Table Of Content:
Share GAQM CEH-001 exam practice questions and answers from leads4pass latest updated CEH-001 dumps free of charge. Get the latest uploaded CEH-001 dumps pdf from google driver online. To get the full GAQM CEH-001 dumps PDF or dumps VCE visit: https://www.leads4pass.com/ceh-001.html (Q&As: 878). all GAQM CEH-001 exam questions have been updated, the answer has been corrected!
Make sure your exam questions are real and effective to help you pass your first exam!
[GAQM CEH-001 Dumps pdf] Latest GAQM CEH-001 Dumps PDF collected by leads4pass Google Drive:
https://drive.google.com/file/d/1EM0DUsQIqjnUOpnKiRyQU3LrGxSLVS4l/
Latest Update GAQM CEH-001 Exam Practice Questions and Answers Online Test
QUESTION 1
Leesa is the senior security analyst for a publicly-traded company. The IT department recently rolled out an intranet for
company use only with information ranging from training to holiday schedules, to human resources data. Leesa wants
to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX)
compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company\\’s
intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of
“intranet” with part of the URL containing the word “intranet” and the words “human resources” somewhere in the
webpage.
What Google search will accomplish this?
A. related:intranet allinurl:intranet:”human resources”
B. cache:”human resources” inurl:intranet(SharePoint)
C. intitle:intranet inurl:intranet+intext:”human resources”
D. site:”human resources”+intext:intranet intitle:intranet
Correct Answer: C
QUESTION 2
The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following
vulnerabilities?
A. An attacker, working slowly enough, can evade detection by the IDS.
B. Network packets are dropped if the volume exceeds the threshold.
C. Thresholding interferes with the IDS\\’ ability to reassemble fragmented packets.
D. The IDS will not distinguish among packets originating from different sources.
Correct Answer: A
QUESTION 3
SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large
number of half-open TCP connections. The signature of attack for SYN Flood contains:
A. The source and destination address having the same value
B. A large number of SYN packets appearing on a network without the corresponding reply packets
C. The source and destination port numbers having the same value
D. A large number of SYN packets appearing on a network with the corresponding reply packets
Correct Answer: B
QUESTION 4
Which of the following countermeasure can specifically protect against both the MAC Flood and MAC Spoofing
attacks?
A. Configure Port Security on the switch
B. Configure Port Recon on the switch
C. Configure Switch Mapping
D. Configure Multiple Recognition on the switch
Correct Answer: A
QUESTION 5
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and
confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM
PIN number and other personal details.![[2021.3] leads4pass ceh-001 practice test q5](https://www.brain2dumps.com/wp-content/uploads/2021/03/q5-1.jpg)
![[2021.3] leads4pass ceh-001 practice test q5-1](https://www.brain2dumps.com/wp-content/uploads/2021/03/q5-1-1.jpg)
Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?
A. Do not reply to email messages or popup ads asking for personal or financial information
B. Do not trust telephone numbers in e-mails or popup ads
C. Review credit card and bank account statements regularly
D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
E. Do not send credit card numbers, and personal or financial information via e-mail
Correct Answer: D
QUESTION 6
Web servers are often the most targeted and attacked hosts on organizations\\’ networks. Attackers may exploit
software bugs in the Web server, underlying operating system, or active content to gain unauthorized access.![[2021.3] leads4pass ceh-001 practice test q6](https://www.brain2dumps.com/wp-content/uploads/2021/03/q6-1.jpg)
Identify the correct statement related to the above Web Server installation?
A. Lack of proper security policy, procedures, and maintenance
B. Bugs in server software, OS, and web applications
C. Installing the server with default settings
D. Unpatched security flaws in the server software, OS, and applications
Correct Answer: C
QUESTION 7
What type of attack is shown in the following diagram?![[2021.3] leads4pass ceh-001 practice test q7](https://www.brain2dumps.com/wp-content/uploads/2021/03/q7-1.jpg)
A. Man-in-the-Middle (MiTM) Attack
B. Session Hijacking Attack
C. SSL Spoofing Attack
D. Identity Stealing Attack
Correct Answer: A
QUESTION 8
Which type of scan measures a person\\’s external features through a digital video camera?
A. Iris scan
B. Retinal scan
C. Facial recognition scan
D. Signature kinetics scan
Correct Answer: C
QUESTION 9
Which of the following statements about a zone transfer correct? (Choose three.
A. A zone transfer is accomplished with the DNS
B. A zone transfer is accomplished with the nslookup service
C. A zone transfer passes all zone information that a DNS server maintains
D. A zone transfer passes all zone information that a nslookup server maintains
E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
F. Zone transfers cannot occur on the Internet
Correct Answer: ACE
QUESTION 10
Which one of the following instigates an SYN flood attack?
A. Generating excessive broadcast packets.
B. Creating a high number of half-open connections.
C. Inserting repetitive Internet Relay Chat (IRC) messages.
D. A large number of Internet Control Message Protocol (ICMP) traces.
Correct Answer: B
QUESTION 11
What is the default Password Hash Algorithm used by NTLMv2?
A. MD4
B. DES
C. SHA-1
D. MD5
Correct Answer: D
QUESTION 12
In the context of Trojans, what is the definition of a Wrapper?
A. An encryption tool to protect the Trojan
B. A tool used to bind the Trojan with a legitimate file
C. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan
D. A tool used to encapsulate packets within a new header and footer
Correct Answer: B
QUESTION 13
Does Bluetooth use which digital modulation technique to exchange information between paired devices?
A. PSK (phase-shift keying)
B. FSK (frequency-shift keying)
C. ASK (amplitude-shift keying)
D. QAM (quadrature amplitude modulation)
Correct Answer: A
For the full GAQM CEH-001 exam dumps from leads4pass CEH-001 Dumps pdf or Dumps VCE visit: https://www.leads4pass.com/ceh-001.html (Q&As: 878 dumps)
ps.
Get free GAQM CEH-001 dumps PDF online: https://drive.google.com/file/d/1EM0DUsQIqjnUOpnKiRyQU3LrGxSLVS4l/