New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Download Full Version CEH-001 GAQM Exam

Page: 32 / 32
Question 128

You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?

Options:

A.

Ping packets cannot bypass firewalls

B.

You must use ping 10.2.3.4 switch

C.

Hping2 uses stealth TCP packets to connect

D.

Hping2 uses TCP instead of ICMP by default

Question 129

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

Options:

A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

Question 130

In the software security development life cyle process, threat modeling occurs in which phase?

Options:

A.

Design

B.

Requirements

C.

Verification

D.

Implementation

Question 131

Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'

What will the SQL statement accomplish?

Options:

A.

If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin

B.

This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com

C.

This Select SQL statement will log James in if there are any users with NULL passwords

D.

James will be able to see if there are any default user accounts in the SQL database

Page: 32 / 32
Exam Code: CEH-001
Exam Name: Certified Ethical Hacker (CEH)
Last Update: Dec 22, 2024
Questions: 878
CEH-001 pdf

CEH-001 PDF

$25.5  $84.99
CEH-001 Engine

CEH-001 Testing Engine

$28.5  $94.99
CEH-001 PDF + Engine

CEH-001 PDF + Testing Engine

$40.5  $134.99