CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CPEH-001

Free CPEH-001 Exam Braindumps (page: 54)

Page 54 of 220
PDF with 878 Questions

Bank of Timbuktu is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser. John Stevens is in charge of information security at Bank of Timbuktu. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank's customers had been changed! However, money hasn't been removed from the bank; instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application's logs and found the following entries:



What kind of attack did the Hacker attempt to carry out at the bank?

  1. Brute force attack in which the Hacker attempted guessing login ID and password from password cracking tools.
  2. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason's session.
  3. The Hacker used a generator module to pass results to the Web server and exploited Web application CGI vulnerability.
  4. The Hacker first attempted logins with suspected user names, then used SQL Injection to gain access to valid bank login IDs.

Answer(s): D



WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. How will you stop web spiders from crawling certain directories on your website?

  1. Place robots.txt file in the root of your website with listing of directories that you don't want to be crawled
  2. Place authentication on root directories that will prevent crawling from these spiders
  3. Enable SSL on the restricted directories which will block these spiders from crawling
  4. Place "HTTP:NO CRAWL" on the html pages that you don't want the crawlers to index

Answer(s): A



You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session. Here is the captured data in tcpdump.



What are the next sequence and acknowledgement numbers that the router will send to the victim machine?

  1. Sequence number: 82980070 Acknowledgement number: 17768885
  2. Sequence number: 17768729 Acknowledgement number: 82980070
  3. Sequence number: 87000070 Acknowledgement number: 85320085
  4. Sequence number: 82980010 Acknowledgement number: 17768885

Answer(s): A



Hayden is the network security administrator for her company, a large finance firm based in Miami. Hayden just returned from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established she sends RST packets to those hosts to stop the session. She does this to see how her intrusion detection system will log the traffic.
What type of scan is Hayden attempting here?

  1. Hayden is attempting to find live hosts on her company's network by using an XMAS scan
  2. She is utilizing a SYN scan to find live hosts that are listening on her network
  3. The type of scan, she is using is called a NULL scan
  4. Hayden is using a half-open scan to find live hosts on her network

Answer(s): D



Page 54 of 220



Post your Comments and Discuss GAQM CPEH-001 exam with other Community members:

Mikil commented on December 10, 2024
Great resource
Anonymous
upvote

Michelle commented on December 10, 2024
Great resource
Anonymous
upvote

ArulMani commented on December 10, 2024
It's very useful study for EMT exam
UNITED STATES
upvote

no name commented on December 10, 2024
helpful to recap the course
Anonymous
upvote

none commented on December 10, 2024
very helpful to recall the course
Anonymous
upvote

Sandeep Singh commented on December 10, 2024
All questions are from real exam.
UNITED STATES
upvote

Usman commented on December 10, 2024
It is a great collection but I have noticed that some answers are wrong. For example, it says that correct answer is B but the description of that answer matches with answer A. So it is advisable to read the answer's description as well.
Anonymous
upvote

Anamika commented on December 10, 2024
dumps are good and helpful
UNITED STATES
upvote

santosh k sharma commented on December 10, 2024
A good way to practice
Anonymous
upvote

Faith Egwuenu commented on December 09, 2024
The case studies/questions were very helpful.
Anonymous
upvote

Jaydin commented on December 09, 2024
Think I will do well on test I'm brave confident I swear no hard feelings
UNITED STATES
upvote

Jaydin grimball commented on December 09, 2024
I doing well thinks
UNITED STATES
upvote

Calista Eva commented on December 09, 2024
Good practice
UNITED STATES
upvote

mamatha commented on December 09, 2024
informative
Anonymous
upvote

Mishti commented on December 08, 2024
Preparing for certification
CANADA
upvote

Jbomb commented on December 08, 2024
I'll take the test and report back
KOREA REPUBLIC OF
upvote

Vic commented on December 08, 2024
Interesting answers
CANADA
upvote

Cristina commented on December 08, 2024
good questions
ROMANIA
upvote

kanhaiya kumar commented on December 08, 2024
awsome stuff
Anonymous
upvote

WILLIAM RIBEIRO RODRIGUES commented on December 08, 2024
Amazing place to learning and share knowleg.
BRAZIL
upvote

WILLIAM RIBEIRO RODRIGUES commented on December 08, 2024
Nice place to practice and learning.
BRAZIL
upvote

frans Bauwer commented on December 08, 2024
so far so good
BELGIUM
upvote

Karthick commented on December 08, 2024
@The Magic Beans Please update us after your exam.
SINGAPORE
upvote

HardHead commented on December 08, 2024
I searched for latest free braindumps in Google and I was brought to this site. I eventually bought the full version as the free version is not complete. It was too much money for me but with 50% sale I got 2 exams. Going to write my first exam this coming Monday. I am going to share my result once I write my exam. Stay Tuned!
INDIA
upvote

goku d soojaa commented on December 08, 2024
very important
INDIA
upvote

Johan commented on December 08, 2024
Would also appreciated comments, but this is already a big help
UNITED STATES
upvote

sANJAY commented on December 08, 2024
hARD QUESTIOS
Anonymous
upvote

Uday commented on December 08, 2024
Want to appear for snowpro core
Anonymous
upvote

M commented on December 07, 2024
96 : Answer is D
Anonymous
upvote

marco commented on December 07, 2024
i cant imagine
Anonymous
upvote

Felicia Simley commented on December 07, 2024
i cant download the premium version.. what to do please?
Anonymous
upvote

Felicia Simley commented on December 07, 2024
great questions on this one
Anonymous
upvote

The Magic Beans commented on December 07, 2024
Passed the exam - these questions are similar to the ones in the exam (some of these questions are very similar to the ones in the exam but there were questions in the exam way complicated than this). One of the labs (question 77) in these questions came up in my exam. The questions in the exam are tricky make sure you understand each concept in the exam objectives.
UNITED STATES
upvote

Asma commented on December 07, 2024
It would be better to have an explanation while revealing the solution
Anonymous
upvote