CPEH-001 Exam Dumps - Certified Professional Ethical Hacker (CPEH)

Go to page:

<< First
Prev
3
4
5
6
7
8
9
10
11
12
Next
Last >>

Question # 57

The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%).

What is the closest approximate cost of this replacement and recovery operation per year?

$146

$1320

$440

$100

Full Access

Question # 58

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?

Network-based IDS

Firewall

Proxy

Host-based IDS

Full Access

Question # 59

An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses.

In which order should he perform these steps?

The sequence does not matter. Both steps have to be performed against all hosts.

First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests.

First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time.

The port scan alone is adequate. This way he saves time.

Full Access

Question # 60

Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:

What is she trying to achieve?

She is encrypting the file.

She is using John the Ripper to view the contents of the file.

She is using ftp to transfer the file to another hacker named John.

She is using John the Ripper to crack the passwords in the secret.txt file.

Full Access

Question # 61

Which of the following security operations is used for determining the attack surface of an organization?

Running a network scan to detect network services in the corporate DMZ

Training employees on the security policy regarding social engineering

Reviewing the need for a security clearance for each employee

Using configuration management to determine when and where to apply security patches

Full Access

Question # 62

What is correct about digital signatures?

A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.

Digital signatures may be used in different documents of the same type.

A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.

Digital signatures are issued once for each user and can be used everywhere until they expire.

Full Access

Question # 63

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

User Access Control (UAC)

Data Execution Prevention (DEP)

Address Space Layout Randomization (ASLR)

Windows firewall

Full Access

Question # 64

Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?

A race condition is being exploited, and the operating system is containing the malicious process.

A page fault is occurring, which forces the operating system to write data from the hard drive.

Malware is executing in either ROM or a cache memory area.

Malicious code is attempting to execute instruction in a non-executable memory region.

Full Access

Go to page: