Most Recent GAQM CPEH-001 Exam Questions & Answers

Prepare for the GAQM Certified Professional Ethical Hacker (CPEH) Exam exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GAQM CPEH-001 exam and achieve success.

The questions for CPEH-001 were last updated on Nov 14, 2024.

Viewing page 1 out of 175 pages.
Viewing questions 1-5 out of 877 questions

Get All 877 Questions & Answers

Question No. 1

You wish to determine the operating system and type of web server being used. At the same time you wish to arouse no suspicion within the target organization. While some of the methods listed below work, which holds the least risk of detection?

AMake some phone calls and attempt to retrieve the information using social engineering.

BUse nmap in paranoid mode and scan the web server.

CTelnet to the web server and issue commands to illicit a response.

DUse the netcraft web site look for the target organization's web site.

Show Answer

Correct Answer: D

Netcraft is providing research data and analysis on many aspects of the Internet. Netcraft has explored the Internet since 1995 and is a respected authority on the market share of web servers, operating systems, hosting providers, ISPs, encrypted transactions, electronic commerce, scripting languages and content technologies on the internet.

Question No. 2

Ifa tester is attempting to ping a target thatexists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

AHping

BTraceroute

CTCP ping

DBroadcast ping

Show Answer

Correct Answer: A

Question No. 3

Your boss Tess King is attempting to modify the parameters of a Web-based application in order to alter the SQL statements that are parsed to retrieve data from the database. What would you call such an attack?

ASQL Input attack

BSQL Piggybacking attack

CSQL Select attack

DSQL Injection attack

Show Answer

Correct Answer: D

This technique is known as SQL injection attack

Question No. 4

Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?

ASpoof Attack

BSmurf Attack

CMan inthe Middle Attack

DTrojan Horse Attack

EBack Orifice Attack

Show Answer

Correct Answer: D, E

To compromise the data, the attack would need to be executed before the encryption takes place at either end of the tunnel. Trojan Horse and Back Orifice attacks both allow for potential data manipulation on host computers. In both cases, the data would be compromised either before encryption or after decryption, so IPsec is not preventing the attack.

Question No. 5

You have initiated an active operating system fingerprinting attempt with nmap against a target system:

What operating system is the target host running based on the open ports shown above?

AWindows XP

BWindows 98 SE

CWindows NT4 Server

DWindows 2000 Server

Show Answer

Correct Answer: D

The system is reachable as an active directory domain controller (port 389, LDAP)

Unlock All Questions for GAQM CPEH-001 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 877 Questions & Answers