CPEH-001 Exam Dumps - Certified Professional Ethical Hacker (CPEH)

Go to page:

<< First
Prev
5
6
7
8
9
10
11
12
13
14
Next
Last >>

Question # 73

Fred is the network administrator for his company. Fred is testing an internal switch.

From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.

He can send an IP packet with the SYN bit and the source address of his computer.

Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Full Access

Question # 74

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.

If these switches' ARP cache is successfully flooded, what will be the result?

The switches will drop into hub mode if the ARP cache is successfully flooded.

If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.

Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.

The switches will route all traffic to the broadcast address created collisions.

Full Access

Question # 75

During an Xmas scan what indicates a port is closed?

No return response

RST

ACK

SYN

Full Access

Question # 76

What does the following command in netcat do?

nc -l -u -p55555 < /etc/passwd

logs the incoming connections to /etc/passwd file

loads the /etc/passwd file to the UDP port 55555

grabs the /etc/passwd file when connected to UDP port 55555

deletes the /etc/passwd file when connected to the UDP port 55555

Full Access

Question # 77

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

Nikto

Nmap

Metasploit

Armitage

Full Access

Question # 78

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

To determine who is the holder of the root account

To perform a DoS

To create needless SPAM

To illicit a response back that will reveal information about email servers and how they treat undeliverable mail

To test for virus protection

Full Access

Question # 79

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

USER, NICK

USER, PASS

Full Access

Question # 80

You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software.

Dear valued customers,

We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your antivirus code:

or you may contact us at the following address:

Media Internet Consultants, Edif. Neptuno, Planta

Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a Panama

How will you determine if this is Real Anti-Virus or Fake Anti-Virus website?

Look at the website design, if it looks professional then it is a Real Anti-Virus website

Connect to the site using SSL, if you are successful then the website is genuine

Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site

Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

Full Access

Go to page: