Free CEH-001 Exam Braindumps (page: 48)

Page 47 of 220

Take a look at the following attack on a Web Server using obstructed URL:



How would you protect from these attacks?

  1. Configure the Web Server to deny requests involving "hex encoded" characters
  2. Create rules in IDS to alert on strange Unicode requests
  3. Use SSL authentication on Web Servers
  4. Enable Active Scripts Detection at the firewall and routers

Answer(s): B



Which type of sniffing technique is generally referred as MiTM attack?

  1. Password Sniffing
  2. ARP Poisoning
  3. Mac Flooding
  4. DHCP Sniffing

Answer(s): B

Explanation:

ARP poisoning is the closest value to the right answer because ARP spoofing, also known as ARP flooding, ARP poisoning or ARP poison routing (APR), is a technique used to attack a local-area network (LAN). ARP spoofing may allow an attacker to interceptdata frames on a LAN, modify the traffic, or stop the traffic altogether. The attack can only be used on networks that make use of the Address Resolution Protocol (ARP) and not another method of address resolution.



Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.



In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

  1. Switch then acts as hub by broadcasting packets to all machines on the network
  2. The CAM overflow table will cause the switch to crash causing Denial of Service
  3. The switch replaces outgoing frame switch factory default MAC address of
    FF:FF:FF:FF:FF:FF
  4. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Answer(s): A



You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion
detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

  1. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
  2. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
  3. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
  4. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Answer(s): A






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Discussions & Posts