Halloween Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

CEH-001 Certified Ethical Hacker (CEH) Questions and Answers

Questions 4

What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

Options:

A.

Scripting languages are hard to learn.

B.

Scripting languages are not object-oriented.

C.

Scripting languages cannot be used to create graphical user interfaces.

D.

Scripting languages are slower because they require an interpreter to run the code.

Buy Now
Questions 5

WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. How will you stop web spiders from crawling certain directories on your website?

Options:

A.

Place robots.txt file in the root of your website with listing of directories that you don't want to be crawled

B.

Place authentication on root directories that will prevent crawling from these spiders

C.

Enable SSL on the restricted directories which will block these spiders from crawling

D.

Place "HTTP:NO CRAWL" on the html pages that you don't want the crawlers to index

Buy Now
Questions 6

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

Options:

A.

Drops the packet and moves on to the next one

B.

Continues to evaluate the packet until all rules are checked

C.

Stops checking rules, sends an alert, and lets the packet continue

D.

Blocks the connection with the source IP address in the packet

Buy Now
Questions 7

What do you call a pre-computed hash?

Options:

A.

Sun tables

B.

Apple tables

C.

Rainbow tables

D.

Moon tables

Buy Now
Questions 8

How do you defend against ARP Poisoning attack? (Select 2 answers)

CEH-001 Question 8

Options:

A.

Enable DHCP Snooping Binding Table

B.

Restrict ARP Duplicates

C.

Enable Dynamic ARP Inspection

D.

Enable MAC snooping Table

Buy Now
Questions 9

The GET method should never be used when sensitive data such as credit card is being sent to a CGI program. This is because any GET command will appear in the URL, and will be logged by any servers. For example, let's say that you've entered your credit card information into a form that uses the GET method. The URL may appear like this:

<a href="https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234">https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234

The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information. How would you protect from this type of attack?

Options:

A.

Never include sensitive information in a script

B.

Use HTTPS SSLv3 to send the data instead of plain HTTPS

C.

Replace the GET with POST method when sending data

D.

Encrypt the data before you send using GET method

Buy Now
Questions 10

You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner?

Options:

A.

Convert the Trojan.exe file extension to Trojan.txt disguising as text file

B.

Break the Trojan into multiple smaller files and zip the individual pieces

C.

Change the content of the Trojan using hex editor and modify the checksum

D.

Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1

Buy Now
Questions 11

Why attackers use proxy servers?

Options:

A.

To ensure the exploits used in the attacks always flip reverse vectors

B.

Faster bandwidth performance and increase in attack speed

C.

Interrupt the remote victim's network traffic and reroute the packets to attackers machine

D.

To hide the source IP address so that an attacker can hack without any legal corollary

Buy Now
Questions 12

You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?

Options:

A.

There is no way to completely block tracerouting into this area

B.

Block UDP at the firewall

C.

Block TCP at the firewall

D.

Block ICMP at the firewall

Buy Now
Questions 13

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?

Options:

A.

Vulnerability scanning

B.

Social engineering

C.

Application security testing

D.

Network sniffing

Buy Now
Questions 14

What are two types of ICMP code used when using the ping command?

Options:

A.

It uses types 0 and 8.

B.

It uses types 13 and 14.

C.

It uses types 15 and 17.

D.

The ping command does not use ICMP but uses UDP.

Buy Now
Questions 15

An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified:

21 ftp

23 telnet

80 http

443 https

What does this suggest?

Options:

A.

This is a Windows Domain Controller

B.

The host is not firewalled

C.

The host is not a Linux or Solaris system

D.

The host is not properly patched

Buy Now
Questions 16

Study the log below and identify the scan type.

CEH-001 Question 16

Options:

A.

nmap -sR 192.168.1.10

B.

nmap -sS 192.168.1.10

C.

nmap -sV 192.168.1.10

D.

nmap -sO -T 192.168.1.10

Buy Now
Questions 17

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

Options:

A.

The packets were sent by a worm spoofing the IP addresses of 47 infected sites

B.

ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

C.

All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

D.

13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Buy Now
Questions 18

Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately.

Which organization coordinates computer crime investigations throughout the United States?

Options:

A.

NDCA

B.

NICP

C.

CIRP

D.

NPC

E.

CIA

Buy Now
Questions 19

Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?

05/20-17:0645.061034 192.160.13.4:31337 --> 172.16.1.101:1

TCP TTL:44 TOS:0x10 ID:242

***FRP** Seq:0xA1D95  Ack:0x53  Win: 0x400

What is odd about this attack? (Choose the most appropriate statement)

Options:

A.

This is not a spoofed packet as the IP stack has increasing numbers for the three flags.

B.

This is back orifice activity as the scan comes from port 31337.

C.

The attacker wants to avoid creating a sub-carrier connection that is not normally valid.

D.

There packets were created by a tool; they were not created by a standard IP stack.

Buy Now
Questions 20

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?

nslookup

> server

> set type =any

> ls -d

Options:

A.

Enables DNS spoofing

B.

Loads bogus entries into the DNS table

C.

Verifies zone security

D.

Performs a zone transfer

E.

Resets the DNS cache

Buy Now
Questions 21

While performing ping scans into a target network you get a frantic call from the organization’s security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you modify your scan to prevent triggering this event in the IDS?

Options:

A.

Scan more slowly.

B.

Do not scan the broadcast IP.

C.

Spoof the source IP address.

D.

Only scan the Windows systems.

Buy Now
Questions 22

Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

Options:

A.

To create a denial of service attack.

B.

To verify information about the mail administrator and his address.

C.

To gather information about internal hosts used in email treatment.

D.

To gather information about procedures that are in place to deal with such messages.

Buy Now
Questions 23

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

Options:

A.

An attacker, working slowly enough, can evade detection by the IDS.

B.

Network packets are dropped if the volume exceeds the threshold.

C.

Thresholding interferes with the IDS’ ability to reassemble fragmented packets.

D.

The IDS will not distinguish among packets originating from different sources.

Buy Now
Questions 24

Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which one would you suggest she looks in first?

Options:

A.

LACNIC

B.

ARIN

C.

APNIC

D.

RIPE

E.

AfriNIC

Buy Now
Questions 25

At a Windows Server command prompt, which command could be used to list the running services?

Options:

A.

Sc query type= running

B.

Sc query \\servername

C.

Sc query

D.

Sc config

Buy Now
Questions 26

A company is legally liable for the content of email that is sent from its systems, regardless of whether the message was sent for private or business-related purposes. This could lead to prosecution for the sender and for the company's directors if, for example, outgoing email was found to contain material that was pornographic, racist, or likely to incite someone to commit an act of terrorism. You can always defend yourself by "ignorance of the law" clause.

Options:

A.

true

B.

false

Buy Now
Questions 27

What flags are set in a X-MAS scan?(Choose all that apply.

Options:

A.

SYN

B.

ACK

C.

FIN

D.

PSH

E.

RST

F.

URG

Buy Now
Questions 28

What port scanning method involves sending spoofed packets to a target system and then looking for adjustments to the IPID on a zombie system?

Options:

A.

Blind Port Scanning

B.

Idle Scanning

C.

Bounce Scanning

D.

Stealth Scanning

E.

UDP Scanning

Buy Now
Questions 29

Which of the following commands runs snort in packet logger mode?

Options:

A.

./snort -dev -h ./log

B.

./snort -dev -l ./log

C.

./snort -dev -o ./log

D.

./snort -dev -p ./log

Buy Now
Questions 30

Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?

Options:

A.

SYN scan

B.

ACK scan

C.

RST scan

D.

Connect scan

E.

FIN scan

Buy Now
Questions 31

This kind of attack will let you assume a users identity at a dynamically generated web page or site:

Options:

A.

SQL Injection

B.

Cross Site Scripting

C.

Session Hijacking

D.

Zone Transfer

Buy Now
Questions 32

In the context of using PKI, when Sven wishes to send a secret message to Bob, he looks up Bob’s public key in a directory, uses it to encrypt the message before sending it off. Bob then uses his private key to decrypt the message and reads it. No one listening on can decrypt the message.

Anyone can send an encrypted message to Bob but only Bob can read it. Thus, although many people may know Bob’s public key and use it to verify Bob’s signature, they cannot discover Bob’s private key and use it to forge digital signatures.

What does this principle refer to?

Options:

A.

Irreversibility

B.

Non-repudiation

C.

Symmetry

D.

Asymmetry

Buy Now
Questions 33

Carl has successfully compromised a web server from behind a firewall by exploiting a vulnerability in the web server program. He wants to proceed by installing a backdoor program. However, he is aware that not all inbound ports on the firewall are in the open state.

From the list given below, identify the port that is most likely to be open and allowed to reach the server that Carl has just compromised.

Options:

A.

53

B.

110

C.

25

D.

69

Buy Now
Questions 34

Which of the following is true of the wireless Service Set ID (SSID)? (Select all that apply.)

Options:

A.

Identifies the wireless network

B.

Acts as a password for network access

C.

Should be left at the factory default setting

D.

Not broadcasting the SSID defeats NetStumbler and other wireless discovery tools

Buy Now
Questions 35

Peter is a Network Admin. He is concerned that his network is vulnerable to a smurf attack. What should Peter do to prevent a smurf attack?

Select the best answer.

Options:

A.

He should disable unicast on all routers

B.

Disable multicast on the router

C.

Turn off fragmentation on his router

D.

Make sure all anti-virus protection is updated on all systems

E.

Make sure his router won't take a directed broadcast

Buy Now
Questions 36

You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website?

Options:

A.

Through Google searching cached files

B.

Through Archive.org

C.

Download the website and crawl it

D.

Visit customers' and prtners' websites

Buy Now
Questions 37

You have performed the traceroute below and notice that hops 19 and 20 both show the same IP address.

What can be inferred from this output?

CEH-001 Question 37

Options:

A.

An application proxy firewall

B.

A stateful inspection firewall

C.

A host based IDS

D.

A Honeypot

Buy Now
Questions 38

When referring to the Domain Name Service, what is denoted by a ‘zone’?

Options:

A.

It is the first domain that belongs to a company.

B.

It is a collection of resource records.

C.

It is the first resource record type in the SOA.

D.

It is a collection of domains.

Buy Now
Questions 39

Take a look at the following attack on a Web Server using obstructed URL:

<a href="https://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f%70%61%73%73%77%64">https://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f%70%61%73%73%77%64

The request is made up of:

 %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../

 %65%74%63 = etc

 %2f = /

 %70%61%73%73%77%64 = passwd

How would you protect information systems from these attacks?

Options:

A.

Configure Web Server to deny requests involving Unicode characters.

B.

Create rules in IDS to alert on strange Unicode requests.

C.

Use SSL authentication on Web Servers.

D.

Enable Active Scripts Detection at the firewall and routers.

Buy Now
Questions 40

John has a proxy server on his network which caches and filters web access. He shuts down all unnecessary ports and services. Additionally, he has installed a firewall (Cisco PIX) that will not allow users to connect to any outbound ports. Jack, a network user has successfully connected to a remote server on port 80 using netcat. He could in turn drop a shell from the remote machine. Assuming an attacker wants to penetrate John's network, which of the following options is he likely to choose?

Options:

A.

Use ClosedVPN

B.

Use Monkey shell

C.

Use reverse shell using FTP protocol

D.

Use HTTPTunnel or Stunnel on port 80 and 443

Buy Now
Questions 41

The following exploit code is extracted from what kind of attack?

CEH-001 Question 41

Options:

A.

Remote password cracking attack

B.

SQL Injection

C.

Distributed Denial of Service

D.

Cross Site Scripting

E.

Buffer Overflow

Buy Now
Questions 42

In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?

Options:

A.

WEP attack

B.

Drive by hacking

C.

Rogue access point attack

D.

Unauthorized access point attack

Buy Now
Questions 43

This packet was taken from a packet sniffer that monitors a Web server.

CEH-001 Question 43

This packet was originally 1514 bytes long, but only the first 512 bytes are shown here. This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line-feeds (0D 0A 0D 0A) and then the data. By examining the packet identify the name and version of the Web server?

Options:

A.

Apache 1.2

B.

IIS 4.0

C.

IIS 5.0

D.

Linux WServer 2.3

Buy Now
Questions 44

What do you conclude from the nmap results below?

Staring nmap V. 3.10ALPHA0 <a href="(www.insecure.org/map/)">(www.insecure.org/map/)

(The 1592 ports scanned but not shown below are in state: closed)

Port State Service

21/tcp open ftp

25/tcp open smtp

80/tcp open http

443/tcp open https

Remote operating system guess: Too many signatures match the reliability guess the OS. Nmap run completed – 1 IP address (1 host up) scanned in 91.66 seconds

Options:

A.

The system is a Windows Domain Controller.

B.

The system is not firewalled.

C.

The system is not running Linux or Solaris.

D.

The system is not properly patched.

Buy Now
Questions 45

WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use?

Options:

A.

LibPcap

B.

WinPcap

C.

Wincap

D.

None of the above

Buy Now
Questions 46

If you send a SYN to an open port, what is the correct response?(Choose all correct answers.

Options:

A.

SYN

B.

ACK

C.

FIN

D.

PSH

Buy Now
Questions 47

Most NIDS systems operate in layer 2 of the OSI model. These systems feed raw traffic into a detection engine and rely on the pattern matching and/or statistical analysis to determine what is malicious. Packets are not processed by the host's TCP/IP stack allowing the NIDS to analyze traffic the host would otherwise discard. Which of the following tools allows an attacker to intentionally craft packets to confuse pattern-matching NIDS systems, while still being correctly assembled by the host TCP/IP stack to render the attack payload?

Options:

A.

Defrag

B.

Tcpfrag

C.

Tcpdump

D.

Fragroute

Buy Now
Questions 48

Which tool would be used to collect wireless packet data?

Options:

A.

NetStumbler

B.

John the Ripper

C.

Nessus

D.

Netcat

Buy Now
Questions 49

Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?

Options:

A.

It is impossible to crack hashed user passwords unless the key used to encrypt them is obtained.

B.

If a user forgets the password, it can be easily retrieved using the hash key stored by administrators.

C.

Hashing is faster compared to more traditional encryption algorithms.

D.

Passwords stored using hashes are non-reversible, making finding the password much more difficult.

Buy Now
Questions 50

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

Options:

A.

Fraggle

B.

MAC Flood

C.

Smurf

D.

Tear Drop

Buy Now
Questions 51

What will the following command produce on a website's login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email = 'someone@somewhere.com'; DROP TABLE members; --'

Options:

A.

This code will insert the someone@somewhere.com email address into the members table.

B.

This command will delete the entire members table.

C.

It retrieves the password for the first user in the members table.

D.

This command will not produce anything since the syntax is incorrect.

Buy Now
Questions 52

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

Options:

A.

Network tap

B.

Layer 3 switch

C.

Network bridge

D.

Application firewall

Buy Now
Questions 53

The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

Options:

A.

Investigate based on the maintenance schedule of the affected systems.

B.

Investigate based on the service level agreements of the systems.

C.

Investigate based on the potential effect of the incident.

D.

Investigate based on the order that the alerts arrived in.

Buy Now
Questions 54

Which types of detection methods are employed by Network Intrusion Detection Systems (NIDS)? (Choose two.)

Options:

A.

Signature

B.

Anomaly

C.

Passive

D.

Reactive

Buy Now
Questions 55

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

Options:

A.

Passive

B.

Reflective

C.

Active

D.

Distributive

Buy Now
Questions 56

How does an operating system protect the passwords used for account logins?

Options:

A.

The operating system performs a one-way hash of the passwords.

B.

The operating system stores the passwords in a secret file that users cannot find.

C.

The operating system encrypts the passwords, and decrypts them when needed.

D.

The operating system stores all passwords in a protected segment of non-volatile memory.

Buy Now
Questions 57

There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)

Options:

A.

The IP address of the AP

B.

The MAC address of the AP

C.

The SSID of the wireless network

D.

A failed authentication packet

Buy Now
Questions 58

Which element of Public Key Infrastructure (PKI) verifies the applicant?

Options:

A.

Certificate authority

B.

Validation authority

C.

Registration authority

D.

Verification authority

Buy Now
Questions 59

What statement is true regarding LM hashes?

Options:

A.

LM hashes consist in 48 hexadecimal characters.

B.

LM hashes are based on AES128 cryptographic standard.

C.

Uppercase characters in the password are converted to lowercase.

D.

LM hashes are not generated when the password length exceeds 15 characters.

Buy Now
Questions 60

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

Options:

A.

Cross-site scripting

B.

SQL injection

C.

Missing patches

D.

CRLF injection

Buy Now
Questions 61

For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?

Options:

A.

Sender's public key

B.

Receiver's private key

C.

Receiver's public key

D.

Sender's private key

Buy Now
Questions 62

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?

Options:

A.

g++ hackersExploit.cpp -o calc.exe

B.

g++ hackersExploit.py -o calc.exe

C.

g++ -i hackersExploit.pl -o calc.exe

D.

g++ --compile –i hackersExploit.cpp -o calc.exe

Buy Now
Questions 63

A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

Options:

A.

True negatives

B.

False negatives

C.

True positives

D.

False positives

Buy Now
Questions 64

Which of the following is an advantage of utilizing security testing methodologies to conduct a security audit?

Options:

A.

They provide a repeatable framework.

B.

Anyone can run the command line scripts.

C.

They are available at low cost.

D.

They are subject to government regulation.

Buy Now
Questions 65

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

Options:

A.

Set a BIOS password.

B.

Encrypt the data on the hard drive.

C.

Use a strong logon password to the operating system.

D.

Back up everything on the laptop and store the backup in a safe place.

Buy Now
Questions 66

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

Options:

A.

The consultant will ask for money on the bid because of great work.

B.

The consultant may expose vulnerabilities of other companies.

C.

The company accepting bids will want the same type of format of testing.

D.

The company accepting bids will hire the consultant because of the great work performed.

Buy Now
Questions 67

The use of technologies like IPSec can help guarantee the followinG. authenticity, integrity, confidentiality and

Options:

A.

non-repudiation.

B.

operability.

C.

security.

D.

usability.

Buy Now
Questions 68

Which type of access control is used on a router or firewall to limit network activity?

Options:

A.

Mandatory

B.

Discretionary

C.

Rule-based

D.

Role-based

Buy Now
Questions 69

A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer)

Options:

A.

Invalid Username

B.

Invalid Password

C.

Authentication Failure

D.

Login Attempt Failed

E.

Access Denied

Buy Now
Questions 70

Exhibit:

CEH-001 Question 70

You have captured some packets in Ethereal. You want to view only packets sent from 10.0.0.22. What filter will you apply?

Options:

A.

ip = 10.0.0.22

B.

ip.src == 10.0.0.22

C.

ip.equals 10.0.0.22

D.

ip.address = 10.0.0.22

Buy Now
Questions 71

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

Options:

A.

Block port 25 at the firewall.

B.

Shut off the SMTP service on the server.

C.

Force all connections to use a username and password.

D.

Switch from Windows Exchange to UNIX Sendmail.

E.

None of the above.

Buy Now
Questions 72

What is the term 8 to describe an attack that falsifies a broadcast ICMP echo request and includes a primary and secondary victim?

Options:

A.

Fraggle Attack

B.

Man in the Middle Attack

C.

Trojan Horse Attack

D.

Smurf Attack

E.

Back Orifice Attack

Buy Now
Questions 73

Exhibit:

CEH-001 Question 73

The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack. You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?

Options:

A.

The buffer overflow attack has been neutralized by the IDS

B.

The attacker is creating a directory on the compromised machine

C.

The attacker is attempting a buffer overflow attack and has succeeded

D.

The attacker is attempting an exploit that launches a command-line shell

Buy Now
Questions 74

LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP?

Options:

A.

Stop the LM service in Windows XP

B.

Disable LSASS service in Windows XP

C.

Disable LM authentication in the registry

D.

Download and install LMSHUT.EXE tool from Microsoft website

Buy Now
Questions 75

Exhibit:

CEH-001 Question 75

Study the following log extract and identify the attack.

Options:

A.

Hexcode Attack

B.

Cross Site Scripting

C.

Multiple Domain Traversal Attack

D.

Unicode Directory Traversal Attack

Buy Now
Questions 76

Which one of the following instigates a SYN flood attack?

Options:

A.

Generating excessive broadcast packets.

B.

Creating a high number of half-open connections.

C.

Inserting repetitive Internet Relay Chat (IRC) messages.

D.

A large number of Internet Control Message Protocol (ICMP) traces.

Buy Now
Questions 77

What does the following command in netcat do?

nc -l -u -p55555 < /etc/passwd

Options:

A.

logs the incoming connections to /etc/passwd file

B.

loads the /etc/passwd file to the UDP port 55555

C.

grabs the /etc/passwd file when connected to UDP port 55555

D.

deletes the /etc/passwd file when connected to the UDP port 55555

Buy Now
Questions 78

Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?

Options:

A.

Spoof Attack

B.

Smurf Attack

C.

Man inthe Middle Attack

D.

Trojan Horse Attack

E.

Back Orifice Attack

Buy Now
Questions 79

What tool can crack Windows SMB passwords simply by listening to network traffic?

Select the best answer.

Options:

A.

This is not possible

B.

Netbus

C.

NTFSDOS

D.

L0phtcrack

Buy Now
Questions 80

Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

Options:

A.

Snort

B.

argus

C.

TCPflow

D.

Tcpdump

Buy Now
Questions 81

Which one of the following network attacks takes advantages of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

Options:

A.

Teardrop

B.

Smurf

C.

Ping of Death

D.

SYN flood

E.

SNMP Attack

Buy Now
Questions 82

Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024 ports?

Options:

A.

Netcat -h -U

B.

Netcat -hU

C.

Netcat -sU -p 1-1024

D.

Netcat -u -v -w2 1-1024

E.

Netcat -sS -O target/1024

Buy Now
Questions 83

Sniffing is considered an active attack.

Options:

A.

True

B.

False

Buy Now
Questions 84

Ethereal works best on ____________.

Options:

A.

Switched networks

B.

Linux platforms

C.

Networks using hubs

D.

Windows platforms

E.

LAN's

Buy Now
Questions 85

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration.

If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

Options:

A.

Full Blown

B.

Thorough

C.

Hybrid

D.

BruteDics

Buy Now
Questions 86

A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

Options:

A.

Issue the pivot exploit and set the meterpreter.

B.

Reconfigure the network settings in the meterpreter.

C.

Set the payload to propagate through the meterpreter.

D.

Create a route statement in the meterpreter.

Buy Now
Questions 87

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

Options:

A.

Teardrop

B.

SYN flood

C.

Smurf attack

D.

Ping of death

Buy Now
Questions 88

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

Options:

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Buy Now
Questions 89

Which of the following techniques will identify if computer files have been changed?

Options:

A.

Network sniffing

B.

Permission sets

C.

Integrity checking hashes

D.

Firewall alerts

Buy Now
Questions 90

A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company’s internal network. Which of the following can be implemented to minimize the opportunity for the man-in-the-middle attack to occur?

Options:

A.

SSL

B.

Mutual authentication

C.

IPSec

D.

Static IP addresses

Buy Now
Questions 91

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

Options:

A.

Truecrypt

B.

Sub7

C.

Nessus

D.

Clamwin

Buy Now
Questions 92

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

Options:

A.

Restore a random file.

B.

Perform a full restore.

C.

Read the first 512 bytes of the tape.

D.

Read the last 512 bytes of the tape.

Buy Now
Questions 93

The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?

Options:

A.

Asymmetric

B.

Confidential

C.

Symmetric

D.

Non-confidential

Buy Now
Questions 94

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?

Options:

A.

The wireless card was not turned on.

B.

The wrong network card drivers were in use by Wireshark.

C.

On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

D.

Certain operating systems and adapters do not collect the management or control packets.

Buy Now
Questions 95

When analyzing the IDS logs, the system administrator notices connections from outside of the LAN have been sending packets where the Source IP address and Destination IP address are the same. There have been no alerts sent via email or logged in the IDS. Which type of an alert is this?

Options:

A.

False positive

B.

False negative

C.

True positive

D.

True negative

Buy Now
Questions 96

ICMP ping and ping sweeps are used to check for active systems and to check

Options:

A.

if ICMP ping traverses a firewall.

B.

the route that the ICMP ping took.

C.

the location of the switchport in relation to the ICMP ping.

D.

the number of hops an ICMP ping takes to reach a destination.

Buy Now
Questions 97

Which of the following does proper basic configuration of snort as a network intrusion detection system require?

Options:

A.

Limit the packets captured to the snort configuration file.

B.

Capture every packet on the network segment.

C.

Limit the packets captured to a single segment.

D.

Limit the packets captured to the /var/log/snort directory.

Buy Now
Questions 98

What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack?

Options:

A.

Injecting parameters into a connection string using semicolons as a separator

B.

Inserting malicious Javascript code into input parameters

C.

Setting a user's session identifier (SID) to an explicit known value

D.

Adding multiple parameters with the same name in HTTP requests

Buy Now
Questions 99

What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

Options:

A.

Blue Book

B.

ISO 26029

C.

Common Criteria

D.

The Wassenaar Agreement

Buy Now
Questions 100

What are the three types of authentication?

Options:

A.

Something you: know, remember, prove

B.

Something you: have, know, are

C.

Something you: show, prove, are

D.

Something you: show, have, prove

Buy Now
Questions 101

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

Options:

A.

Semicolon

B.

Single quote

C.

Exclamation mark

D.

Double quote

Buy Now
Questions 102

During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?

Options:

A.

Using the Metasploit psexec module setting the SA / Admin credential

B.

Invoking the stored procedure xp_shell to spawn a Windows command shell

C.

Invoking the stored procedure cmd_shell to spawn a Windows command shell

D.

Invoking the stored procedure xp_cmdshell to spawn a Windows command shell

Buy Now
Questions 103

What type of Virus is shown here?

CEH-001 Question 103

Options:

A.

Macro Virus

B.

Cavity Virus

C.

Boot Sector Virus

D.

Metamorphic Virus

E.

Sparse Infector Virus

Buy Now
Questions 104

Identify SQL injection attack from the HTTP requests shown below:

Options:

A.

https://www.myserver.c0m/search.asp?

lname=smith%27%3bupdate%20usertable%20set%20passwd%3d%27hAx0r%27%3b--%00

B.

https://www.myserver.c0m/script.php?mydata=%3cscript%20src=%22

C.

http%3a%2f%2fwww.yourserver.c0m%2fbadscript.js%22%3e%3c%2fscript%3e

D.

https://www.victim.com/example accountnumber=67891 &creditamount=999999999

Buy Now
Questions 105

Finding tools to run dictionary and brute forcing attacks against FTP and Web servers is an easy task for hackers. They use tools such as arhontus or brutus to break into remote servers.

CEH-001 Question 105

A command such as this, will attack a given 10.0.0.34 FTP and Telnet servers simultaneously with a list of passwords and a single login namE. linksys. Many FTP-specific password-guessing tools are also available from major security sites.

What defensive measures will you take to protect your network from these attacks?

Options:

A.

Never leave a default password

B.

Never use a password that can be found in a dictionary

C.

Never use a password related to your hobbies, pets, relatives, or date of birth.

D.

Use a word that has more than 21 characters from a dictionary as the password

E.

Never use a password related to the hostname, domain name, or anything else that can be found with whois

Buy Now
Questions 106

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him. What would Yancey be considered?

Options:

A.

Yancey would be considered a Suicide Hacker

B.

Since he does not care about going to jail, he would be considered a Black Hat

C.

Because Yancey works for the company currently; he would be a White Hat

D.

Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Buy Now
Questions 107

Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold's boss this new password policy should not apply to them. To comply with the management's wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters.

Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC's on the original domain and the new domain using Pwdump6.

Harold uses the password cracking software John the Ripper to crack users' passwords to make sure they are strong enough. Harold expects that the users' passwords in the original domain will take much longer to crack than the management's passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords.

Why did the 14 character passwords not take much longer to crack than the 8 character passwords?

Options:

A.

Harold should have used Dumpsec instead of Pwdump6

B.

Harold's dictionary file was not large enough

C.

Harold should use LC4 instead of John the Ripper

D.

LanManger hashes are broken up into two 7 character fields

Buy Now
Questions 108

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Options:

A.

Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account

B.

Package the Sales.xls using Trojan wrappers and telnet them back your home computer

C.

You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques

D.

Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Buy Now
Questions 109

You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

Options:

A.

To learn about the IP range used by the target network

B.

To identify the number of employees working for the company

C.

To test the limits of the corporate security policy enforced in the company

D.

To learn about the operating systems, services and applications used on the network

Buy Now
Questions 110

A digital signature is simply a message that is encrypted with the public key instead of the private key.

Options:

A.

true

B.

false

Buy Now
Questions 111

This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

<ahref="<a href="https://foobar.com/index.html?id=%3Cscript%20src=%22https://baddomain.com/badscript.js%22%3E%3C/script%3E">https://foobar.com/index.html?id=%3Cscript%20src=%22https://baddomain.com/badscript.js%22%3E%3C/script%3E ">See foobar

What is this attack?

Options:

A.

Cross-site-scripting attack

B.

SQL Injection

C.

URL Traversal attack

D.

Buffer Overflow attack

Buy Now
Questions 112

Bob has been hired to do a web application security test. Bob notices that the site is dynamic and must make use of a back end database. Bob wants to see if SQL Injection would be possible. What is the first character that Bob should use to attempt breaking valid SQL request?

Options:

A.

Semi Column

B.

Double Quote

C.

Single Quote

D.

Exclamation Mark

Buy Now
Questions 113

What type of attack is shown here?

CEH-001 Question 113

Options:

A.

Bandwidth exhaust Attack

B.

Denial of Service Attack

C.

Cluster Service Attack

D.

Distributed Denial of Service Attack

Buy Now
Questions 114

Fred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

Options:

A.

Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.

B.

He can send an IP packet with the SYN bit and the source address of his computer.

C.

Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

D.

Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Buy Now
Questions 115

Your company has blocked all the ports via external firewall and only allows port 80/443 to connect to the Internet. You want to use FTP to connect to some remote server on the Internet. How would you accomplish this?

Options:

A.

Use HTTP Tunneling

B.

Use Proxy Chaining

C.

Use TOR Network

D.

Use Reverse Chaining

Buy Now
Questions 116

What type of encryption does WPA2 use?

Options:

A.

DES 64 bit

B.

AES-CCMP 128 bit

C.

MD5 48 bit

D.

SHA 160 bit

Buy Now
Questions 117

Frederickson Security Consultants is currently conducting a security audit on the networks of Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises conducts business daily with the federal government, they must abide by very stringent security policies. Frederickson is testing all of Hawthorn's physical and logical security measures including biometrics, passwords, and permissions. The federal government requires that all users must utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson has confirmed that all Hawthorn employees use a random password generator for their network passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn's servers using Pwdump6 and are going to try and crack the network passwords. What method of attack is best suited to crack these passwords in the shortest amount of time?

Options:

A.

Brute force attack

B.

Birthday attack

C.

Dictionary attack

D.

Brute service attack

Buy Now
Questions 118

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems. In other words you are trying to penetrate an otherwise impenetrable system. How would you proceed?

Options:

A.

Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network

B.

Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information

C.

Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"

D.

Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Buy Now
Questions 119

What is the command used to create a binary log file using tcpdump?

Options:

A.

tcpdump -w ./log

B.

tcpdump -r log

C.

tcpdump -vde logtcpdump -vde ? log

D.

tcpdump -l /var/log/

Buy Now
Questions 120

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

Options:

A.

Ursula would be considered a gray hat since she is performing an act against illegal activities.

B.

She would be considered a suicide hacker.

C.

She would be called a cracker.

D.

Ursula would be considered a black hat.

Buy Now
Questions 121

SNMP is a connectionless protocol that uses UDP instead of TCP packets (True or False)

Options:

A.

true

B.

false

Buy Now
Questions 122

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

CEH-001 Question 122

What is the risk of installing Fake AntiVirus?

Options:

A.

Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums

B.

Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

C.

Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

D.

Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Buy Now
Questions 123

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

Options:

A.

Install patches

B.

Setup a backdoor

C.

Install a zombie for DDOS

D.

Cover your tracks

Buy Now
Questions 124

Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe. What kind of attack is being illustrated here?

Options:

A.

Reverse Psychology

B.

Reverse Engineering

C.

Social Engineering

D.

Spoofing Identity

E.

Faking Identity

Buy Now
Questions 125

David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

Options:

A.

David can block port 125 at the firewall.

B.

David can block all EHLO requests that originate from inside the office.

C.

David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.

D.

David can block port 110 to block all POP3 traffic.

Buy Now
Questions 126

Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.

Why will this not be possible?

Options:

A.

Firewalls cannot inspect traffic coming through port 443

B.

Firewalls can only inspect outbound traffic

C.

Firewalls cannot inspect traffic at all, they can only block or allow certain ports

D.

Firewalls cannot inspect traffic coming through port 80

Buy Now
Questions 127

In the context of Trojans, what is the definition of a Wrapper?

Options:

A.

An encryption tool to protect the Trojan

B.

A tool used to bind the Trojan with a legitimate file

C.

A tool used to calculate bandwidth and CPU cycles wasted by the Trojan

D.

A tool used to encapsulate packets within a new header and footer

Buy Now
Questions 128

Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity?

Options:

A.

Dumpster Diving

B.

Scanning

C.

CI Gathering

D.

Garbage Scooping

Buy Now
Questions 129

TCP SYN Flood attack uses the three-way handshake mechanism.

1. An attacker at system A sends a SYN packet to victim at system B.

2. System B sends a SYN/ACK packet to victim A.

3. As a normal three-way handshake mechanism system A should send an ACK packet to system B, however, system A does not send an ACK packet to system B. In this case client B is waiting for an ACK packet from client A.

This status of client B is called _________________

Options:

A.

"half-closed"

B.

"half open"

C.

"full-open"

D.

"xmas-open"

Buy Now
Questions 130

This tool is widely used for ARP Poisoning attack. Name the tool.

CEH-001 Question 130

Options:

A.

Cain and Able

B.

Beat Infector

C.

Poison Ivy

D.

Webarp Infector

Buy Now
Questions 131

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

Options:

A.

Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card

B.

Educate and enforce physical security policies of the company to all the employees on a regular basis

C.

Setup a mock video camera next to the special card reader adjacent to the secure door

D.

Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door

Buy Now
Exam Code: CEH-001
Exam Name: Certified Ethical Hacker (CEH)
Last Update: Oct 29, 2024
Questions: 878

PDF + Testing Engine

$48  $159.99

Testing Engine

$36  $119.99
buy now CEH-001 testing engine

PDF (Q&A)

$30  $99.99
buy now CEH-001 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 01 Nov 2024