GAQM CEH-001 Practice 2019

100% Guarantee of CEH-001 exam prep materials and courses for GAQM certification for {examinee}, Real Success Guaranteed with Updated CEH-001 pdf dumps vce Materials. 100% PASS Certified Ethical Hacker (CEH) exam Today!

NEW QUESTION 1

John has scanned the web server with NMAP. However, he could not gather enough information to help him identify the operating system running on the remote host accurately.
What would you suggest to John to help identify the OS that is being used on the remote web server?

  • A. Connect to the web server with a browser and look at the web page.
  • B. Connect to the web server with an FTP client.
  • C. Telnet to port 8080 on the web server and look at the default page code.
  • D. Telnet to an open port and grab the banner.

Answer: D

Explanation:
Most people don’t care about changing the banners presented by applications listening to open ports and therefore you should get fairly accurate information when grabbing banners from open ports with, for example, a telnet application.

NEW QUESTION 2

Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?

  • A. Finger
  • B. FTP
  • C. Samba
  • D. SMB

Answer: D

Explanation:
The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT / 2000. In Windows NT it ran on top of NBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT. For this they use TCP port 445.

NEW QUESTION 3

John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the log files to investigate the attack. Take a look at the following Linux log file snippet. The hacker compromised and "owned" a Linux machine. What is the hacker trying to accomplish here?
CEH-001 dumps exhibit

  • A. The hacker is attempting to compromise more machines on the network
  • B. The hacker is planting a rootkit
  • C. The hacker is running a buffer overflow exploit to lock down the system
  • D. The hacker is trying to cover his tracks

Answer: D

NEW QUESTION 4

_____ is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer

  • A. Alternate Data Streams
  • B. Merge Streams
  • C. Steganography
  • D. NetBIOS vulnerability

Answer: A

NEW QUESTION 5

Joe Hacker is going wardriving. He is going to use PrismStumbler and wants it to go to a GPS mapping software application. What is the recommended and well-known GPS mapping package that would interface with PrismStumbler?
Select the best answer.

  • A. GPSDrive
  • B. GPSMap
  • C. WinPcap
  • D. Microsoft Mappoint

Answer: A

Explanation:
Explanations:
GPSDrive is a Linux GPS mapping package. It recommended to be used to send PrismStumbler data to so that it can be mapped. GPSMap is a generic term and not a real software package. WinPcap is a packet capture library for Windows. It is used to capture packets and deliver them to other programs for analysis. As it is for Windows, it isn't going to do what Joe Hacker is wanting to do. Microsoft Mappoint is a Windows application. PrismStumbler is a Linux application. Thus, these two are not going to work well together.

NEW QUESTION 6

Here is the ASCII Sheet.
CEH-001 dumps exhibit
You want to guess the DBO username juggyboy (8 characters) using Blind SQL Injection
technique.
What is the correct syntax?
CEH-001 dumps exhibit

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D

Answer: A

NEW QUESTION 7

Bob has been hired to do a web application security test. Bob notices that the site is dynamic and must make use of a back end database. Bob wants to see if SQL Injection would be possible. What is the first character that Bob should use to attempt breaking valid SQL request?

  • A. Semi Column
  • B. Double Quote
  • C. Single Quote
  • D. Exclamation Mark

Answer: C

NEW QUESTION 8

What are the limitations of Vulnerability scanners? (Select 2 answers)

  • A. There are often better at detecting well-known vulnerabilities than more esoteric ones
  • B. The scanning speed of their scanners are extremely high
  • C. It is impossible for any, one scanning product to incorporate all known vulnerabilities in a timely manner
  • D. The more vulnerabilities detected, the more tests required
  • E. They are highly expensive and require per host scan license

Answer: AC

NEW QUESTION 9

Which initial procedure should an ethical hacker perform after being brought into an organization?

  • A. Begin security testing.
  • B. Turn over deliverables.
  • C. Sign a formal contract with non-disclosure.
  • D. Assess what the organization is trying to protect.

Answer: C

NEW QUESTION 10

Bart is looking for a Windows NT/2000/XP command-line tool that can be used to assign, display, or modify ACL’s (access control lists) to files or folders and also one that can be used within batch files.
Which of the following tools can be used for that purpose? (Choose the best answer)

  • A. PERM.exe
  • B. CACLS.exe
  • C. CLACS.exe
  • D. NTPERM.exe

Answer: B

Explanation:
Cacls.exe is a Windows NT/2000/XP command-line tool you can use to assign, display, or modify ACLs (access control lists) to files or folders. Cacls is an interactive tool, and since it's a command-line utility, you can also use it in batch files.

NEW QUESTION 11

Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?

  • A. Key registry
  • B. Recovery agent
  • C. Directory
  • D. Key escrow

Answer: D

NEW QUESTION 12

How does an operating system protect the passwords used for account logins?

  • A. The operating system performs a one-way hash of the passwords.
  • B. The operating system stores the passwords in a secret file that users cannot find.
  • C. The operating system encrypts the passwords, and decrypts them when needed.
  • D. The operating system stores all passwords in a protected segment of non-volatile memory.

Answer: A

NEW QUESTION 13

In Trojan terminology, what is required to create the executable file chess.exe as shown below?
CEH-001 dumps exhibit

  • A. Mixer
  • B. Converter
  • C. Wrapper
  • D. Zipper

Answer: C

NEW QUESTION 14

This tool is widely used for ARP Poisoning attack. Name the tool.
CEH-001 dumps exhibit

  • A. Cain and Able
  • B. Beat Infector
  • C. Poison Ivy
  • D. Webarp Infector

Answer: A

NEW QUESTION 15

An NMAP scan of a server shows port 69 is open. What risk could this pose?

  • A. Unauthenticated access
  • B. Weak SSL version
  • C. Cleartext login
  • D. Web portal data leak

Answer: A

NEW QUESTION 16

What type of encryption does WPA2 use?

  • A. DES 64 bit
  • B. AES-CCMP 128 bit
  • C. MD5 48 bit
  • D. SHA 160 bit

Answer: B

NEW QUESTION 17

A company has made the decision to host their own email and basic web services. The administrator needs to set up the external firewall to limit what protocols should be allowed to get to the public part of the company's network. Which ports should the administrator open? (Choose three.)

  • A. Port 22
  • B. Port 23
  • C. Port 25
  • D. Port 53
  • E. Port 80
  • F. Port 139
  • G. Port 445

Answer: CDE

NEW QUESTION 18

In an attempt to secure his 802.11b wireless network, Ulf decides to use a strategic antenna positioning. He places the antenna for the access points near the center of the building. For those access points near the outer edge of the building he uses semi- directional antennas that face towards the building’s center. There is a large parking lot and outlying filed surrounding the building that extends out half a mile around the building. Ulf figures that with this and his placement of antennas, his wireless network will be safe from attack.
Which of the following statements is true?

  • A. With the 300 feet limit of a wireless signal, Ulf’s network is safe.
  • B. Wireless signals can be detected from miles away, Ulf’s network is not safe.
  • C. Ulf’s network will be safe but only of he doesn’t switch to 802.11a.
  • D. Ulf’s network will not be safe until he also enables WEP.

Answer: D

NEW QUESTION 19

You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next?

  • A. Run NULL TCP hping2 against 192.168.1.10
  • B. Run nmap XMAS scan against 192.168.1.10
  • C. The firewall is blocking all the scans to 192.168.1.10
  • D. Use NetScan Tools Pro to conduct the scan

Answer: A

NEW QUESTION 20

Identify SQL injection attack from the HTTP requests shown below:

  • A. http://www.myserver.c0m/search.asp? lname=smith%27%3bupdate%20usertable%20set%20passwd%3d%27hAx0r%27%3b--%00
  • B. http://www.myserver.c0m/script.php?mydata=%3cscript%20src=%22
  • C. http%3a%2f%2fwww.yourserver.c0m%2fbadscript.js%22%3e%3c%2fscript%3e
  • D. http://www.victim.com/example accountnumber=67891&creditamount=999999999

Answer: A

NEW QUESTION 21

The traditional traceroute sends out ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets take to reach the destination.
The problem is that with the widespread use of firewalls on the Internet today, many of the packets that traceroute sends out end up being filtered, making it impossible to completely trace the path to the destination.
CEH-001 dumps exhibit
How would you overcome the Firewall restriction on ICMP ECHO packets?

  • A. Firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connection
  • B. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
  • C. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connection
  • D. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
  • E. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connection
  • F. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.
  • G. Do not use traceroute command to determine the path packets take to reach the destination instead use the custom hacking tool JOHNTHETRACER and run with the command
  • H. \> JOHNTHETRACER www.eccouncil.org -F -evade

Answer: A

NEW QUESTION 22

____ is one of the programs used to wardial.

  • A. DialIT
  • B. Netstumbler
  • C. TooPac
  • D. Kismet
  • E. ToneLoc

Answer: E

Explanation:
ToneLoc is one of the programs used to wardial. While this is considered an "old school" technique, it is still effective at finding backdoors and out of band network entry points.

NEW QUESTION 23

What happens during a SYN flood attack?

  • A. TCP connection requests floods a target machine is flooded with randomized source address & ports for the TCP ports.
  • B. A TCP SYN packet, which is a connection initiation, is sent to a target machine, giving the target host’s address as both source and destination, and is using the same port on the target host as both source and destination.
  • C. A TCP packet is received with the FIN bit set but with no ACK bit set in the flags field.
  • D. A TCP packet is received with both the SYN and the FIN bits set in the flags field.

Answer: A

NEW QUESTION 24

The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line in the source code that might lead to buffer overflow?
CEH-001 dumps exhibit

  • A. 9A.9
  • B. 17B.17
  • C. 20C.20
  • D. 32D.32
  • E. 35E.35

Answer: B

NEW QUESTION 25

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

  • A. Recipient's private key
  • B. Recipient's public key
  • C. Master encryption key
  • D. Sender's public key

Answer: B

NEW QUESTION 26

What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

  • A. Use fragmented IP packets
  • B. Spoof your IP address when launching attacks and sniff responses from the server
  • C. Overload the IDS with Junk traffic to mask your scan
  • D. Use source routing (if possible)
  • E. Connect to proxy servers or compromised Trojaned machines to launch attacks

Answer: ABDE

NEW QUESTION 27
......

100% Valid and Newest Version CEH-001 Questions & Answers shared by Certstest, Get Full Dumps HERE: https://www.certstest.com/dumps/CEH-001/ (New 878 Q&As)