  • D. ARP poisoning

Answer: B

Which DNS resource record can indicate how long any "DNS poisoning" could last?

  • A. MX
  • B. SOA
  • C. NS

Answer: B

Explanation: The SOA contains information of secondary servers, update intervals and expiration times.

Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor.
Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it
and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on.
Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them.
What technique has Jason most likely used?

  • A. Stealth Rootkit Technique
  • B. ADS Streams Technique
  • C. Snow Hiding Technique
  • D. Image Steganography Technique

Answer: D

Which of the following commands runs snort in packet logger mode?

  • A. ./snort -dev -h ./log
  • B. ./snort -dev -l ./log
  • C. ./snort -dev -o ./log
  • D. ./snort -dev -p ./log

Answer: B

Explanation: Note: If you want to store the packages in binary mode for later analysis use
./snort -l ./log -b

You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it.

  • A. New installation of Windows should be patched by installing the latest service packs and hotfixes
  • B. Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed
  • C. Install a personal firewall and lock down unused ports from connecting to your computer
  • D. Install the latest signatures for Antivirus software
  • E. Configure "Windows Update" to automatic
  • F. Create a non-admin user with a complex password and logon to this account
  • G. You can start using your computer as vendors such as DELL, HP and IBM would have already installed the latest service packs.

Answer: ACDEF

After studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence?
1. mkdir -p /etc/X11/applnk/Internet/.etc
2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd
3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd
4. touch -acmr /etc /etc/X11/applnk/Internet/.etc
5. passwd nobody -d
6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash
7. passwd dns -d
8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd
9. touch -acmr /etc/X11/applnk/Internet/.etc /etc

  • A. Change password of user nobody
  • B. Extract information from a local directory
  • C. Change the files Modification Access Creation times
  • D. Download rootkits and passwords into a new directory

Answer: C

Eric notices repeated probes to port 1080. He learns that the protocol being used is designed to allow a host outside of a firewall to connect transparently and securely through the firewall. He wonders if his firewall has been breached. What would be your inference?

  • A. Eric network has been penetrated by a firewall breach
  • B. The attacker is using the ICMP protocol to have a covert channel
  • C. Eric has a Wingate package providing FTP redirection on his network
  • D. Somebody is using SOCKS on the network to communicate through the firewall

Answer: D

Explanation: Port Description:
SOCKS. SOCKS port, used to support outbound tcp services (FTP, HTTP, etc). Vulnerable similar to FTP Bounce, in that attacker can connect to this port and \bounce\ out to another internal host. Done to either reach a protected internal host or mask true source of attack. Listen for connection attempts to this port -- good sign of port scans, SOCKS-probes, or bounce attacks. Also a means to access restricted resources. Example: Bouncing off a MILNET gateway SOCKS port allows attacker to access web sites, etc. that were restricted only to.mil domain hosts.

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

  • A. Truecrypt
  • B. Sub7
  • C. Nessus
  • D. Clamwin

Answer: C

Which of the following is a symmetric cryptographic standard?

  • A. DSA
  • B. PKI
  • C. RSA
  • D. 3DES

Answer: D

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

  • A. NMAP -PN -A -O -sS
  • B. NMAP -P0 -A -O -p1-65535 192.168.0/24
  • C. NMAP -P0 -A -sT -p0-65535 192.168.0/16
  • D. NMAP -PN -O -sS -p 1-1024 192.168.0/8

Answer: B

Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?

  • A. All IVs are vulnerable to attack
  • B. Air Snort uses a cache of packets
  • C. Air Snort implements the FMS attack and only encrypted packets are counted
  • D. A majority of weak IVs transmitted by access points and wireless cards are not filtered by contemporary wireless manufacturers

Answer: C

Explanation: Since the summer of 2001, WEP cracking has been a trivial but time consuming process. A few tools, AirSnort perhaps the most famous, that implement the Fluhrer-Mantin-Shamir (FMS) attack were released to the security community -- who until then were aware of the problems with WEP but did not have practical penetration testing tools. Although simple to use, these tools require a very large number of packets to be gathered before being able to crack a WEP key. The AirSnort web site estimates the total number of packets at five to ten million, but the number actually required may be higher than you think.

If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).

  • A. True
  • B. False

Answer: A

Explanation: When and ACK is sent to an open port, a RST is returned.

P.S. Easily pass CEH-001 Exam with 878 Q&As 2passeasy Dumps & pdf Version, Welcome to Download the Newest 2passeasy CEH-001 Dumps: https://www.2passeasy.com/dumps/CEH-001/ (878 New Questions)