CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 22)

Page 21 of 220
PDF with 878 Questions

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

  1. Install patches
  2. Setup a backdoor
  3. Install a zombie for DDOS
  4. Cover your tracks

Answer(s): D



Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server.
Which of the following commands extracts the HINFO record?

  1. Option A
  2. Option B
  3. Option C
  4. Option D

Answer(s): A



Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet. He has also read that when an organization deploys a web application, they invite the world to send HTTP requests. Attacks buried in these requests sail past firewalls, filters, platform hardening, SSL, and IDS without notice because they are inside legal HTTP requests. Bret is determined to weed out vulnerabilities.

What are some of the common vulnerabilities in web applications that he should be concerned about?

  1. Non-validated parameters, broken access control, broken account and session management, cross-site scripting and buffer overflows are just a few common vulnerabilities
  2. Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities
  3. No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities
  4. No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities

Answer(s): A



What is War Dialing?

  1. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems
  2. War dialing is a vulnerability scanning technique that penetrates Firewalls
  3. It is a social engineering technique that uses Phone calls to trick victims
  4. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

Answer(s): A






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts