GAQM Certified Professional Ethical Hacker (CPEH) Exam CPEH-001 Dumps in PDF

Free GAQM CPEH-001 Real Questions (page: 7)

The SYN flood attack sends TCP connections requests faster than a machine can process them. · Attacker creates a random source address for each packet · SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
· Victim responds to spoofed IP address, then waits for confirmation that never arrives (timeout wait is about 3 minutes)
· Victim's connection table fills up waiting for replies and ignores new connections · Legitimate users are ignored and will not be able to access the server How do you protect your network against SYN Flood attacks?

  1. SYN cookies. Instead of allocating a record, send a SYN-ACK with a carefully constructed sequence number generated as a hash of the clients IP address, port number, and other information.
    When the client responds with a normal ACK, that special sequence number will be included, which the server then verifies. Thus, the server first allocates memory on the third packet of the handshake, not the first.
  2. RST cookies - The server sends a wrong SYN/ACK back to the client. The client should then generate a RST packet telling the server that something is wrong. At this point, the server knows the client is valid and will now accept incoming connections from that client normally
  3. Check the incoming packet's IP address with the SPAM database on the Internet and enable the filter using ACLs at the Firewall
  4. Stack Tweaking. TCP stacks can be tweaked in order to reduce the effect of SYN floods. Reduce the timeout before a stack frees up the memory allocated for a connection
  5. Micro Blocks. Instead of allocating a complete connection, simply allocate a micro record of 16- bytes for the incoming SYN object

Answer(s): A,B,D,E



What type of port scan is shown below?

  1. Idle Scan
  2. FIN Scan
  3. XMAS Scan
  4. Windows Scan

Answer(s): B



Stephanie works as a records clerk in a large office building in downtown Chicago. On Monday, she went to a mandatory security awareness class (Security5) put on by her company's IT department. During the class, the IT department informed all employees that everyone's Internet activity was thenceforth going to be monitored. Stephanie is worried that her Internet activity might give her supervisor reason to write her up, or worse get her fired. Stephanie's daily work duties only consume about four hours of her time, so she usually spends the rest of the day surfing the web. Stephanie really enjoys surfing the Internet but definitely does not want to get fired for it.
What should Stephanie use so that she does not get in trouble for surfing the Internet?

  1. Stealth IE
  2. Stealth Anonymizer
  3. Stealth Firefox
  4. Cookie Disabler

Answer(s): B



Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch.
What type of port will Neil need to setup in order to accomplish this?

  1. Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer.
  2. Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer.
  3. He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer.
  4. He should setup a MODS port which will copy all network traffic.

Answer(s): B



In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR. These flags have decimal numbers assigned to them:
FIN = 1
SYN = 2
RST = 4
PSH = 8
ACK = 16
URG = 32
ECE = 64
CWR = 128
Jason is the security administrator of ASPEN Communications. He analyzes some traffic using Wireshark and has enabled the following filters.



What is Jason trying to accomplish here?

  1. SYN, FIN, URG and PSH
  2. SYN, SYN/ACK, ACK
  3. RST, PSH/URG, FIN
  4. ACK, ACK, SYN, URG

Answer(s): B



Share your comments for GAQM CPEH-001 exam with other users:

S
Sonbir
8/8/2023 1:04:00 PM

how to get system serial number using intune

M
Manju
10/19/2023 1:19:00 PM

is it really helpful to pass the exam

L
LeAnne Hair
8/24/2023 12:47:00 PM

#229 in incorrect - all the customers require an annual review

A
Abdul SK
9/28/2023 11:42:00 PM

kindy upload

A
Aderonke
10/23/2023 12:53:00 PM

fantastic assessment on psm 1

S
SAJI
7/20/2023 2:51:00 AM

56 question correct answer a,b

R
Raj Kumar
10/23/2023 8:52:00 PM

thank you for providing the q bank

P
piyush keshari
7/7/2023 9:46:00 PM

true quesstions

B
B.A.J
11/6/2023 7:01:00 AM

i can´t believe ms asks things like this, seems to be only marketing material.

G
Guss
5/23/2023 12:28:00 PM

hi, could you please add the last update of ns0-527

R
Rond65
8/22/2023 4:39:00 PM

question #3 refers to vnet4 and vnet5. however, there is no vnet5 listed in the case study (testlet 2).

C
Cheers
12/13/2023 9:55:00 AM

sometimes it may be good some times it may be

S
Sumita Bose
7/21/2023 1:01:00 AM

qs 4 answer seems wrong- please check

A
Amit
9/7/2023 12:53:00 AM

very detailed explanation !

F
FisherGirl
5/16/2022 10:36:00 PM

the interactive nature of the test engine application makes the preparation process less boring.

C
Chiranthaka
9/20/2023 11:15:00 AM

very useful.

S
SK
7/15/2023 3:51:00 AM

complete question dump should be made available for practice.

G
Gamerrr420
5/25/2022 9:38:00 PM

i just passed my first exam. i got 2 exam dumps as part of the 50% sale. my second exam is under work. once i write that exam i report my result. but so far i am confident.

K
Kudu hgeur
9/21/2023 5:58:00 PM

nice create dewey stefen

A
Anorag
9/6/2023 9:24:00 AM

i just wrote this exam and it is still valid. the questions are exactly the same but there are about 4 or 5 questions that are answered incorrectly. so watch out for those. best of luck with your exam.

N
Nathan
1/10/2023 3:54:00 PM

passed my exam today. this is a good start to 2023.

1
1
10/28/2023 7:32:00 AM

great sharing

A
Anand
1/20/2024 10:36:00 AM

very helpful

K
Kumar
6/23/2023 1:07:00 PM

thanks.. very helpful

U
User random
11/15/2023 3:01:00 AM

i registered for 1z0-1047-23 but dumps qre available for 1z0-1047-22. help me with this...

K
kk
1/17/2024 3:00:00 PM

very helpful

R
Raj
7/24/2023 10:20:00 AM

please upload oracle 1z0-1110-22 exam pdf

B
Blessious Phiri
8/13/2023 11:58:00 AM

becoming interesting on the logical part of the cdbs and pdbs

L
LOL what a joke
9/10/2023 9:09:00 AM

some of the answers are incorrect, i would be wary of using this until an admin goes back and reviews all the answers

M
Muhammad Rawish Siddiqui
12/9/2023 7:40:00 AM

question # 267: federated operating model is also correct.

M
Mayar
9/22/2023 4:58:00 AM

its helpful alot.

S
Sandeep
7/25/2022 11:58:00 PM

the questiosn from this braindumps are same as in the real exam. my passing mark was 84%.

E
Eman Sawalha
6/10/2023 6:09:00 AM

it is an exam that measures your understanding of cloud computing resources provided by aws. these resources are aligned under 6 categories: storage, compute, database, infrastructure, pricing and network. with all of the services and typees of services under each category

M
Mars
11/16/2023 1:53:00 AM

good and very useful

AI Tutor 👋 I’m here to help!