CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

Free CEH-001 Exam Braindumps (page: 90)

Page 89 of 220
PDF with 878 Questions

A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester consider using?

  1. Spoofing an IP address
  2. Tunneling scan over SSH
  3. Tunneling over high port numbers
  4. Scanning using fragmented IP packets

Answer(s): B



A circuit level gateway works at which of the following layers of the OSI Model?

  1. Layer 5 - Application
  2. Layer 4 ­ TCP
  3. Layer 3 ­ Internet protocol
  4. Layer 2 ­ Data link

Answer(s): B



Which of the following lists are valid data-gathering activities associated with a risk assessment?

  1. Threat identification, vulnerability identification, control analysis
  2. Threat identification, response identification, mitigation identification
  3. Attack profile, defense profile, loss profile
  4. System profile, vulnerability identification, security determination

Answer(s): A



A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?

  1. Implementing server-side PKI certificates for all connections
  2. Mandating only client-side PKI certificates for all connections
  3. Requiring client and server PKI certificates for all connections
  4. Requiring strong authentication for all DNS queries

Answer(s): C






Post your Comments and Discuss GAQM CEH-001 exam with other Community members:

CEH-001 Exam Discussions & Posts