← Back to exam page

CPEH-001 Certified Professional Ethical Hacker (CPEH)

Loading demo links...

Showing 1–3 of 20 questions

Question 1 (Exam Pool G)

As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

Select all that apply, then click Submit answer.

  • Use the same machines for DNS and other applications

  • Harden DNS servers

  • Use split-horizon operation for DNS servers

  • Restrict Zone transfers

  • Have subnet diversity between DNS servers


Question 2 (Exam Pool G)

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

Select all that apply, then click Submit answer.

  • Use port security on his switches.

  • Use a tool like ARPwatch to monitor for strange ARP activity.

  • Use a firewall between all LAN segments.

  • If you have a small network, use static ARP entries.

  • Use only static IP addresses on all PC's.


Question 3 (Exam Pool G)

The network administrator at Spears Technology, Inc has configured the default gateway

Cisco router's access-list as below:

You are hired to conduct security testing on their network.

You successfully brute-force the SNMP community string using a SNMP crack tool.

The access-list configured at the router prevents you from establishing a successful connection.

You want to retrieve the Cisco configuration from the router. How would you proceed?

Select all that apply, then click Submit answer.

  • Use the Cisco's TFTP default password to connect and download the configuration file

  • Run a network sniffer and capture the returned traffic with the configuration file from the router

  • Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

  • Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0