GAQM CEH-001 - Certified Ethical Hacker (CEH) Exam
Page: 2 / 176
Total 878 questions
Question #6 (Topic: Topic 1)
Joel and her team have been going through tons of garbage, recycled paper, and other
rubbish in order to find some information about the target they are attempting to penetrate.
How would you call this type of activity?
rubbish in order to find some information about the target they are attempting to penetrate.
How would you call this type of activity?
A. Dumpster Diving
B. Scanning
C. CI Gathering
D. Garbage Scooping
Answer: A
Question #7 (Topic: Topic 1)
Anonymizer sites access the Internet on your behalf, protecting your personal information
from disclosure. An anonymizer protects all of your computer's identifying information while
it surfs for you, enabling you to remain at least one step removed from the sites you visit.
You can visit Web sites without allowing anyone to gather information on sites visited by
you. Services that provide anonymity disable pop-up windows and cookies, and conceal
visitor's IP address.
These services typically use a proxy server to process each HTTP request. When the user
requests a Web page by clicking a hyperlink or typing a URL into their browser, the service
retrieves and displays the information using its own server. The remote server (where the
requested Web page resides) receives information on the anonymous Web surfing service
in place of your information.
In which situations would you want to use anonymizer? (Select 3 answers)
from disclosure. An anonymizer protects all of your computer's identifying information while
it surfs for you, enabling you to remain at least one step removed from the sites you visit.
You can visit Web sites without allowing anyone to gather information on sites visited by
you. Services that provide anonymity disable pop-up windows and cookies, and conceal
visitor's IP address.
These services typically use a proxy server to process each HTTP request. When the user
requests a Web page by clicking a hyperlink or typing a URL into their browser, the service
retrieves and displays the information using its own server. The remote server (where the
requested Web page resides) receives information on the anonymous Web surfing service
in place of your information.
In which situations would you want to use anonymizer? (Select 3 answers)
A. Increase your Web browsing bandwidth speed by using Anonymizer
B. To protect your privacy and Identity on the Internet
C. To bypass blocking applications that would prevent access to Web sites or parts of sites that you want to visit.
D. Post negative entries in blogs without revealing your IP identity
Answer: B,C,D
Question #8 (Topic: Topic 1)
What type of attack is shown in the following diagram?
A. Man-in-the-Middle (MiTM) Attack
B. Session Hijacking Attack
C. SSL Spoofing Attack
D. Identity Stealing Attack
Answer: A
Question #9 (Topic: Topic 1)
Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double
fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an
administrator from Brown Co. Jack tells Jane that there has been a problem with some
accounts and asks her to verify her password with him ''just to double check our records.''
Jane does not suspect anything amiss, and parts with her password. Jack can now access
Brown Co.'s computers with a valid user name and password, to steal the cookie recipe.
What kind of attack is being illustrated here?
fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an
administrator from Brown Co. Jack tells Jane that there has been a problem with some
accounts and asks her to verify her password with him ''just to double check our records.''
Jane does not suspect anything amiss, and parts with her password. Jack can now access
Brown Co.'s computers with a valid user name and password, to steal the cookie recipe.
What kind of attack is being illustrated here?
A. Reverse Psychology
B. Reverse Engineering
C. Social Engineering
D. Spoofing Identity
E. Faking Identity
Answer: C
Question #10 (Topic: Topic 1)
How do you defend against ARP Spoofing? Select three.
A. Use ARPWALL system and block ARP spoofing attacks
B. Tune IDS Sensors to look for large amount of ARP traffic on local subnets
C. Use private VLANS
D. Place static ARP entries on servers, workstation and routers
Answer: A,C,D
