Free Certified Professional Ethical Hacker (CPEH) Exam CPEH-001 Exam Practice Test

Which Type of scan sends a packets with no flags set? Select the Answer

• Open Scan
• Null Scan
• Xmas Scan
• Half-Open Scan

How does a denial-of-service attack work?

• A hacker prevents a legitimate user (or group of users) from accessing a service
• A hacker uses every character, word, or letter he or she can think of to defeat authentication
• A hacker tries to decipher a password by using a system, which subsequently crashes the network
• A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply)

• CHAT rooms
• WHOIS database
• News groups
• Web sites
• Search engines
• Organization's own web site

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

• 64 bit and CCMP
• 128 bit and CRC
• 128 bit and CCMP
• 128 bit and TKIP

A company has hired a security administrator to maintainand administer Linux and Windows-based systems. Written in the nightly report file is the following. Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again. Which of the following actions should the security administrator take?

• Log the event as suspicious activity and report this behavior to the incident response team immediately.
• Log the event as suspicious activity, call a manager, and report this as soon as possible.
• Run an anti-virus scan because it is likely the system is infected by malware.
• Log the event as suspicious activity, continue to investigate, andact according to the site's security policy.

Ron has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on the public side of the demilitarized zone, unprotected by a firewall or filtering router. What would you call such a host?

• Honeypot
• DMZ host
• DWZ host
• Bastion Host

E-mail scams and mail fraud are regulated by which of the following?

• 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
• 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
• 18 U.S.C. par. 1362 Communication Lines, Stations, or Systems
• 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Anetwork administratorreceived an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the networkover ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

• True negatives
• False negatives
• True positives
• False positives

How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

• There is no way to tell because a hash cannot be reversed
• The right most portion of the hash is always the same
• The hash always starts with AB923D
• The left most portion of the hash is always the same
• A portion of the hash will be all 0's

Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?

• Use any ARP requests found in the capture
• Derek can use a session replay on the packets captured
• Derek can use KisMAC as it needs two USB devices to generate traffic
• Use Ettercap to discover the gateway and ICMP ping flood tool to generate traffic