New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. GAQM
  3. Information Systems Security
  4. CPEH-001 - Certified Professional Ethical Hacker (CPEH)

CPEH-001 Exam Dumps - Certified Professional Ethical Hacker (CPEH)

Go to page:
Question # 25

Which Type of scan sends a packets with no flags set?

A.

Open Scan

B.

Null Scan

C.

Xmas Scan

D.

Half-Open Scan

Full Access
Question # 26

(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.). Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?

What is odd about this attack? Choose the best answer.

A.

This is not a spoofed packet as the IP stack has increasing numbers for the three flags.

B.

This is back orifice activity as the scan comes from port 31337.

C.

The attacker wants to avoid creating a sub-carries connection that is not normally valid.

D.

These packets were crafted by a tool, they were not created by a standard IP stack.

Full Access
Question # 27

You are about to be hired by a well-known Bank to perform penetration tests. Which of the following documents describes the specifics of the testing, the associated violations, and essentially protects both the bank’s interest and your liabilities as a tester?

A.

Service Level Agreement

B.

Non-Disclosure Agreement

C.

Terms of Engagement

D.

Project Scope

Full Access
Question # 28

Websites and web portals that provide web services commonly use the Simple Object Access Protocol SOAP. Which of the following is an incorrect definition or characteristics in the protocol?

A.

Based on XML

B.

Provides a structured model for messaging

C.

Exchanges data between web services

D.

Only compatible with the application protocol HTTP

Full Access
Question # 29

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

A.

The amount of time it takes to convert biometric data into a template on a smart card.

B.

The amount of time and resources that are necessary to maintain a biometric system.

C.

The amount of time it takes to be either accepted or rejected form when an individual provides Identification and authentication information.

D.

How long it takes to setup individual user accounts.

Full Access
Question # 30

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.

What kind of Web application vulnerability likely exists in their software?

A.

Cross-site scripting vulnerability

B.

Cross-site Request Forgery vulnerability

C.

SQL injection vulnerability

D.

Web site defacement vulnerability

Full Access
Question # 31

A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

A.

Attempts by attackers to access Web sites that trust the Web browser user by stealing the user's authentication credentials.

B.

Attempts by attackers to access the user and password information stored in the company's SQL database.

C.

Attempts by attackers to access passwords stored on the user's computer without the user's knowledge.

D.

Attempts by attackers to determine the user's Web browser usage patterns, including when sites were visited and for how long.

Full Access
Question # 32

Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.

What type of malware has Jesse encountered?

A.

Trojan

B.

Worm

C.

Macro Virus

D.

Key-Logger

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps