CEH-001 Practice Questions

A.  

He can use SNMPv3

B.  

Jake can use SNMPrev5

C.  

He can use SecWMI

D.  

Jake can use SecSNMP

A.  

Configure routers to restrict the responses to Footprinting requests

B.  

Configure Web Servers to avoid information leakage and disable unwanted protocols

C.  

Lock the ports with suitable Firewall configuration

D.  

Use an IDS that can be configured to refuse suspicious traffic and pick up Footprinting patterns

E.  

Evaluate the information before publishing it on the Website/Intranet

F.  

Monitor every employee computer with Spy cameras, keyloggers and spy on them

G.  

Perform Footprinting techniques and remove any sensitive information found on DMZ sites

A.  

Social engineering

B.  

Network traffic sniffing

C.  

Man in the middle attacks

D.  

Publicly accessible sources

A.  

Port Security

B.  

IPSec Encryption

C.  

Network Admission Control (NAC)

D.  

802.1q Port Based Authentication

E.  

802.1x Port Based Authentication

F.  

Intrusion Detection System (IDS)

A.  

Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus

B.  

Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus

C.  

No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program

D.  

No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus

A.  

18 U.S.C 1029 Possession of Access Devices

B.  

18 U.S.C 1030 Fraud and related activity in connection with computers

C.  

18 U.S.C 1343 Fraud by wire, radio or television

D.  

18 U.S.C 1361 Injury to Government Property

E.  

18 U.S.C 1362 Government communication systems

F.  

18 U.S.C 1831 Economic Espionage Act

G.  

18 U.S.C 1832 Trade Secrets Act

A.  

The system is a windows system which is being scanned unsuccessfully.

B.  

The system is a web application server compromised through SQL injection.

C.  

The system has been compromised and backdoored by the attacker.

D.  

The actual IP of the successful attacker is 24.9.255.53.

A.  

The ethical hacker does not use the same techniques or skills as a cracker.

B.  

The ethical hacker does it strictly for financial motives unlike a cracker.

C.  

The ethical hacker has authorization from the owner of the target.

D.  

The ethical hacker is just a cracker who is getting paid.

A.  

The systems have all ports open.

B.  

The systems are running a host based IDS.

C.  

The systems are web servers.

D.  

The systems are running Windows.

A.  

It is cool, and if it works in the movies it must work in real life.

B.  

It allows circumvention of protection mechanisms by being on the internal network.

C.  

It allows circumvention of the company PBX.

D.  

A good security tester would not use such a derelict technique.