CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 43)

Page 42 of 220
PDF with 878 Questions

This is an example of whois record.



Sometimes a company shares a little too much information on their organization through public domain records. Based on the above whois record, what can an attacker do? (Select 2 answers)

  1. Search engines like Google, Bing will expose information listed on the WHOIS record
  2. An attacker can attempt phishing and social engineering on targeted individuals using the information from WHOIS record
  3. Spammers can send unsolicited e-mails to addresses listed in the WHOIS record
  4. IRS Agents will use this information to track individuals using the WHOIS record information

Answer(s): B,C



Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others.

Neil knows that he has an up-to- date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

  1. They are using UDP that is always authorized at the firewall
  2. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended
  3. They have been able to compromise the firewall, modify the rules, and give themselves proper access
  4. They are using an older version of Internet Explorer that allow them to bypass the proxy server

Answer(s): B



In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.


Ignorant users usually fall prey to this scam. Which of the following statement is incorrect
related to this attack?

  1. Do not reply to email messages or popup ads asking for personal or financial information
  2. Do not trust telephone numbers in e-mails or popup ads
  3. Review credit card and bank account statements regularly
  4. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
  5. Do not send credit card numbers, and personal or financial information via e-mail

Answer(s): D



Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

  1. Take over the session
  2. Reverse sequence prediction
  3. Guess the sequence numbers
  4. Take one of the parties offline

Answer(s): C






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts