GAQM CPEH-001 Quiz 3 Topic 3 Questions 11-15

Question: 1

The following exploit code is extracted from what kind of attack?

q1_CPEH-001

ARemote password cracking attack

BSQL Injection

CDistributed Denial of Service

DCross Site Scripting

EBuffer Overflow

Show Answer

Question: 2

An attacker runs netcat tool to transfer a secret file between two hosts.

Machine A: netcat -l -p 1234 < secretfile

Machine B: netcat 192.168.3.4 > 1234

He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?

AMachine A: netcat -l -p -s password 1234 < testfile
Machine B: netcat <machine A IP> 1234

BMachine A: netcat -l -e magickey -p 1234 < testfile
Machine B: netcat <machine A IP> 1234

CMachine A: netcat -l -p 1234 < testfile -pw password
Machine B: netcat <machine A IP> 1234 -pw password

DUse cryptcat instead of netcat

Show Answer

Question: 3

After gaining access to the password hashes used to protect access to a web based application, knowledge of which cryptographic algorithms would be useful to gain access to the application?

ASHA1

BDiffie-Helman

CRSA

DAES

Show Answer

Question: 4

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

A-sO

B-sP

C-sS

D-sU

Show Answer

Question: 5

In the following example, which of these is the "exploit"?

Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites. Select the best answer.

AMicrosoft Corporation is the exploit.

BThe security 'hole' in the product is the exploit.

CWindows 2003 Server

DThe exploit is the hacker that would use this vulnerability.

EThe documented method of how to use the vulnerability to gain unprivileged access.
Explanations:
Microsoft is not the exploit, but if Microsoft documents how the vulnerability can be used to gain unprivileged access, they are creating the exploit. If they just say that there is a hole in the product, then it is only a vulnerability. The security 'hole' in the product is called the 'vulnerability'. It is documented in a way that shows how to use the vulnerability to gain unprivileged access, and it then becomes an 'exploit'. In the example given, Windows 2003 Server is the TOE (Target of Evaluation). A TOE is an IT System, product or component that requires security evaluation or is being identified. The hacker that would use this vulnerability is exploiting it, but the hacker is not the exploit. The documented method of how to use the vulnerability to gain unprivileged access is the correct answer.

Show Answer

GAQM CPEH-001 Quiz:3 Topic:3 Questions:11-15