Free CEH-001 Exam Braindumps (page: 42)

Page 41 of 220

A digital signature is simply a message that is encrypted with the public key instead of the private key.

  1. true
  2. false

Answer(s): B



Blane is a network security analyst for his company. From an outside IP, Blane performs an XMAS scan using Nmap. Almost every port scanned does not illicit a response. What can he infer from this kind of response?

  1. These ports are open because they do not illicit a response.
  2. He can tell that these ports are in stealth mode.
  3. If a port does not respond to an XMAS scan using NMAP, that port is closed.
  4. The scan was not performed correctly using NMAP since all ports, no matter what their state, will illicit some sort of response from an XMAS scan.

Answer(s): A



In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR.
These flags have decimal numbers assigned to them:

FIN = 1
SYN = 2
RST = 4
PSH = 8
ACK = 16
URG = 32
ECE = 64
CWR =128

Example: To calculate SYN/ACK flag decimal value, add 2 (which is the decimal value of
the SYN flag) to 16 (which is the decimal value of the ACK flag), so the result would be 18.
Based on the above calculation, what is the decimal value for XMAS scan?

  1. 23
  2. 24
  3. 41
  4. 64

Answer(s): C



A simple compiler technique used by programmers is to add a terminator 'canary word' containing four letters NULL (0x00), CR (0x0d), LF (0x0a) and EOF (0xff) so that most string operations are terminated. If the canary word has been altered when the function returns, and the program responds by emitting an intruder alert into syslog, and then halts what does it indicate?

  1. A buffer overflow attack has been attempted
  2. A buffer overflow attack has already occurred
  3. A firewall has been breached and this is logged
  4. An intrusion detection system has been triggered
  5. The system has crashed

Answer(s): A






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts