CEH-001 Free Practice Test

- (Topic 8)
After studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence?
1. mkdir -p /etc/X11/applnk/Internet/.etc
2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd
3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd
4. touch -acmr /etc /etc/X11/applnk/Internet/.etc
5. passwd nobody -d
6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash
7. passwd dns -d
8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd
9. touch -acmr /etc/X11/applnk/Internet/.etc /etc

1. A. Change password of user nobody
2. B. Extract information from a local directory
3. C. Change the files Modification Access Creation times
4. D. Download rootkits and passwords into a new directory

Correct Answer: C

- (Topic 6)
What is the proper response for a NULL scan if the port is closed?

1. A. SYN
2. B. ACK
3. C. FIN
4. D. PSH
5. E. RST
6. F. No response

Correct Answer: E
Closed ports respond to a NULL scan with a reset.

- (Topic 4)
One advantage of an application-level firewall is the ability to

1. A. filter packets at the network level.
2. B. filter specific commands, such as http:post.
3. C. retain state information for each packet.
4. D. monitor tcp handshaking.

Correct Answer: B

- (Topic 8)
Which of the following statements best describes the term Vulnerability?

1. A. A weakness or error that can lead to a compromise
2. B. An agent that has the potential to take advantage of a weakness
3. C. An action or event that might prejudice security
4. D. The loss potential of a threat.

Correct Answer: A
Vulnerabilities are all weaknesses that can be exploited.

- (Topic 5)
Which of the following are variants of mandatory access control mechanisms? (Choose two.)

1. A. Two factor authentication
2. B. Acceptable use policy
3. C. Username / password
4. D. User education program
5. E. Sign in register

Correct Answer: AC