GAQM CPEH-001 Exam Practice Test Instant Access

Question 1

You want to perform advanced SQL Injection attack against a vulnerable website. You are unable to perform command shell hacks on this server. What must be enabled in SQL Server to launch these attacks?

ASystem services

BEXEC master access

Cxp_cmdshell

DRDC

Answer : C

Question 2

Bob, an Administrator at XYZ was furious when he discovered that his buddy Trent, has launched a session hijack attack against his network, and sniffed on his communication, including administrative tasks suck as configuring routers, firewalls, IDS, via Telnet. Bob, being an unhappy administrator, seeks your help to assist him in ensuring that attackers such as Trent will not be able to launch a session hijack in XYZ. Based on the above scenario, please choose which would be your corrective measurement actions. (Choose two)

AUse encrypted protocols, like those found in the OpenSSH suite.

BImplement FAT32 filesystem for faster indexing and improved performance.

CConfigure the appropriate spoof rules on gateways (internal and external).

DMonitor for CRP caches, by using IDS products.

Answer : A, C

First you should encrypt the data passed between the parties; in particular the session key. This technique is widely relied-upon by web-based banks and other e-commerce services, because it completely prevents sniffing-style attacks. However, it could still be possible to perform some other kind of session hijack. By configuring the appropriate spoof rules you prevent the attacker from using the same IP address as the victim as thus you can implement secondary check to see that the IP does not change in the middle of the session.

Question 3

While checking the settings on the internet browser, a technician finds that the proxy server settings have been checked anda computer is trying to use itself as a proxy server. What specific octet within the subnet does the technician see?

A10.10.10.10

B127.0.0.1

C192.168.1.1

D192.168.168.168

Answer : B

Question 4

Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?

ASHA-1

BMD5

CHAVAL

DMD4

Answer : A

Question 5

Which of the following display filters will you enable in Ethereal to view the three-way handshake for a connection from host 192.168.0.1?

Aip == 192.168.0.1 and tcp.syn

Bip.addr = 192.168.0.1 and syn = 1

Cip.addr==192.168.0.1 and tcp.flags.syn

Dip.equals 192.168.0.1 and syn.equals on

Answer : C

Question 6

What is the proper response for a X-MAS scan if the port is closed?

ASYN

BACK

CFIN

DPSH

ERST

FNo response

Answer : E

Closed ports respond to a X-MAS scan with a RST.

Question 7

One way to defeat a multi-level security solution is to leak data via

Aa bypass regulator.

Bsteganography.

Ca covert channel.

Dasymmetric routing.

Answer : C

GAQM CPEH-001 Certified Professional Ethical Hacker (CPEH) Exam Practice Test