GAQM CPEH-001 Exam Questions Instant Access

Question 1

You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7. Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online. What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

AYou should have used 3DES which is built into Windows

BIf you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

CYou should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

DYou could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

Answer : D

Question 2

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool ''SIDExtractor''. Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

AJohn

BRebecca

CSheela

DShawn

ESomia

FChang

GMicah

Answer : F

The SID of the built-in administrator will always follow this example: S-1-5-domain-500

Question 3

Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

ASnort

Bargus

CTCPflow

DTcpdump

Answer : C

Tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.

Question 4

Which of the statements concerning proxy firewalls is correct?

AProxy firewalls increase the speed and functionality of a network.

BFirewall proxy servers decentralize all activity for an application.

CProxy firewalls block network packets from passing to and from a protected network.

DComputers establish a connection with a proxy firewall which initiates a new network connection for the client.

Answer : D

Question 5

What does a type 3 code 13 represent?(Choose two.

AEcho request

BDestination unreachable

CNetwork unreachable

DAdministratively prohibited

EPort unreachable

FTime exceeded

Answer : B, D

Type 3 code 13 is destination unreachable administratively prohibited. This type of message is typically returned from a device blocking a port.

Question 6

Whichtypes of detection methods are employed by Network Intrusion Detection Systems (NIDS)? (Choose two.)

ASignature

BAnomaly

CPassive

DReactive

Answer : A, B

Question 7

Which of the following represent weak password? (Select 2 answers)

APasswords that contain letters, special characters, and numbers ExamplE. ap1$%##f@52

BPasswords that contain only numbers ExamplE. 23698217

CPasswords that contain only special characters ExamplE. &*#@!(%)

DPasswords that contain letters and numbers ExamplE. meerdfget123

EPasswords that contain only letters ExamplE. QWERTYKLRTY

FPasswords that contain only special characters and numbers ExamplE. 123@$45

GPasswords that contain only letters and special characters ExamplE. bob@&ba

HPasswords that contain Uppercase/Lowercase from a dictionary list ExamplE. OrAnGe

Answer : E, H

GAQM Certified Professional Ethical Hacker (CPEH) CPEH-001 Exam Questions