Free CEH-001 Free Practice Questions 2019

Our pass rate is high to 98.9% and the similarity percentage between our CEH-001 Braindumps and real exam is 90% based on our seven-year educating experience. Do you want achievements in the GAQM CEH-001 exam in just one try? I am currently studying for the CEH-001 Study Guides. Latest CEH-001 Study Guides, Try GAQM CEH-001 Brain Dumps First.

Check CEH-001 free dumps before getting the full version:

NEW QUESTION 1
John the Ripper is a technical assessment tool used to test the weakness of which of the following?

  • A. Usernames
  • B. File permissions
  • C. Firewall rulesets
  • D. Passwords

Answer: D

NEW QUESTION 2
Which of the following are variants of mandatory access control mechanisms? (Choose two.)

  • A. Two factor authentication
  • B. Acceptable use policy
  • C. Username / password
  • D. User education program
  • E. Sign in register

Answer: AC

NEW QUESTION 3
An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS?
Select the best answer.

  • A. Firewalk
  • B. Manhunt
  • C. Fragrouter
  • D. Fragids

Answer: C

Explanation: Explanations:
Firewalking is a way to disguise a portscan. Thus, firewalking is not a tool, but a method of
conducting a port scan in which it can be hidden from some firewalls. Synamtec Man-Hunt is an IDS, not a tool to evade an IDS.
Fragrouter is a tool that can take IP traffic and fragment it into multiple pieces. There is a legitimate reason that fragmentation is done, but it is also a technique that can help an attacker to evade detection while Fragids is a made-up tool and does not exist.

NEW QUESTION 4
You work as security technician at XYZ.com. While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which of the processes listed below would be a more efficient way of doing this type of validation?

  • A. Use mget to download all pages locally for further inspection.
  • B. Use wget to download all pages locally for further inspection.
  • C. Use get* to download all pages locally for further inspection.
  • D. Use get() to download all pages locally for further inspection.

Answer: B

Explanation: Wget is a utility used for mirroring websites, get* doesn’t work, as for the actual FTP command to work there needs to be a space between get and * (ie. get *), get(); is just bogus, that’s a C function that’s written 100% wrong. mget is a command used from “within” ftp itself, ruling out A. Which leaves B use wget, which is designed for mirroring and download files, especially web pages, if used with the –R option (ie. wget –R www.XYZ.com) it could mirror a site, all expect protected portions of course.
Note: GNU Wget is a free network utility to retrieve files from the World Wide Web using HTTP and FTP and can be used to make mirrors of archives and home pages thus enabling work in the background, after having logged off.

NEW QUESTION 5
A very useful resource for passively gathering information about a target company is:

  • A. Host scanning
  • B. Whois search
  • C. Traceroute
  • D. Ping sweep

Answer: B

Explanation: A, C & D are "Active" scans, the question says: "Passively"

NEW QUESTION 6
Which of the following ICMP message types are used for destinations unreachables?

  • A. 3
  • B. 11
  • C. 13
  • D. 17

Answer: B

Explanation: Type 3 messages are used for unreachable messages. 0 is Echo Reply, 8 is Echo request, 11 is time exceeded, 13 is timestamp and 17 is subnet mask request. Learning these would
be advisable for the test.

NEW QUESTION 7
An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application.
Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer)

  • A. Create a network tunnel.
  • B. Create a multiple false positives.
  • C. Create a SYN flood.
  • D. Create a ping flood.

Answer: A

Explanation: Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted.

NEW QUESTION 8
Advanced encryption standard is an algorithm used for which of the following?

  • A. Data integrity
  • B. Key discovery
  • C. Bulk data encryption
  • D. Key recovery

Answer: C

NEW QUESTION 9
ETHER: Destination address : 0000BA5EBA11 ETHER: Source address :
CEH-001 dumps exhibit
An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application?

  • A. Create a SYN flood
  • B. Create a network tunnel
  • C. Create multiple false positives
  • D. Create a ping flood

Answer: B

Explanation: Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted.

NEW QUESTION 10
John is using a special tool on his Linux platform that has a signature database and is therefore able to detect hundred of vulnerabilities in UNIX, Windows, and commonly-used web CGI scripts. Additionally, the database detects DDoS zombies and Trojans. What would be the name of this multifunctional tool?

  • A. nmap
  • B. hping
  • C. nessus
  • D. make

Answer: C

Explanation: Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75, 000 organizations world-wide. Nmap is mostly used for scanning, not for detecting vulnerabilities. Hping is a free packet generator and analyzer for the TCP/IP protocol and make is used to automatically build large applications on the *nix plattform.

NEW QUESTION 11
International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

  • A. guidelines and practices for security controls.
  • B. financial soundness and business viability metrics.
  • C. standard best practice for configuration management.
  • D. contract agreement writing standards.

Answer: A

NEW QUESTION 12
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
DatE. Mon, 16 Jan 2011 01:41:33 GMT
Content-TypE. text/html Accept-Ranges: bytes
Last-ModifieD. Wed, 28 Dec 2010 15:32:21 GMT
ETaG. "b0aac0542e25c31:89d" Content-Length: 7369
Which of the following is an example of what the engineer performed?

  • A. Cross-site scripting
  • B. Banner grabbing
  • C. SQL injection
  • D. Whois database query

Answer: B

NEW QUESTION 13
Under what conditions does a secondary name server request a zone transfer from a primary name server?

  • A. When a primary SOA is higher that a secondary SOA
  • B. When a secondary SOA is higher that a primary SOA
  • C. When a primary name server has had its service restarted
  • D. When a secondary name server has had its service restarted
  • E. When the TTL falls to zero

Answer: A

Explanation: Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place.

NEW QUESTION 14
While examining a log report you find out that an intrusion has been attempted by a machine whose IP address is displayed as 0xde.0xad.0xbe.0xef. It looks to you like a hexadecimal number. You perform a ping 0xde.0xad.0xbe.0xef. Which of the following IP addresses will respond to the ping and hence will likely be responsible for the intrusion?

  • A. 192.10.25.9
  • B. 10.0.3.4
  • C. 203.20.4.5
  • D. 222.273.290.239

Answer: D

Explanation: Convert the hex number to binary and then to decimal.

NEW QUESTION 15
When working with Windows systems, what is the RID of the true administrator account?

  • A. 500
  • B. 501
  • C. 512
  • D. 1001
  • E. 1024
  • F. 1000

Answer: A

Explanation: The built-in administrator account always has a RID of 500.

NEW QUESTION 16
Steve scans the network for SNMP enabled devices. Which port number Steve should scan?

  • A. 150
  • B. 161
  • C. 169
  • D. 69

Answer: B

NEW QUESTION 17
A tester is attempting to capture and analyze the traffic on a given network and realizes that the network has several switches. What could be used to successfully sniff the traffic on this switched network? (Choose three.)

  • A. ARP spoofing
  • B. MAC duplication
  • C. MAC flooding
  • D. SYN flood
  • E. Reverse smurf attack
  • F. ARP broadcasting

Answer: ABC

NEW QUESTION 18
There is some dispute between two network administrators at your company. Your boss asks you to come and meet with the administrators to set the record straight. Which of these are true about PKI and encryption?
Select the best answers.

  • A. PKI provides data with encryption, compression, and restorability.
  • B. Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman.
  • C. When it comes to eCommerce, as long as you have authenticity, and authenticity, you do not need encryption.
  • D. RSA is a type of encryption.

Answer: BD

Explanation: PKI provides confidentiality, integrity, and authenticity of the messages exchanged between these two types of systems. The 3rd party provides the public key and the receiver verifies the message with a combination of the private and public key. Public- key encryption WAS invented in 1976 by Whitfield Diffie and Martin Hellman. The famous hashing algorithm Diffie-Hellman was named after them. The RSA Algorithm is created by the RSA Security company that also has created other widely used encryption algorithms.

NEW QUESTION 19
Which of the following does proper basic configuration of snort as a network intrusion detection system require?

  • A. Limit the packets captured to the snort configuration file.
  • B. Capture every packet on the network segment.
  • C. Limit the packets captured to a single segment.
  • D. Limit the packets captured to the /var/log/snort directory.

Answer: A

P.S. Certstest now are offering 100% pass ensure CEH-001 dumps! All CEH-001 exam questions have been updated with correct answers: https://www.certstest.com/dumps/CEH-001/ (878 New Questions)