CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 37)

Page 36 of 220
PDF with 878 Questions

In which location, SAM hash passwords are stored in Windows 7?

  1. c:\windows\system32\config\SAM
  2. c:\winnt\system32\machine\SAM
  3. c:\windows\etc\drivers\SAM
  4. c:\windows\config\etc\SAM

Answer(s): A



File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

  1. Use disable-eXchange
  2. Use mod_negotiation
  3. Use Stop_Files
  4. Use Lib_exchanges

Answer(s): B



Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threats, but it does not secure the application from coding errors. It can provide data privacy; integrity and enable strong authentication but it cannot mitigate programming errors. What is a good example of a programming error that Bob can use to explain to the management how encryption will not address all their security concerns?

  1. Bob can explain that using a weak key management technique is a form of programming error
  2. Bob can explain that using passwords to derive cryptographic keys is a form of a programming error
  3. Bob can explain that a buffer overflow is an example of programming error and it is a common mistake associated with poor programming technique
  4. Bob can explain that a random number generator can be used to derive cryptographic keys but it uses a weak seed value and this is a form of a programming error

Answer(s): A



Finding tools to run dictionary and brute forcing attacks against FTP and Web servers is an easy task for hackers. They use tools such as arhontus or brutus to break into remote servers.



A command such as this, will attack a given 10.0.0.34 FTP and Telnet servers simultaneously with a list of passwords and a single login name. linksys. Many FTP- specific password-guessing tools are also available from major security sites.
What defensive measures will you take to protect your network from these attacks?

  1. Never leave a default password
  2. Never use a password that can be found in a dictionary
  3. Never use a password related to your hobbies, pets, relatives, or date of birth.
  4. Use a word that has more than 21 characters from a dictionary as the password
  5. Never use a password related to the hostname, domain name, or anything else that can be found with whois

Answer(s): A,B,C,E






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts