Free CEH-001 Exam Dumps

Question 81

- (Topic 6)
A very useful resource for passively gathering information about a target company is:

A. Host scanning
B. Whois search
C. Traceroute
D. Ping sweep

Correct Answer:B
A, C & D are "Active" scans, the question says: "Passively"

Question 82

- (Topic 8)
Virus Scrubbers and other malware detection program can only detect items that they are aware of. Which of the following tools would allow you to detect unauthorized changes or modifications of binary files on your system by unknown malware?

A. System integrity verification tools
B. Anti-Virus Software
C. A properly configured gateway
D. There is no way of finding out until a new updated signature file is released

Correct Answer:A
Programs like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage
control measures can be taken in a timely manner.

Question 83

- (Topic 8)
_____ will let you assume a users identity at a dynamically generated web page or site.

A. SQL attack
B. Injection attack
C. Cross site scripting
D. The shell attack
E. Winzapper

Correct Answer:C
Cross site scripting is also referred to as XSS or CSS. You must know the user is online and you must scam that user into clicking on a link that you have sent in order for this hack attack to work.

Question 84

- (Topic 2)
Michael is a junior security analyst working for the National Security Agency (NSA) working primarily on breaking terrorist encrypted messages. The NSA has a number of methods they use to decipher encrypted messages including Government Access to Keys (GAK) and inside informants. The NSA holds secret backdoor keys to many of the encryption algorithms used on the Internet. The problem for the NSA, and Michael, is that terrorist organizations are starting to use custom-built algorithms or obscure algorithms purchased from corrupt governments. For this reason, Michael and other security analysts like him have been forced to find different methods of deciphering terrorist messages. One method that Michael thought of using was to hide malicious code inside seemingly harmless programs. Michael first monitors sites and bulletin boards used by known terrorists, and then he is able to glean email addresses to some of these suspected terrorists. Michael then inserts a stealth keylogger into a mapping program file readme.txt and then sends that as an attachment to the terrorist. This keylogger takes screenshots every 2 minutes and also logs all keyboard activity into a hidden file on the terrorist's computer. Then, the keylogger emails those files to Michael twice a day with a built in SMTP server. What technique has Michael used to disguise this keylogging software?

A. Steganography
B. Wrapping
C. ADS
D. Hidden Channels

Correct Answer:C

Question 85

- (Topic 8)
On a default installation of Microsoft IIS web server, under which privilege does the web server software execute?

A. Everyone
B. Guest
C. System
D. Administrator

Correct Answer:C
If not changed during the installation, IIS will execute as Local System with way to high privileges.