Latest CEH-001 Practice Tests

Premium

CEH-001 Dumps - Full Mock Test

Certified Ethical Hacker (CEH)

878 Questions
120 MINUTES
2024-11-14 Updated

Full Access

QUESTION 121

- (Topic 4)
What is the purpose of conducting security assessments on network resources?

A. Documentation
B. Validation
C. Implementation
D. Management

Correct Answer: B

QUESTION 122

- (Topic 3)
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

A. The victim user must open the malicious link with an Internet Explorer prior to version 8.
B. The session cookies generated by the application do not have the HttpOnly flag set.
C. The victim user must open the malicious link with a Firefox prior to version 3.
D. The web application should not use random tokens.

Correct Answer: D

QUESTION 123

- (Topic 8)
The Slammer Worm exploits a stack-based overflow that occurs in a DLL implementing the Resolution Service.
Which of the following Database Server was targeted by the slammer worm?

A. Oracle
B. MSSQL
C. MySQL
D. Sybase
E. DB2

Correct Answer: B
W32.Slammer is a memory resident worm that propagates via UDP Port 1434 and exploits a vulnerability in SQL Server 2000 systems and systems with MSDE 2000 that have not applied the patch released by Microsoft Security Bulletin MS02-039.

QUESTION 124

- (Topic 5)
Which of the following business challenges could be solved by using a vulnerability scanner?

A. Auditors want to discover if all systems are following a standard naming convention.
B. A web server was compromised and management needs to know if any further systems were compromised.
C. There is an emergency need to remove administrator access from multiple machines for an employee that quit.
D. There is a monthly requirement to test corporate compliance with host application usage and security policies.

Correct Answer: D

QUESTION 125

- (Topic 6)
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately.
Which organization coordinates computer crime investigations throughout the United States?

A. NDCA
B. NICP
C. CIRP
D. NPC
E. CIA

Correct Answer: D