GAQM Exam CPEH-001 Topic 5 Question 12 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 12
Topic #: 5

John has a proxy server on his network which caches and filters web access. He shuts down all unnecessary ports and services. Additionally, he has installed a firewall (Cisco PIX) that will not allow users to connect to any outbound ports. Jack, a network user has successfully connected to a remote server on port 80 using netcat. He could in turn drop a shell from the remote machine. Assuming an attacker wants to penetrate John's network, which of the following options is he likely to choose?

AUse ClosedVPN

BUse Monkey shell

CUse reverse shell using FTP protocol

DUse HTTPTunnel or Stunnel on port 80 and 443

Show Suggested Answer

Suggested Answer: D

As long as you allow http or https traffic attacks can be tunneled over those protocols with Stunnel or HTTPTunnel.

by Jettie at May 09, 2022, 05:11 AM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!