CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CPEH-001

Free CPEH-001 Exam Braindumps (page: 9)

Page 8 of 220
PDF with 878 Questions

How do you defend against DHCP Starvation attack?

  1. Enable ARP-Block on the switch
  2. Enable DHCP snooping on the switch
  3. Configure DHCP-BLOCK to 1 on the switch
  4. Install DHCP filters on the switch to block this attack

Answer(s): B



What type of session hijacking attack is shown in the exhibit?

  1. Cross-site scripting Attack
  2. SQL Injection Attack
  3. Token sniffing Attack
  4. Session Fixation Attack

Answer(s): D



The SYN flood attack sends TCP connections requests faster than a machine can process them. · Attacker creates a random source address for each packet · SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
· Victim responds to spoofed IP address, then waits for confirmation that never arrives (timeout wait is about 3 minutes)
· Victim's connection table fills up waiting for replies and ignores new connections · Legitimate users are ignored and will not be able to access the server How do you protect your network against SYN Flood attacks?

  1. SYN cookies. Instead of allocating a record, send a SYN-ACK with a carefully constructed sequence number generated as a hash of the clients IP address, port number, and other information.
    When the client responds with a normal ACK, that special sequence number will be included, which the server then verifies. Thus, the server first allocates memory on the third packet of the handshake, not the first.
  2. RST cookies - The server sends a wrong SYN/ACK back to the client. The client should then generate a RST packet telling the server that something is wrong. At this point, the server knows the client is valid and will now accept incoming connections from that client normally
  3. Check the incoming packet's IP address with the SPAM database on the Internet and enable the filter using ACLs at the Firewall
  4. Stack Tweaking. TCP stacks can be tweaked in order to reduce the effect of SYN floods. Reduce the timeout before a stack frees up the memory allocated for a connection
  5. Micro Blocks. Instead of allocating a complete connection, simply allocate a micro record of 16- bytes for the incoming SYN object

Answer(s): A,B,D,E



What type of port scan is shown below?

  1. Idle Scan
  2. FIN Scan
  3. XMAS Scan
  4. Windows Scan

Answer(s): B






Post your Comments and Discuss GAQM CPEH-001 exam with other Community members:

CPEH-001 Discussions & Posts