CEH-001 GAQM Exam Questions and Free Practice Test

Question 85

- (Topic 7)
When Jason moves a file via NFS over the company's network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?

A. macof

B. webspy

C. filesnarf

D. nfscopy

Correct Answer:C
Filesnarf - sniff files from NFS traffic OPTIONS
-i interface
Specify the interface to listen on.
-v "Versus" mode. Invert thesenseofmatching, to select non-matching files.
Pattern
Specify regular expression for filename matching.
Expression
Specifyatcpdump(8)filter expression to select traffic to sniff.
SEE ALSO
Dsniff, nfsd

Question 86

- (Topic 3)
During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

A. Host

B. Stateful

C. Stateless

D. Application

Correct Answer:C

Question 87

- (Topic 2)
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c
CEH-001 dumps exhibit
What is the hexadecimal value of NOP instruction?

A. 0x60

B. 0x80

C. 0x70

D. 0x90

Correct Answer:D

Question 88

- (Topic 8)
A client has approached you with a penetration test requirements. They are concerned with the possibility of external threat, and have invested considerable resources in protecting their Internet exposure. However, their main concern is the possibility of an employee elevating his/her privileges and gaining access to information outside of their respective department.
What kind of penetration test would you recommend that would best address the client’s concern?

A. A Black Box test

B. A Black Hat test

C. A Grey Box test

D. A Grey Hat test

E. A White Box test

F. A White Hat test

Correct Answer:C

Question 89

- (Topic 3)
Web servers are often the most targeted and attacked hosts on organizations' networks. Attackers may exploit software bugs in the Web server, underlying operating system, or active content to gain unauthorized access.
CEH-001 dumps exhibit
Identify the correct statement related to the above Web Server installation?

A. Lack of proper security policy, procedures and maintenance

B. Bugs in server software, OS and web applications

C. Installing the server with default settings

D. Unpatched security flaws in the server software, OS and applications

Correct Answer:C

Question 90

- (Topic 6)
An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified:
21 ftp
23 telnet
80 http
443 https
What does this suggest?

A. This is a Windows Domain Controller

B. The host is not firewalled

C. The host is not a Linux or Solaris system

D. The host is not properly patched

Correct Answer:C

START CEH-001 EXAM