CEH-001 Free Practice Test

- (Topic 1)
Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system.
Which of the following is NOT an example of default installation?

1. A. Many systems come with default user accounts with well-known passwords that administrators forget to change
2. B. Often, the default location of installation files can be exploited which allows a hacker to retrieve a file from the system
3. C. Many software packages come with "samples" that can be exploited, such as the sample programs on IIS web services
4. D. Enabling firewall and anti-virus software on the local system

Correct Answer: D

- (Topic 8)
You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website?

1. A. Through Google searching cached files
2. B. Through Archive.org
3. C. Download the website and crawl it
4. D. Visit customers\' and prtners\' websites

Correct Answer: B
Archive.org mirrors websites and categorizes them by date and month depending on the crawl time. Archive.org dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect becausethat\'s the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, archive.org

- (Topic 2)
You have successfully gained access to a victim's computer using Windows 2003 Server SMB Vulnerability. Which command will you run to disable auditing from the cmd?

1. A. stoplog stoplog ?
2. B. EnterPol /nolog
3. C. EventViewer o service
4. D. auditpol.exe /disable

Correct Answer: D

- (Topic 7)
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

1. A. To determine who is the holder of the root account
2. B. To perform a DoS
3. C. To create needless SPAM
4. D. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
5. E. To test for virus protection

Correct Answer: D
Sending a bogus email is one way to find out more about internal servers. Also, to gather additional IP addresses and learn how they treat mail.

- (Topic 8)
Jane has just accessed her preferred e-commerce web site and she has seen an item she would like to buy. Jane considers the price a bit too steep; she looks at the page source code and decides to save the page locally to modify some of the page variables. In the context of web application security, what do you think Jane has changed?

1. A. An integer variable
2. B. A \'hidden\' price value
3. C. A \'hidden\' form field value
4. D. A page cannot be changed locally; it can only be served by a web server

Correct Answer: C
Changing hidden form values is possible when a web site is poorly built and is trusting the visitors computer to submit vital data, like the price of a product, to the database.