Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Certified Professional Ethical Hacker (CPEH)

Last Update 3 hours ago Total Questions : 736

The Certified Professional Ethical Hacker (CPEH) content is now fully updated, with all current exam questions added 3 hours ago. Deciding to include CPEH-001 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CPEH-001 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CPEH-001 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certified Professional Ethical Hacker (CPEH) practice test comfortably within the allotted time.

Question # 61

Which of the following is an example of two factor authentication?

A.

PIN Number and Birth Date

B.

Username and Password

C.

Digital Certificate and Hardware Token

D.

Fingerprint and Smartcard ID

Question # 62

Low humidity in a data center can cause which of the following problems?

A.

Heat

B.

Corrosion

C.

Static electricity

D.

Airborne contamination

Question # 63

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?

A.

The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.

B.

The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.

C.

The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.

D.

The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.

Question # 64

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

A.

Proper testing

B.

Secure coding principles

C.

Systems security and architecture review

D.

Analysis of interrupts within the software

Question # 65

Which of the following is the best countermeasure to encrypting ransomwares?

A.

Use multiple antivirus softwares

B.

Keep some generation of off-line backup

C.

Analyze the ransomware to get decryption key of encrypted data

D.

Pay a ransom

Question # 66

Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities.

Which type of virus detection method did Chandler use in this context?

A.

Heuristic Analysis

B.

Code Emulation

C.

Integrity checking

D.

Scanning

Question # 67

Which of the following steps for risk assessment methodology refers to vulnerability identification?

A.

Determines if any flaws exist in systems, policies, or procedures

B.

Assigns values to risk probabilities; Impact values.

C.

Determines risk probability that vulnerability will be exploited (High. Medium, Low)

D.

Identifies sources of harm to an IT system. (Natural, Human. Environmental)

Question # 68

DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.

What command is used to determine if the entry is present in DNS cache?

A.

nslookup -fullrecursive update.antivirus.com

B.

dnsnooping –rt update.antivirus.com

C.

nslookup -norecursive update.antivirus.com

D.

dns --snoop update.antivirus.com

Question # 69

You are the Network Admin, and you get a compliant that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL.

What may be the problem?

A.

Traffic is Blocked on UDP Port 53

B.

Traffic is Blocked on UDP Port 80

C.

Traffic is Blocked on UDP Port 54

D.

Traffic is Blocked on UDP Port 80

Question # 70

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.

Suppose a malicious user Rob tries to get access to the account of a benign user Ned.

Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

A.

“GET/restricted/goldtransfer?to=Rob & from=1 or 1=1’ HTTP/1.1Host: westbank.com”

B.

“GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”

C.

“GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”

D.

“GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

Question # 71

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the

following represents the best practice your business should observe?

A.

Hire a security consultant to provide direction.

B.

Do not back up cither the credit card numbers or then hashes.

C.

Back up the hashes of the credit card numbers not the actual credit card numbers.

D.

Encrypt backup tapes that are sent off-site.

Question # 72

Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

A.

ICMP Echo scanning

B.

SYN/FIN scanning using IP fragments

C.

ACK flag probe scanning

D.

IPID scanning

Question # 73

A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library

are required to allow the NIC to work in promiscuous mode?

A.

Libpcap

B.

Awinpcap

C.

Winprom

D.

Winpcap

Question # 74

Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?

A.

Bootrom Exploit

B.

iBoot Exploit

C.

Sandbox Exploit

D.

Userland Exploit

Question # 75

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

A.

Reverse Social Engineering

B.

Tailgating

C.

Piggybacking

D.

Announced

Go to page:
CPEH-001 PDF + Testing Engine
220-1201 pdf + testing engine
$149.97
$44.99 
220-1201 pdf + testing engine
  • Last Update: May 24, 2026
  • 736 Questions and Answers
  • Single Choice: 721 Q&A's
  • Multiple Choice: 15 Q&A's
 View Packages

Related GAQM Certification Exams

GAQM ISO-CLA-22
GAQM ISO-QMS-13485
GAQM ISO-41001-CLA
GAQM ISO27019LA
GAQM ISO-21500-CLPM
GAQM ISO-19770-CLA
GAQM ISO17025-010
GAQM ISO-27017-CLA
GAQM ISO-17020-CLA
GAQM ISO-LCSM-001
GAQM ISO-45001-CLA
GAQM ISO22CLA

New Release

Category-Manager Exam Questions
Drupal-Site-Builder Exam Questions
NCP-OUSD Exam Questions
IdentityIQ-Associate Exam Questions
M92 Exam Questions
ISO-IEC-27002-Foundation Exam Questions
NCP-AAI Exam Questions
VNX301 Exam Questions
AI-901 Exam Questions
Als-Con-201 Exam Questions
App-Development-with-Swift-Certified-User Exam Questions
CAIPM Exam Questions
CPCM Exam Questions
RCA Exam Questions
I27001F Exam Questions