CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 4)

Page 3 of 220
PDF with 878 Questions

Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe.
What kind of attack is being illustrated here?

  1. Reverse Psychology
  2. Reverse Engineering
  3. Social Engineering
  4. Spoofing Identity
  5. Faking Identity

Answer(s): C



How do you defend against ARP Spoofing? Select three.

  1. Use ARPWALL system and block ARP spoofing attacks
  2. Tune IDS Sensors to look for large amount of ARP traffic on local subnets
  3. Use private VLANS
  4. Place static ARP entries on servers, workstation and routers

Answer(s): A,C,D

Explanation:

ARPwall is used in protecting against ARP spoofing.
Incorrect answer:

IDS option may works fine in case of monitoring the traffic from outside the network but not from internal hosts.



TCP SYN Flood attack uses the three-way handshake mechanism.

1. An attacker at system A sends a SYN packet to victim at system B.

2. System B sends a SYN/ACK packet to victim A.

3. As a normal three-way handshake mechanism system A should send an ACK packet to
system B, however, system A does not send an ACK packet to system B. In this case client
B is waiting for an ACK packet from client A.

This status of client B is called _________________

  1. "half-closed"
  2. "half open"
  3. "full-open"
  4. "xmas-open"

Answer(s): B



Lori is a Certified Ethical Hacker as well as a Certified Hacking Forensics Investigator working as an IT security consultant. Lori has been hired on by Kiley Innovators, a large marketing firm that recently underwent a string of thefts and corporate espionage incidents. Lori is told that a rival marketing company came out with an exact duplicate product right before Kiley Innovators was about to release it. The executive team believes that an employee is leaking information to the rival company. Lori questions all employees, reviews server logs, and firewall logs; after which she finds nothing. Lori is then given permission to search through the corporate email system. She searches by email being sent to and sent from the rival marketing company.
She finds one employee that appears to be sending very large email to this other marketing company, even though they should have no reason to be communicating with them. Lori tracks down the actual emails sent and upon opening them, only finds picture files attached to them. These files seem perfectly harmless, usually containing some kind of joke. Lori decides to use some special software to further examine the pictures and finds that each one had hidden text that was stored in each picture.
What technique was used by the Kiley Innovators employee to send information to the rival marketing company?

  1. The Kiley Innovators employee used cryptography to hide the information in the emails sent
  2. The method used by the employee to hide the information was logical watermarking
  3. The employee used steganography to hide information in the picture attachments
  4. By using the pictures to hide information, the employee utilized picture fuzzing

Answer(s): C






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts