CEH-001 GAQM Exam Questions and Free Practice Test

Question 49

- (Topic 6)
What flags are set in a X-MAS scan?(Choose all that apply.

A. SYN

B. ACK

C. FIN

D. PSH

E. RST

F. URG

Correct Answer:CDF
FIN, URG, and PSH are set high in the TCP packet for a X-MAS scan

Question 50

- (Topic 3)
An attacker is attempting to telnet into a corporation's system in the DMZ. The attacker doesn't want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is
actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?

A. The firewall is blocking port 23 to that system

B. He needs to use an automated tool to telnet in

C. He cannot spoof his IP and successfully use TCP

D. He is attacking an operating system that does not reply to telnet even when open

Correct Answer:C

Question 51

- (Topic 3)
Blake is in charge of securing all 20 of his company's servers. He has enabled hardware and software firewalls, hardened the operating systems, and disabled all unnecessary services on all the servers. Unfortunately, there is proprietary AS400 emulation software that must run on one of the servers that requires the telnet service to function properly. Blake is especially concerned about this since telnet can be a very large security risk in an organization. Blake is concerned about how this particular server might look to an outside attacker so he decides to perform some footprinting, scanning, and penetration tests on the server. Blake telnets into the server using Port 80 and types in the following command:
HEAD / HTTP/1.0
After pressing enter twice, Blake gets the following results: What has Blake just accomplished?
CEH-001 dumps exhibit

A. Downloaded a file to his local computer

B. Submitted a remote command to crash the server

C. Poisoned the local DNS cache of the server

D. Grabbed the Operating System banner

Correct Answer:D

Question 52

- (Topic 1)
You want to hide a secret.txt document inside c:windowssystem32tcpip.dll kernel library using ADS streams. How will you accomplish this?

A. copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt

B. copy secret.txt c:\windows\system32\tcpip.dll:secret.txt

C. copy secret.txt c:\windows\system32\tcpip.dll |secret.txt

D. copy secret.txt >< c:\windows\system32\tcpip.dll kernel secret.txt

Correct Answer:B

Question 53

- (Topic 2)
Study the snort rule given below and interpret the rule.
alert tcp any any --> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; msG. "mountd access";)

A. An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111

B. An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet

C. An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet

D. An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

Correct Answer:D

Question 54

- (Topic 8)
Bubba has just accessed he preferred ecommerce web site and has spotted an item that he would like to buy. Bubba considers the price a bit too steep. He looks at the source code of the webpage and decides to save the page locally, so that he can modify the page variables. In the context of web application security, what do you think Bubba has changes?

A. A hidden form field value.

B. A hidden price value.

C. An integer variable.

D. A page cannot be changed locally, as it is served by a web server.

Correct Answer:A

START CEH-001 EXAM