Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

CPEH-001 GAQM Certified Professional Ethical Hacker (CPEH) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GAQM CPEH-001 Certified Professional Ethical Hacker (CPEH) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GAQM CPEH-001 Premium Access     Download Demo    
Page: 3 / 8
Total 736 questions

Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?

A.

–T0

B.

–T5

C.

-O

D.

-A

Which of the below hashing functions are not recommended for use?

A.

SHA-1.ECC

B.

MD5, SHA-1

C.

SHA-2. SHA-3

D.

MD5. SHA-5

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

A.

Nmap

B.

Cain & Abel

C.

Nessus

D.

Snort

From the following table, identify the wrong answer in terms of Range (ft).

A.

802.11b

B.

802.11g

C.

802.16(WiMax)

D.

802.11a

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities?

What kind of Web application vulnerability likely exists in their software?

A.

Host-Based Intrusion Detection System

B.

Security through obscurity

C.

Defense in depth

D.

Network-Based Intrusion Detection System

If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?

A.

-sP

B.

-P

C.

-r

D.

-F

You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

What is the hexadecimal value of NOP instruction?

A.

0x60

B.

0x80

C.

0x70

D.

0x90

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

A.

John

B.

Rebecca

C.

Sheela

D.

Shawn

E.

Somia

F.

Chang

G.

Micah

Identify the correct terminology that defines the above statement.

A.

Vulnerability Scanning

B.

Penetration Testing

C.

Security Policy Implementation

D.

Designing Network Security

What is the algorithm used by LM for Windows2000 SAM?

A.

MD4

B.

DES

C.

SHA

D.

SSL

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

A.

USER, NICK

B.

LOGIN, NICK

C.

USER, PASS

D.

LOGIN, USER

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

A.

list server=192.168.10.2 type=all

B.

is-d abccorp.local

C.

Iserver 192.168.10.2-t all

D.

List domain=Abccorp.local type=zone

In the context of Windows Security, what is a 'null' user?

A.

A user that has no skills

B.

An account that has been suspended by the admin

C.

A pseudo account that has no username and password

D.

A pseudo account that was created for security administration purpose

An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.

How would the attacker use netcat to encrypt the information before transmitting onto the wire?

A.

Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat 1234

B.

Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat 1234

C.

Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password

D.

Use cryptcat instead of netcat

A zone file consists of which of the following Resource Records (RRs)?

A.

DNS, NS, AXFR, and MX records

B.

DNS, NS, PTR, and MX records

C.

SOA, NS, AXFR, and MX records

D.

SOA, NS, A, and MX records

What port number is used by LDAP protocol?

A.

110

B.

389

C.

464

D.

445

This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

What is this attack?

A.

Cross-site-scripting attack

B.

SQL Injection

C.

URL Traversal attack

D.

Buffer Overflow attack

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

A.

Nikto

B.

Nmap

C.

Metasploit

D.

Armitage

One of your team members has asked you to analyze the following SOA record.

What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

A.

200303028

B.

3600

C.

604800

D.

2400

E.

60

F.

4800

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

A.

Birthday

B.

Brute force

C.

Man-in-the-middle

D.

Smurf

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort?

A.

Create an incident checklist.

B.

Select someone else to check the procedures.

C.

Increase his technical skills.

D.

Read the incident manual every time it occurs.

In Trojan terminology, what is a covert channel?

A.

A channel that transfers information within a computer system or network in a way that violates the security policy

B.

A legitimate communication path within a computer system or network for transfer of data

C.

It is a kernel operation that hides boot processes and services to mask detection

D.

It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Which of the following is the primary objective of a rootkit?

A.

It opens a port to provide an unauthorized service

B.

It creates a buffer overflow

C.

It replaces legitimate programs

D.

It provides an undocumented opening in a program

E-mail scams and mail fraud are regulated by which of the following?

A.

18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers

B.

18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices

C.

18 U.S.C. par. 1362 Communication Lines, Stations, or Systems

D.

18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Which DNS resource record can indicate how long any "DNS poisoning" could last?

A.

MX

B.

SOA

C.

NS

D.

TIMEOUT

Which of the following are well known password-cracking programs?

A.

L0phtcrack

B.

NetCat

C.

Jack the Ripper

D.

Netbus

E.

John the Ripper

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

A.

network Sniffer

B.

Vulnerability Scanner

C.

Intrusion prevention Server

D.

Security incident and event Monitoring

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.

What do you think Tess King is trying to accomplish? Select the best answer.

A.

A zone harvesting

B.

A zone transfer

C.

A zone update

D.

A zone estimate

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.

Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

A.

SNMPUtil

B.

SNScan

C.

SNMPScan

D.

Solarwinds IP Network Browser

E.

NMap

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

A.

symmetric algorithms

B.

asymmetric algorithms

C.

hashing algorithms

D.

integrity algorithms

GAQM CPEH-001 Premium Access     Download Demo    
Page: 3 / 8
Total 736 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved