GAQM CPEH-001 Exam Practice Test Instant Access

Question 1

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?

nslookup

> server

> set type =any

> ls -d

AEnables DNS spoofing

BLoads bogus entries into the DNS table

CVerifies zone security

DPerforms a zone transfer

EResets the DNS cache

Answer : D

If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.

Question 2

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

A64 bit and CCMP

B128 bit and CRC

C128 bit and CCMP

D128 bit and TKIP

Answer : C

Question 3

Finding tools to run dictionary and brute forcing attacks against FTP and Web servers is an easy task for hackers. They use tools such as arhontus or brutus to break into remote servers.

A command such as this, will attack a given 10.0.0.34 FTP and Telnet servers simultaneously with a list of passwords and a single login namE. linksys. Many FTP-specific password-guessing tools are also available from major security sites. What defensive measures will you take to protect your network from these attacks?

ANever leave a default password

BNever use a password that can be found in a dictionary

CNever use a password related to your hobbies, pets, relatives, or date of birth.

DUse a word that has more than 21 characters from a dictionary as the password

ENever use a password related to the hostname, domain name, or anything else that can be found with whois

Answer : A, B, C, E

Question 4

A penetration tester is conducting a port scan on a specific host. The testerfound several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the followingis likely to be installed on the target machine by the OS?

Starting NMAP 5.21 at 2011-03-15 11:06

NMAP scan report for 172.16.40.65

Host is up (1.00s latency).

Not shown: 993 closed ports

PORT STATE SERVICE

21/tcp open ftp

23/tcp open telnet

80/tcp open http

139/tcp open netbios-ssn

515/tcp open

631/tcp open ipp

9100/tcp open

MAC Address: 00:00:48:0D:EE:89

AThe host is likely a Windows machine.

BThe host is likely a Linux machine.

CThe host is likely a router.

DThe host is likely a printer.

Answer : D

Question 5

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

AAn attacker, working slowly enough, can evade detection by the IDS.

BNetwork packets are dropped if the volume exceeds the threshold.

CThresholding interferes with the IDS' ability to reassemble fragmented packets.

DThe IDS will not distinguish among packets originating from different sources.

Answer : A

Question 6

Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?

ASpoof Attack

BSmurf Attack

CMan inthe Middle Attack

DTrojan Horse Attack

EBack Orifice Attack

Answer : D, E

To compromise the data, the attack would need to be executed before the encryption takes place at either end of the tunnel. Trojan Horse and Back Orifice attacks both allow for potential data manipulation on host computers. In both cases, the data would be compromised either before encryption or after decryption, so IPsec is not preventing the attack.

Question 7

What type of attack is shown in the following diagram?

AMan-in-the-Middle (MiTM) Attack

BSession Hijacking Attack

CSSL Spoofing Attack

DIdentity Stealing Attack

Answer : A

GAQM Certified Professional Ethical Hacker (CPEH) CPEH-001 Exam Practice Test