Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

CPEH-001 GAQM Certified Professional Ethical Hacker (CPEH) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GAQM CPEH-001 Certified Professional Ethical Hacker (CPEH) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GAQM CPEH-001 Premium Access     Download Demo    
Page: 5 / 8
Total 736 questions

Which of the following is an extremely common IDS evasion technique in the web world?

A.

unicode characters

B.

spyware

C.

port knocking

D.

subnetting

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.

What should you do?

A.

Immediately stop work and contact the proper legal authorities.

B.

Copy the data to removable media and keep it in case you need it.

C.

Confront the client in a respectful manner and ask her about the data.

D.

Ignore the data and continue the assessment until completed as agreed.

You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk.

What is one of the first things you should do when given the job?

A.

Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

B.

Interview all employees in the company to rule out possible insider threats.

C.

Establish attribution to suspected attackers.

D.

Start the wireshark application to start sniffing network traffic.

Your company was hired by a small healthcare provider to perform a technical assessment on the network.

What is the best approach for discovering vulnerabilities on a Windows-based computer?

A.

Use a scan tool like Nessus

B.

Use the built-in Windows Update tool

C.

Check MITRE.org for the latest list of CVE findings

D.

Create a disk image of a clean Windows installation

You are using NMAP to resolve domain names into IP addresses for a ping sweep later.

Which of the following commands looks for IP addresses?

A.

>host -t a hackeddomain.com

B.

>host -t soa hackeddomain.com

C.

>host -t ns hackeddomain.com

D.

>host -t AXFR hackeddomain.com

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

A.

The host is likely a printer.

B.

The host is likely a Windows machine.

C.

The host is likely a Linux machine.

D.

The host is likely a router.

You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerprint all machines in the network using the nmap syntax below, it is not going through.

What seems to be wrong?

A.

OS Scan requires root privileges.

B.

The nmap syntax is wrong.

C.

This is a common behavior for a corrupted nmap application.

D.

The outgoing TCP/IP fingerprinting is blocked by the host firewall.

The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the office was closed. She asks you to investigate the issue because she is busy dealing with a big conference and she doesn’t have time to perform the task.

What tool can you use to view the network traffic being sent and received by the wireless router?

A.

Wireshark

B.

Nessus

C.

Netcat

D.

Netstat

Which of the following is a characteristic of Public Key Infrastructure (PKI)?

A.

Public-key cryptosystems are faster than symmetric-key cryptosystems.

B.

Public-key cryptosystems distribute public-keys within digital signatures.

C.

Public-key cryptosystems do not require a secure key distribution channel.

D.

Public-key cryptosystems do not provide technical non-repudiation via digital signatures.

Which initial procedure should an ethical hacker perform after being brought into an organization?

A.

Begin security testing.

B.

Turn over deliverables.

C.

Sign a formal contract with non-disclosure.

D.

Assess what the organization is trying to protect.

Which of the following is an advantage of utilizing security testing methodologies to conduct a security audit?

A.

They provide a repeatable framework.

B.

Anyone can run the command line scripts.

C.

They are available at low cost.

D.

They are subject to government regulation.

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

A.

The gateway is not routing to a public IP address.

B.

The computer is using an invalid IP address.

C.

The gateway and the computer are not on the same network.

D.

The computer is not using a private IP address.

A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?

A.

Threaten to publish the penetration test results if not paid.

B.

Follow proper legal procedures against the company to request payment.

C.

Tell other customers of the financial problems with payments from this company.

D.

Exploit some of the vulnerabilities found on the company webserver to deface it.

Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?

A.

Poly key exchange

B.

Cross certification

C.

Poly key reference

D.

Cross-site exchange

Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

A.

Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.

B.

Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.

C.

Configure the firewall to allow traffic on TCP port 53.

D.

Configure the firewall to allow traffic on TCP port 8080.

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

A.

Birthday attack

B.

Plaintext attack

C.

Meet in the middle attack

D.

Chosen ciphertext attack

The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

A.

Investigate based on the maintenance schedule of the affected systems.

B.

Investigate based on the service level agreements of the systems.

C.

Investigate based on the potential effect of the incident.

D.

Investigate based on the order that the alerts arrived in.

How do employers protect assets with security policies pertaining to employee surveillance activities?

A.

Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness.

B.

Employers use informal verbal communication channels to explain employee monitoring activities to employees.

C.

Employers use network surveillance to monitor employee email traffic, network access, and to record employee keystrokes.

D.

Employers provide employees written statements that clearly discuss the boundaries of monitoring activities and consequences.

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

A.

Hping

B.

Traceroute

C.

TCP ping

D.

Broadcast ping

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network’s IDS?

A.

Timing options to slow the speed that the port scan is conducted

B.

Fingerprinting to identify which operating systems are running on the network

C.

ICMP ping sweep to determine which hosts on the network are not available

D.

Traceroute to control the path of the packets sent during the scan

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

A.

Start by foot printing the network and mapping out a plan of attack.

B.

Ask the employer for authorization to perform the work outside the company.

C.

Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

D.

Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

A.

MD5

B.

SHA-1

C.

RC4

D.

MD4

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?

A.

Say no; the friend is not the owner of the account.

B.

Say yes; the friend needs help to gather evidence.

C.

Say yes; do the job for free.

D.

Say no; make sure that the friend knows the risk she’s asking the CEH to take.

Which of the following guidelines or standards is associated with the credit card industry?

A.

Control Objectives for Information and Related Technology (COBIT)

B.

Sarbanes-Oxley Act (SOX)

C.

Health Insurance Portability and Accountability Act (HIPAA)

D.

Payment Card Industry Data Security Standards (PCI DSS)

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

A.

Penetration testing

B.

Social engineering

C.

Vulnerability scanning

D.

Access control list reviews

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

A.

Teardrop

B.

SYN flood

C.

Smurf attack

D.

Ping of death

A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?

A.

Implementing server-side PKI certificates for all connections

B.

Mandating only client-side PKI certificates for all connections

C.

Requiring client and server PKI certificates for all connections

D.

Requiring strong authentication for all DNS queries

Which element of Public Key Infrastructure (PKI) verifies the applicant?

A.

Certificate authority

B.

Validation authority

C.

Registration authority

D.

Verification authority

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

A.

At least once a year and after any significant upgrade or modification

B.

At least once every three years or after any significant upgrade or modification

C.

At least twice a year or after any significant upgrade or modification

D.

At least once every two years and after any significant upgrade or modification

GAQM CPEH-001 Premium Access     Download Demo    
Page: 5 / 8
Total 736 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved