GAQM Exam CPEH-001 Topic 6 Question 51 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 51
Topic #: 6

Joe the Hacker breaks into XYZ's Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode.

What can Joe do to hide the wiretap program from being detected by ifconfig command?

ABlock output to the console whenever the user runs ifconfig command by running screen capture utiliyu

BRun the wiretap program in stealth mode from being detected by the ifconfig command.

CReplace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console.

DYou cannot disable Promiscuous mode detection on Linux systems.

Show Suggested Answer

Suggested Answer: C

The normal way to hide these rogue programs running on systems is the use crafted commands like ifconfig and ls.

by Melissa at May 06, 2022, 08:13 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!