GAQM CPEH-001 Exam - Topic 6 Question 63 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 63
Topic #: 6

Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

AThey are using UDP that is always authorized at the firewall

BThey are using an older version of Internet Explorer that allow them to bypass the proxy server

CThey have been able to compromise the firewall, modify the rules, and give themselves proper access

DThey are using tunneling software that allows them to communicate with protocols in a way it was not intended

Show Suggested Answer

Suggested Answer: D

This can be accomplished by, for example, tunneling the http traffic over SSH if you have a SSH server answering to your connection, you enable dynamic forwarding in the ssh client and configure Internet Explorer to use a SOCKS Proxy for network traffic.

by Noah at Dec 24, 2022, 02:39 AM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Zana

4 months ago

A is definitely not it, UDP is usually allowed for specific services.

upvoted 0 times

...

Ricki

4 months ago

Surprised they can even access those sites at work!

upvoted 0 times

...

Eve

4 months ago

No way, it could be C if they compromised the firewall!

upvoted 0 times

...

Edda

4 months ago

I agree, D seems like the most likely option here.

upvoted 0 times

...

Carma

4 months ago

They're probably using tunneling software to bypass restrictions.

upvoted 0 times

...

Brice

5 months ago

I vaguely recall something about older browsers and proxy issues. B might be a possibility, but I feel like it's less likely in a modern environment with updated security measures.

upvoted 0 times

...

Tanesha

5 months ago

I think I saw a similar question about firewall compromises in practice exams. C sounds plausible, but I doubt they could modify the rules without being detected.

upvoted 0 times

...

Michell

5 months ago

I'm not entirely sure, but I think UDP being authorized at the firewall might not be a strong enough reason for them to bypass content filtering. So A feels a bit off to me.

upvoted 0 times

...

Donte

5 months ago

I remember studying about tunneling techniques in my network security class. It seems like D could be the right answer since it mentions using tunneling software.

upvoted 0 times

...

Jessenia

5 months ago

I'm a little confused by this question. All the options seem somewhat relevant, but I'm not sure which one is the "BEST" approach. I might need to review my notes on enterprise risk management to make sure I'm understanding this properly.

upvoted 0 times

...

Wilburn

5 months ago

This looks like a pretty straightforward networking question. I'm confident I can handle this one.

upvoted 0 times

...

Mitzie

5 months ago

Hmm, I'm a bit unsure about the order of these documents. Let me think this through step-by-step to make sure I understand the correct hierarchy.

upvoted 0 times

...

Melina

5 months ago

Hmm, I'm a bit unsure about the exact order of the steps here. I'll need to review my notes on field security configuration to make sure I don't miss anything.

upvoted 0 times

...