Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
MuleSoft
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 18)

Page 18 of 221
PDF with 878 Questions

Which Steganography technique uses Whitespace to hide secret messages?

  1. snow
  2. beetle
  3. magnet
  4. cat

Answer(s): A



Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine, by "spoofing" the IP address of that machine.
How would you detect IP spoofing?

  1. Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet
  2. Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet, if the connection completes then it is a spoofed packet
  3. Turn on 'Enable Spoofed IP Detection' in Wireshark, you will see a flag tick if the packet is spoofed
  4. Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet

Answer(s): D



David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

  1. David can block port 125 at the firewall.
  2. David can block all EHLO requests that originate from inside the office.
  3. David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.
  4. David can block port 110 to block all POP3 traffic.

Answer(s): D



You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'?

  1. display==facebook
  2. traffic.content==facebook
  3. tcp contains facebook
  4. list.display.facebook

Answer(s): C






Post your Comments and Discuss GAQM CEH-001 exam prep with other Community members: