← Back to exam page

CEH-001 Certified Ethical Hacker (CEH)

Loading demo links...

Showing 16–18 of 20 questions

Question 16 (Volume B)

Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?

Select an option, then click Submit answer.

  • Configure the Web Server to deny requests involving "hex encoded" characters

  • Create rules in IDS to alert on strange Unicode requests

  • Use SSL authentication on Web Servers

  • Enable Active Scripts Detection at the firewall and routers
Question 17 (Volume B)

Blane is a network security analyst for his company. From an outside IP, Blane performs an XMAS scan using Nmap. Almost every port scanned does not illicit a response. What can he infer from this kind of response?

Select an option, then click Submit answer.

  • These ports are open because they do not illicit a response.

  • He can tell that these ports are in stealth mode.

  • If a port does not respond to an XMAS scan using NMAP, that port is closed.

  • The scan was not performed correctly using NMAP since all ports, no matter what their state, will illicit some sort of response from an XMAS scan.
Question 18 (Volume H)

You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website?

Select an option, then click Submit answer.

  • Through Google searching cached files

  • Through Archive.org

  • Download the website and crawl it

  • Visit customers' and prtners' websites