New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Pass Using CPEH-001 Exam Dumps

Page: 21 / 27
Question 84

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.

While monitoring the data, you find a high number of outbound connections. You see that IP’s owned by XYZ (Internal) and private IP’s are communicating to a Single Public IP. Therefore, the Internal IP’s are sending data to the Public IP.

After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.

What kind of attack does the above scenario depict?

Options:

A.

Botnet Attack

B.

Spear Phishing Attack

C.

Advanced Persistent Threats

D.

Rootkit Attack

Question 85

You are monitoring the network of your organizations. You notice that:

1. There are huge outbound connections from your Internal Network to External IPs.

2. On further investigation, you see that the External IPs are blacklisted.

3. Some connections are accepted, and some are dropped.

4. You find that it is a CnC communication.

Which of the following solution will you suggest?

Options:

A.

Block the Blacklist IP’s @ Firewall

B.

Update the Latest Signatures on your IDS/IPS

C.

Clean the Malware which are trying to Communicate with the External Blacklist IP’s

D.

Both B and C

Question 86

An attacker scans a host with the below command. Which three flags are set? (Choose three.)

#nmap –sX host.domain.com

Options:

A.

This is ACK scan. ACK flag is set

B.

This is Xmas scan. SYN and ACK flags are set

C.

This is Xmas scan. URG, PUSH and FIN are set

D.

This is SYN scan. SYN flag is set

Question 87

Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?

Options:

A.

Function Testing

B.

Dynamic Testing

C.

Static Testing

D.

Fuzzing Testing

Page: 21 / 27
Exam Code: CPEH-001
Exam Name: Certified Professional Ethical Hacker (CPEH)
Last Update: Dec 27, 2024
Questions: 736
CPEH-001 pdf

CPEH-001 PDF

$25.5  $84.99
CPEH-001 Engine

CPEH-001 Testing Engine

$28.5  $94.99
CPEH-001 PDF + Engine

CPEH-001 PDF + Testing Engine

$40.5  $134.99