We provide real CEH-001 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass GAQM CEH-001 Exam quickly & easily. The CEH-001 PDF type is available for reading and printing. You can print more and practice many times. With the help of our GAQM CEH-001 dumps pdf and vce product and material, you can easily pass the CEH-001 exam.
Q61. - (Topic 6)
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately.
Which organization coordinates computer crime investigations throughout the United States?
A. NDCA
B. NICP
C. CIRP
D. NPC
E. CIA
Answer: D
Q62. - (Topic 5)
Which of the following is a symmetric cryptographic standard?
A. DSA
B. PKI
C. RSA
D. 3DES
Answer: D
Q63. - (Topic 4)
A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?
A. True negatives
B. False negatives
C. True positives
D. False positives
Answer: D
Q64. - (Topic 4)
How is sniffing broadly categorized?
A. Active and passive
B. Broadcast and unicast
C. Unmanaged and managed
D. Filtered and unfiltered
Answer: A
Q65. - (Topic 3)
Bill is a security analyst for his company. All the switches used in the company's office are Cisco switches. Bill wants to make sure all switches are safe from ARP poisoning. How can Bill accomplish this?
A. Bill can use the command: ip dhcp snooping.
B. Bill can use the command: no ip snoop.
C. Bill could use the command: ip arp no flood.
D. He could use the command: ip arp no snoop.
Answer: A
Q66. - (Topic 2)
Fred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?
A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
B. He can send an IP packet with the SYN bit and the source address of his computer.
C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.
Answer: D
Q67. - (Topic 1)
How do you defend against DHCP Starvation attack?
A. Enable ARP-Block on the switch
B. Enable DHCP snooping on the switch
C. Configure DHCP-BLOCK to 1 on the switch
D. Install DHCP filters on the switch to block this attack
Answer: B
Q68. - (Topic 6)
A distributed port scan operates by:
A. Blocking access to the scanning clients by the targeted host
B. Using denial-of-service software against a range of TCP ports
C. Blocking access to the targeted host by each of the distributed scanning clients
D. Having multiple computers each scan a small number of ports, then correlating the results
Answer: D
Explanation: Think of dDoS (distributed Denial of Service) where you use a large number of computers to create simultaneous traffic against a victim in order to shut them down.
Q69. - (Topic 8)
If you send a SYN to an open port, what is the correct response?(Choose all correct
answers.
A. SYN
B. ACK
C. FIN
D. PSH
Answer: A,B
Explanation: The proper response is a SYN / ACK. This technique is also known as half- open scanning.
Q70. - (Topic 2)
One of the most common and the best way of cracking RSA encryption is to begin to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a process, then the private key can be derived.
A. Factorization
B. Prime Detection
C. Hashing
D. Brute-forcing
Answer: A
Q71. - (Topic 8)
Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.
Which of the following web browser can adequately fill this purpose?
A. Internet Explorer
B. Mozila
C. Lynx
D. Tiger
Answer: C
Explanation: Lynx is a program used to browse the World Wide Web, which works on simple text terminals, rather than requiring a graphical computer display terminal.
Q72. - (Topic 4)
How can rainbow tables be defeated?
A. Password salting
B. Use of non-dictionary words
C. All uppercase character passwords
D. Lockout accounts under brute force password cracking attempts
Answer: A
Q73. - (Topic 5)
Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)
A. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications
B. A reduction in network and application monitoring since all recording will be completed at the SSO system
C. A reduction in system administration overhead since any user login problems can be resolved at the SSO system
D. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point
Answer: A,C
Q74. - (Topic 3)
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
A. Firewall-management policy
B. Acceptable-use policy
C. Remote-access policy
D. Permissive policy
Answer: C
Q75. - (Topic 2)
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.
Ignorant users usually fall prey to this scam. Which of the following statement is incorrect
related to this attack?
A. Do not reply to email messages or popup ads asking for personal or financial information
B. Do not trust telephone numbers in e-mails or popup ads
C. Review credit card and bank account statements regularly
D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
E. Do not send credit card numbers, and personal or financial information via e-mail
Answer: D