It is impossible to pass GAQM CEH-001 exam without any help in the short term. Come to us soon and find the most advanced, correct and guaranteed CEH-001 Exam Questions. You will get a surprising result by our CEH-001 Exam Questions.
Online CEH-001 free questions and answers of New Version:
NEW QUESTION 1
What are the two basic types of attacks? (Choose two.
- A. DoS
- B. Passive
- C. Sniffing
- D. Active
- E. Cracking
Explanation: Passive and active attacks are the two basic types of attacks.
NEW QUESTION 2
Select the best answer.
- A. archive.org
- B. There is no way to get the changed webpage unless you contact someone at the company
- C. Usenet
NEW QUESTION 3
Which type of hacker represents the highest risk to your network?
- A. black hat hackers
- B. grey hat hackers
- C. disgruntled employees
- D. script kiddies
NEW QUESTION 4
Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?
- A. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.
- B. The root CA stores the user's hash value for safekeeping.
- C. The CA is the trusted root that issues certificates.
- D. The root CA is used to encrypt email messages to prevent unintended disclosure of data.
NEW QUESTION 5
Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)
- A. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications
- B. A reduction in network and application monitoring since all recording will be completed at the SSO system
- C. A reduction in system administration overhead since any user login problems can be resolved at the SSO system
- D. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point
NEW QUESTION 6
William has received a Chess game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Chess.
After William installs the game, he plays it for a couple of hours. The next day, William plays the Chess game again and notices that his machine has begun to slow down. He brings up his Task Manager and sees the following programs running:
What has William just installed?
- A. Zombie Zapper (ZoZ)
- B. Remote Access Trojan (RAT)
- C. Bot IRC Tunnel (BIT)
- D. Root Digger (RD)
NEW QUESTION 7
Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website.
Where can Stephanie go to see past versions and pages of a website?
- A. She should go to the web page Samspade.org to see web pages that might no longer be on the website
- B. If Stephanie navigates to Search.com; she will see old versions of the company website
- C. Stephanie can go to Archive.org to see past versions of the company website
- D. AddressPast.com would have any web pages that are no longer hosted on the company's website
NEW QUESTION 8
Which of the following is an example of IP spoofing?
- A. SQL injections
- B. Man-in-the-middle
- C. Cross-site scripting
- D. ARP poisoning
NEW QUESTION 9
Which DNS resource record can indicate how long any "DNS poisoning" could last?
- A. MX
- B. SOA
- C. NS
- D. TIMEOUT
Explanation: The SOA contains information of secondary servers, update intervals and expiration times.
NEW QUESTION 10
Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor.
Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it
and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on.
Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them.
What technique has Jason most likely used?
- A. Stealth Rootkit Technique
- B. ADS Streams Technique
- C. Snow Hiding Technique
- D. Image Steganography Technique
NEW QUESTION 11
Which of the following commands runs snort in packet logger mode?
- A. ./snort -dev -h ./log
- B. ./snort -dev -l ./log
- C. ./snort -dev -o ./log
- D. ./snort -dev -p ./log
Explanation: Note: If you want to store the packages in binary mode for later analysis use
./snort -l ./log -b
NEW QUESTION 12
You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it.
- A. New installation of Windows should be patched by installing the latest service packs and hotfixes
- B. Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed
- C. Install a personal firewall and lock down unused ports from connecting to your computer
- D. Install the latest signatures for Antivirus software
- E. Configure "Windows Update" to automatic
- F. Create a non-admin user with a complex password and logon to this account
- G. You can start using your computer as vendors such as DELL, HP and IBM would have already installed the latest service packs.
NEW QUESTION 13
After studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence?
1. mkdir -p /etc/X11/applnk/Internet/.etc
2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd
3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd
4. touch -acmr /etc /etc/X11/applnk/Internet/.etc
5. passwd nobody -d
6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash
7. passwd dns -d
8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd
9. touch -acmr /etc/X11/applnk/Internet/.etc /etc
- A. Change password of user nobody
- B. Extract information from a local directory
- C. Change the files Modification Access Creation times
- D. Download rootkits and passwords into a new directory
NEW QUESTION 14
Eric notices repeated probes to port 1080. He learns that the protocol being used is designed to allow a host outside of a firewall to connect transparently and securely through the firewall. He wonders if his firewall has been breached. What would be your inference?
- A. Eric network has been penetrated by a firewall breach
- B. The attacker is using the ICMP protocol to have a covert channel
- C. Eric has a Wingate package providing FTP redirection on his network
- D. Somebody is using SOCKS on the network to communicate through the firewall
Explanation: Port Description:
SOCKS. SOCKS port, used to support outbound tcp services (FTP, HTTP, etc). Vulnerable similar to FTP Bounce, in that attacker can connect to this port and \bounce\ out to another internal host. Done to either reach a protected internal host or mask true source of attack. Listen for connection attempts to this port -- good sign of port scans, SOCKS-probes, or bounce attacks. Also a means to access restricted resources. Example: Bouncing off a MILNET gateway SOCKS port allows attacker to access web sites, etc. that were restricted only to.mil domain hosts.
NEW QUESTION 15
Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?
- A. Truecrypt
- B. Sub7
- C. Nessus
- D. Clamwin
NEW QUESTION 16
Which of the following is a symmetric cryptographic standard?
- A. DSA
- B. PKI
- C. RSA
- D. 3DES
NEW QUESTION 17
Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?
- A. NMAP -PN -A -O -sS 192.168.2.0/24
- B. NMAP -P0 -A -O -p1-65535 192.168.0/24
- C. NMAP -P0 -A -sT -p0-65535 192.168.0/16
- D. NMAP -PN -O -sS -p 1-1024 192.168.0/8
NEW QUESTION 18
Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?
- A. All IVs are vulnerable to attack
- B. Air Snort uses a cache of packets
- C. Air Snort implements the FMS attack and only encrypted packets are counted
- D. A majority of weak IVs transmitted by access points and wireless cards are not filtered by contemporary wireless manufacturers
Explanation: Since the summer of 2001, WEP cracking has been a trivial but time consuming process. A few tools, AirSnort perhaps the most famous, that implement the Fluhrer-Mantin-Shamir (FMS) attack were released to the security community -- who until then were aware of the problems with WEP but did not have practical penetration testing tools. Although simple to use, these tools require a very large number of packets to be gathered before being able to crack a WEP key. The AirSnort web site estimates the total number of packets at five to ten million, but the number actually required may be higher than you think.
NEW QUESTION 19
If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).
- A. True
- B. False
Explanation: When and ACK is sent to an open port, a RST is returned.
P.S. Easily pass CEH-001 Exam with 878 Q&As 2passeasy Dumps & pdf Version, Welcome to Download the Newest 2passeasy CEH-001 Dumps: https://www.2passeasy.com/dumps/CEH-001/ (878 New Questions)