Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

GAQM CEH-001 Exam Questions
Certified Ethical Hacker (CEH) (Page 17 )

Updated On: 24-Feb-2026
Page 17 of 177
PDF with 878 Questions

Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours' time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet.
But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule.
Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder's attempts.
Samuel wants to completely block hackers brute force attempts on his network.

What are the alternatives to defending against possible brute-force password attacks on his site?

  1. Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users
  2. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the Firewall manually
  3. Enforce complex password policy on your network so that passwords are more difficult to brute force
  4. You cannot completely block the intruders attempt if they constantly switch proxies

Answer(s): D



What type of Trojan is this?

  1. RAT Trojan
  2. E-Mail Trojan
  3. Defacement Trojan
  4. Destructing Trojan
  5. Denial of Service Trojan

Answer(s): C



Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security.
Maintaining the security of a Web server will usually involve the following steps:

1. Configuring, protecting, and analyzing log files
2. Backing up critical information frequently
3. Maintaining a protected authoritative copy of the organization's Web content
4. Establishing and following procedures for recovering from compromise
5. Testing and applying patches in a timely manner
6. Testing security periodically.
In which step would you engage a forensic investigator?

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6

Answer(s): D



In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?

  1. EEP
  2. ESP
  3. EAP
  4. EIP

Answer(s): D



Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web Server.

User-agent: *
Disallow: /images/
Disallow: /banners/
Disallow: /Forms/
Disallow: /Dictionary/
Disallow: /_borders/
Disallow: /_fpclass/
Disallow: /_overlay/
Disallow: /_private/
Disallow: /_themes/

What is the name of this file?

  1. robots.txt
  2. search.txt
  3. blocklist.txt
  4. spf.txt

Answer(s): A






Post your Comments and Discuss GAQM CEH-001 exam dumps with other Community members:

Join the CEH-001 Discussion