Most Recent GAQM CPEH-001 Exam Questions & Answers

Prepare for the GAQM Certified Professional Ethical Hacker (CPEH) Exam exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GAQM CPEH-001 exam and achieve success.

The questions for CPEH-001 were last updated on Dec 22, 2024.

Viewing page 1 out of 175 pages.
Viewing questions 1-5 out of 877 questions

Get All 877 Questions & Answers

Question No. 1

You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session. Here is the captured data in tcpdump.

What are the next sequence and acknowledgement numbers that the router will send to the victim machine?

ASequence number: 82980070 Acknowledgement number: 17768885A.

BSequence number: 17768729 Acknowledgement number: 82980070B.

CSequence number: 87000070 Acknowledgement number: 85320085C.

DSequence number: 82980010 Acknowledgement number: 17768885D.

Show Answer

Correct Answer: A

Question No. 2

Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company's network security. No employees for the company, other than the IT director, know about Shayla's work she will be doing. Shayla's first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee's access badge and uses it to gain unauthorized access to the Treks Avionics offices. What type of insider threat would Shayla be considered?

AShe would be considered an Insider Affiliate

BBecause she does not have any legal access herself, Shayla would be considered an Outside Affiliate

CShayla is an Insider Associate since she has befriended an actual employee

DSince Shayla obtained access with a legitimate company badge; she would be considered a Pure Insider

Show Answer

Correct Answer: A

Question No. 3

You are footprinting an organization and gathering competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find them listed there. You know they had the entire staff directory listed on their website 12 months ago but now it is not there. Is there any way you can retrieve information from a website that is outdated?

AVisit Google's search engine and view the cached copy

BCrawl the entire website and store them into your computer

CVisit Archive.org web site to retrieve the Internet archive of the company's website

DVisit the company's partners and customers website for this information

Show Answer

Correct Answer: C

The Internet Archive (IA) is a non-profit organization dedicated to maintaining an archive of Web and multimedia resources. Located at the Presidio in San Francisco, California, this archive includes 'snapshots of the World Wide Web' (archived copies of pages, taken at various points in time), software, movies, books, and audio recordings (including recordings of live concerts from bands that allow it). This site is found at www.archive.org.

Question No. 4

A circuit level gateway works at which of the following layers of the OSI Model?

ALayer 5 - Application

BLayer 4 -- TCP

CLayer 3 -- Internet protocol

DLayer 2 -- Data link

Show Answer

Correct Answer: B

Question No. 5

Exhibit:

The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack. You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?

AThe buffer overflow attack has been neutralized by the IDS

BThe attacker is creating a directory on the compromised machine

CThe attacker is attempting a buffer overflow attack and has succeeded

DThe attacker is attempting an exploit that launches a command-line shell

Show Answer

Correct Answer: D

This log entry shows a hacker using a buffer overflow to fill the data buffer and trying to insert the execution of /bin/sh into the executable code part of the thread. It is probably an existing exploit that is used, or a directed attack with a custom built buffer overflow with the ''payload'' that launches the command shell.

Unlock All Questions for GAQM CPEH-001 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 877 Questions & Answers