1. Home
  2. GAQM
  3. Information Systems Security
  4. CPEH-001
  5. Certified Professional Ethical Hacker (CPEH) Questions and Answers

Pass the GAQM Information Systems Security CPEH-001 Questions and answers with CertsForce

 GAQM Exams      Go to Exam Detail      Get Premium Access
Viewing page 14 out of 15 pages
Viewing questions 196-210 out of questions
Questions # 196:

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

Options:
A.

Use port security on his switches.

B.

Use a tool like ARPwatch to monitor for strange ARP activity.

C.

Use a firewall between all LAN segments.

D.

If you have a small network, use static ARP entries.

E.

Use only static IP addresses on all PC's.

Expert Solution
Questions # 197:

During an Xmas scan what indicates a port is closed?

Options:
A.

No return response

B.

RST

C.

ACK

D.

SYN

Expert Solution
Questions # 198:

What port number is used by LDAP protocol?

Options:
A.

110

B.

389

C.

464

D.

445

Expert Solution
Questions # 199:

In Trojan terminology, what is a covert channel?

Question # 199

Options:
A.

A channel that transfers information within a computer system or network in a way that violates the security policy

B.

A legitimate communication path within a computer system or network for transfer of data

C.

It is a kernel operation that hides boot processes and services to mask detection

D.

It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Expert Solution
Questions # 200:

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.

You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.

In other words, you are trying to penetrate an otherwise impenetrable system.

How would you proceed?

Options:
A.

Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network

B.

Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information

C.

Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"

D.

Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Expert Solution
Questions # 201:

A zone file consists of which of the following Resource Records (RRs)?

Options:
A.

DNS, NS, AXFR, and MX records

B.

DNS, NS, PTR, and MX records

C.

SOA, NS, AXFR, and MX records

D.

SOA, NS, A, and MX records

Expert Solution
Questions # 202:

How does a denial-of-service attack work?

Options:
A.

A hacker prevents a legitimate user (or group of users) from accessing a service

B.

A hacker uses every character, word, or letter he or she can think of to defeat authentication

C.

A hacker tries to decipher a password by using a system, which subsequently crashes the network

D.

A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Expert Solution
Questions # 203:

ViruXine.W32 virus hides their presence by changing the underlying executable code.

This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Question # 203

Here is a section of the Virus code:

Question # 203

What is this technique called?

Options:
A.

Polymorphic Virus

B.

Metamorphic Virus

C.

Dravidic Virus

D.

Stealth Virus

Expert Solution
Questions # 204:

What is GINA?

Options:
A.

Gateway Interface Network Application

B.

GUI Installed Network Application CLASS

C.

Global Internet National Authority (G-USA)

D.

Graphical Identification and Authentication DLL

Expert Solution
Questions # 205:

What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

Options:
A.

Copy the system files from a known good system

B.

Perform a trap and trace

C.

Delete the files and try to determine the source

D.

Reload from a previous backup

E.

Reload from known good media

Expert Solution
Questions # 206:

Which of the following statements about a zone transfer is correct? (Choose three.)

Options:
A.

A zone transfer is accomplished with the DNS

B.

A zone transfer is accomplished with the nslookup service

C.

A zone transfer passes all zone information that a DNS server maintains

D.

A zone transfer passes all zone information that a nslookup server maintains

E.

A zone transfer can be prevented by blocking all inbound TCP port 53 connections

F.

Zone transfers cannot occur on the Internet

Expert Solution
Questions # 207:

Which utility will tell you in real time which ports are listening or in another state?

Options:
A.

Netstat

B.

TCPView

C.

Nmap

D.

Loki

Expert Solution
Questions # 208:

What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the premiers environment-

Options:
A.

VCloud based

B.

Honypot based

C.

Behaviour based

D.

Heuristics based

Expert Solution
Questions # 209:

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap -Pn -p- -si kiosk.adobe.com www.riaa.com. kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-si" with Nmap?

Options:
A.

Conduct stealth scan

B.

Conduct ICMP scan

C.

Conduct IDLE scan

D.

Conduct silent scan

Expert Solution
Questions # 210:

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.

What would Yancey be considered?

Options:
A.

Yancey would be considered a Suicide Hacker

B.

Since he does not care about going to jail, he would be considered a Black Hat

C.

Because Yancey works for the company currently; he would be a White Hat

D.

Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Expert Solution
Viewing page 14 out of 15 pages
Viewing questions 196-210 out of questions