Pass Using CPEH-001 Exam Dumps

Page: 21 / 27

Question 84

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.

While monitoring the data, you find a high number of outbound connections. You see that IP’s owned by XYZ (Internal) and private IP’s are communicating to a Single Public IP. Therefore, the Internal IP’s are sending data to the Public IP.

After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.

What kind of attack does the above scenario depict?

Options:

Botnet Attack

Spear Phishing Attack

Advanced Persistent Threats

Rootkit Attack

Question 85

You are monitoring the network of your organizations. You notice that:

1. There are huge outbound connections from your Internal Network to External IPs.

2. On further investigation, you see that the External IPs are blacklisted.

3. Some connections are accepted, and some are dropped.

4. You find that it is a CnC communication.

Which of the following solution will you suggest?

Options:

Block the Blacklist IP’s @ Firewall

Update the Latest Signatures on your IDS/IPS

Clean the Malware which are trying to Communicate with the External Blacklist IP’s

Both B and C

Question 86

An attacker scans a host with the below command. Which three flags are set? (Choose three.)

#nmap –sX host.domain.com

Options:

This is ACK scan. ACK flag is set

This is Xmas scan. SYN and ACK flags are set

This is Xmas scan. URG, PUSH and FIN are set

This is SYN scan. SYN flag is set

Question 87

Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?