CEH-001 GAQM Certified Ethical Hacker (CEH) exact Exam Questions

Certified Ethical Hacker (CEH)

Last Update 17 hours ago Total Questions : 878

The Certified Ethical Hacker (CEH) content is now fully updated, with all current exam questions added 17 hours ago. Deciding to include CEH-001 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CEH-001 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CEH-001 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certified Ethical Hacker (CEH) practice test comfortably within the allotted time.

Question # 141

Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications

A reduction in network and application monitoring since all recording will be completed at the SSO system

A reduction in system administration overhead since any user login problems can be resolved at the SSO system

A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

Question # 142

Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?

Fast processor to help with network traffic analysis

They must be dual-homed

Similar RAM requirements

Fast network interface cards

Question # 143

From the two screenshots below, which of the following is occurring?

10.0.0.253 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.253 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.2 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.252 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

Question # 144

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

Semicolon

Single quote

Exclamation mark

Double quote

Question # 145

Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

UDP 123

UDP 541

UDP 514

UDP 415

Question # 146

In the OSI model, where does PPTP encryption take place?

Transport layer

Application layer

Data link layer

Network layer

Question # 147

The following is a sample of output from a penetration tester ' s machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

Ping sweep of the 192.168.1.106 network

Remote service brute force attempt

Port scan of 192.168.1.106

Denial of service attack on 192.168.1.106

Question # 148

Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?

RSA 1024 bit strength

AES 1024 bit strength

RSA 512 bit strength

AES 512 bit strength

Question # 149

Which of the following are variants of mandatory access control mechanisms? (Choose two.)

Two factor authentication

Acceptable use policy

Username / password

User education program

Question # 150

Which of the following open source tools would be the best choice to scan a network for potential targets?

NMAP

NIKTO

CAIN

John the Ripper

Question # 151

During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?

The web application does not have the secure flag set.

The session cookies do not have the HttpOnly flag set.

The victim user should not have an endpoint security solution.

The victim ' s browser must have ActiveX technology enabled.

Question # 152

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions.

On further research, the tester come across a perl script that runs the following msadc functions:system( " perl msadc.pl -h $host -C \ " echo open $your > testfile\ " " );

Which exploit is indicated by this script?

A buffer overflow exploit

A chained exploit

A SQL injection exploit

A denial of service exploit

Question # 153

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

Netsh firewall show config

WMIC firewall show config

Net firewall show config

Ipconfig firewall show config

Question # 154

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

Smurf attack

Social engineering attack

SQL injection attack

Phishing attack

Fraggle attack

Distributed denial of service attack

Question # 155

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

Cupp

Nessus

Cain and Abel

John The Ripper Pro

Question # 156

Wayne is the senior security analyst for his company. Wayne is examining some traffic logs on a server and came across some inconsistencies. Wayne finds some IP packets from a computer purporting to be on the internal network. The packets originate from 192.168.12.35 with a TTL of 15. The server replied to this computer and received a response from 192.168.12.35 with a TTL of 21. What can Wayne infer from this traffic log?

The initial traffic from 192.168.12.35 was being spoofed.

The traffic from 192.168.12.25 is from a Linux computer.

The TTL of 21 means that the client computer is on wireless.

The client computer at 192.168.12.35 is a zombie computer.

Question # 157

Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to the network? (Choose three.)

Port Security

IPSec Encryption

Network Admission Control (NAC)

802.1q Port Based Authentication

802.1x Port Based Authentication

Intrusion Detection System (IDS)

Question # 158

If an attacker ' s computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?

The zombie computer will respond with an IPID of 24334.

The zombie computer will respond with an IPID of 24333.

The zombie computer will not send a response.

The zombie computer will respond with an IPID of 24335.

Question # 159

SOAP services use which technology to format information?

SATA

PCI

XML

ISDN

Question # 160

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine, by " spoofing " the IP address of that machine.

How would you detect IP spoofing?

Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet

Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet, if the connection completes then it is a spoofed packet

Turn on ' Enable Spoofed IP Detection ' in Wireshark, you will see a flag tick if the packet is spoofed

Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet