GAQM CPEH-001 Exam Questions Instant Access

Question 1

Which definition among those given below best describes a covert channel?

AA server program using a port that is not well known.

BMaking use of a protocol in a way it is not intended to be used.

CIt is the multiplexing taking place on a communication link.

DIt is one of the weak channels used by WEP which makes it insecure.

Answer : B

A covert channel is described as: 'any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy.' Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.

Question 2

Which one of the following network attacks takes advantages of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

ATeardrop

BSmurf

CPing of Death

DSYN flood

ESNMP Attack

Answer : A

The teardrop attack uses overlapping packet fragments to confuse a target system and cause the system to reboot or crash.

Question 3

_________ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.

AMandatory Access Control

BAuthorized Access Control

CRole-based Access Control

DDiscretionary Access Control

Answer : A

In computer security, mandatory access control (MAC) is a kind of access control, defined by the TCSEC as 'a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity.'

Question 4

Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

AVendors MAC address assignment is published on the Internet.

BThe MAC address is not a real random number.

CThe MAC address is broadcasted and can be captured by a sniffer.

DThe MAC address is used properly only on Macintosh computers.

Answer : C

Question 5

Peter is a Linux network admin. As a knowledgeable security consultant, he turns to you to look for help on a firewall. He wants to use Linux as his firewall and use the latest freely available version that is offered. What do you recommend?Select the best answer.

AIpchains

BIptables

CCheckpoint FW for Linux

DIpfwadm
Explanations:
Ipchains was improved over ipfwadm with its chaining mechanism so that it can have multiple rulesets. However, it isn't the latest version of a free Linux firewall. Iptables replaced ipchains and is the latest of the free Linux firewall tools. Any Checkpoint firewall is not going to meet Jason's desire to have a free firewall. Ipfwadm is used to build Linux firewall rules prior to 2.2.0. It is a outdated version.

Answer : B

Question 6

User which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?

A18 U.S.C 1029 Possession of Access Devices

B18 U.S.C 1030 Fraud and related activity in connection with computers

C18 U.S.C 1343 Fraud by wire, radio or television

D18 U.S.C 1361 Injury to Government Property

E18 U.S.C 1362 Government communication systems

F18 U.S.C 1831 Economic Espionage Act

G18 U.S.C 1832 Trade Secrets Act

Answer : B

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html

Question 7

You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website?

AThrough Google searching cached files

BThrough Archive.org

CDownload the website and crawl it

DVisit customers' and prtners' websites

Answer : B

Archive.org mirrors websites and categorizes them by date and month depending on the crawl time. Archive.org dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect becausethat's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, archive.org

GAQM Certified Professional Ethical Hacker (CPEH) CPEH-001 Exam Questions