Online Access Free CEH-001 Exam Questions

During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?

• A.The victim user should not have an endpoint security solution.
• B.The session cookies do not have the HttpOnly flag set.
• C.The web application does not have the secure flag set.
• D.The victim's browser must have ActiveX technology enabled.

Fred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

• A.He can send an IP packet with the SYN bit and the source address of his computer.
• B.Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
• C.Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.
• D.Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

Bluetooth uses which digital modulation technique to exchange information between paired devices?

• A.QAM (quadrature amplitude modulation)
• B.PSK (phase-shift keying)
• C.ASK (amplitude-shift keying)
• D.FSK (frequency-shift keying)

Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

• A.Nmap
• B.VirusSCAN
• C.SNORT
• D.Tripwire

Choose one of the following pseudo codes to describe this statement:
"If we have written 200 characters to the buffer variable, the stack should stop because it cannot hold any more data."

• A.If (I <= 200) then exit (1)
• B.If (I < 200) then exit (1)
• C.If (I >= 200) then exit (1)
• D.If (I > 200) then exit (1)