Realistic CEH-001 Exam Questions and Answers 2019

We provide CEH-001 Dumps Questions which are the best for clearing CEH-001 test, and to get certified by GAQM Certified Ethical Hacker (CEH). The CEH-001 Exam Questions and Answers covers all the knowledge points of the real CEH-001 exam. Crack your GAQM CEH-001 Exam with latest dumps, guaranteed!

Free CEH-001 Demo Online For Microsoft Certifitcation:

Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won't be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner?

  • A. He can use SNMPv3
  • B. Jake can use SNMPrev5
  • C. He can use SecWMI
  • D. Jake can use SecSNMP

Answer: A

How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS's on a network?

  • A. Covert Channel
  • B. Crafted Channel
  • C. Bounce Channel
  • D. Deceptive Channel

Answer: A

Explanation: A covert channel is described as: "any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy." Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.

A circuit level gateway works at which of the following layers of the OSI Model?

  • A. Layer 5 - Application
  • B. Layer 4 – TCP
  • C. Layer 3 – Internet protocol
  • D. Layer 2 – Data link

Answer: B

Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?

  • A. ping 192.168.2.
  • B. ping
  • C. for %V in (1 1 255) do PING 192.168.2.%V
  • D. for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I "Reply"

Answer: D

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

  • A. Timing attack
  • B. Replay attack
  • C. Memory trade-off attack
  • D. Chosen plain-text attack

Answer: D

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?

  • A. Locate type=ns
  • B. Request type=ns
  • C. Set type=ns
  • D. Transfer type=ns

Answer: C

CEH-001 dumps exhibit
Given the following extract from the snort log on a honeypot, what do you infer from the attack?

  • A. A new port was opened
  • B. A new user id was created
  • C. The exploit was successful
  • D. The exploit was not successful

Answer: D

Explanation: The attacker submits a PASS to the honeypot and receives a login incorrect before disconnecting.

You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Why do you think this occurs?

  • A. The zombie you are using is not truly idle.
  • B. A stateful inspection firewall is resetting your queries.
  • C. Hping2 cannot be used for idle scanning.
  • D. These ports are actually open on the target system.

Answer: A

Explanation: If the IPID is incremented by more than the normal increment for this type of system it means that the system is interacting with some other system beside yours and has sent packets to an unknown host between the packets destined for you.

Which of the following is NOT part of CEH Scanning Methodology?

  • A. Check for Live systems
  • B. Check for Open Ports
  • C. Banner Grabbing
  • D. Prepare Proxies
  • E. Social Engineering attacks
  • F. Scan for Vulnerabilities
  • G. Draw Network Diagrams

Answer: E

Which of the following identifies the three modes in which Snort can be configured to run?

  • A. Sniffer, Packet Logger, and Network Intrusion Detection System
  • B. Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System
  • C. Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System
  • D. Sniffer, Packet Logger, and Host Intrusion Prevention System

Answer: A

A covert channel is a channel that _____

  • A. transfers information over, within a computer system, or network that is outside of the security policy.
  • B. transfers information over, within a computer system, or network that is within the security policy.
  • C. transfers information via a communication path within a computer system, or network for transfer of data.
  • D. transfers information over, within a computer system, or network that is encrypted.

Answer: A

What is War Dialing?

  • A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems
  • B. War dialing is a vulnerability scanning technique that penetrates Firewalls
  • C. It is a social engineering technique that uses Phone calls to trick victims
  • D. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

Answer: A

In the context of Trojans, what is the definition of a Wrapper?

  • A. An encryption tool to protect the Trojan
  • B. A tool used to bind the Trojan with a legitimate file
  • C. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan
  • D. A tool used to encapsulate packets within a new header and footer

Answer: B

Explanation: Wrapper does not change header or footer of any packets but it mix between legitimate file and Trojan file.

File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

  • A. Use disable-eXchange
  • B. Use mod_negotiation
  • C. Use Stop_Files
  • D. Use Lib_exchanges

Answer: B

Which initial procedure should an ethical hacker perform after being brought into an organization?

  • A. Begin security testing.
  • B. Turn over deliverables.
  • C. Sign a formal contract with non-disclosure.
  • D. Assess what the organization is trying to protect.

Answer: C

What is the correct PCAP filter to capture all TCP traffic going to or from host on port 25?

  • A. tcp.src == 25 and ==
  • B. host
  • C. port 25 and host
  • D. tcp.port == 25 and ==

Answer: D

There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)

  • A. The IP address of the AP
  • B. The MAC address of the AP
  • C. The SSID of the wireless network
  • D. A failed authentication packet

Answer: BC

Which of the following types of firewall inspects only header information in network traffic?

  • A. Packet filter
  • B. Stateful inspection
  • C. Circuit-level gateway
  • D. Application-level gateway

Answer: A

Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean?

  • A. This response means the port he is scanning is open.
  • B. The RST/ACK response means the port Fred is scanning is disabled.
  • C. This means the port he is scanning is half open.
  • D. This means that the port he is scanning on the host is closed.

Answer: D

100% Valid and Newest Version CEH-001 Questions & Answers shared by Exambible, Get Full Dumps HERE: (New 878 Q&As)