Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
GAQM
Information Systems Security
CPEH-001
Certified Professional Ethical Hacker (CPEH) Questions and Answers

Pass the GAQM Information Systems Security CPEH-001 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CPEH-001 Premium Access

View all detail and faqs for the CPEH-001 exam

Go to Exam

697 Students Passed

84% Average Score

91% Same Questions

Viewing page 2 out of 15 pages

Viewing questions 16-30 out of questions

Questions # 16:

A security administrator notices that the log file of the company’s webserver contains suspicious entries:

Question # 16

Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

Options:

command injection.

SQL injection.

directory traversal.

LDAP injection.

Answer

Questions # 17:

Fingerprinting VPN firewalls is possible with which of the following tools?

Options:

Angry IP

Nikto

Ike-scan

Arp-scan

Answer

Questions # 18:

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

Options:

Netsh firewall show config

WMIC firewall show config

Net firewall show config

Ipconfig firewall show config

Answer

Questions # 19:

Which of the following is considered an acceptable option when managing a risk?

Options:

Reject the risk.

Deny the risk.

Mitigate the risk.

Initiate the risk.

Answer

Questions # 20:

An NMAP scan of a server shows port 25 is open. What risk could this pose?

Options:

Open printer sharing

Web portal data leak

Clear text authentication

Active mail relay

Answer

Questions # 21:

Bluetooth uses which digital modulation technique to exchange information between paired devices?

Options:

PSK (phase-shift keying)

FSK (frequency-shift keying)

ASK (amplitude-shift keying)

QAM (quadrature amplitude modulation)

Answer

Explanation

Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of PSK are used: π/4 DQPSK, and 8DPSK.

References: http://www.radio-electronics.com/info/wireless/bluetooth/radio-interface-modulation.php

Questions # 22:

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

Options:

The consultant will ask for money on the bid because of great work.

The consultant may expose vulnerabilities of other companies.

The company accepting bids will want the same type of format of testing.

The company accepting bids will hire the consultant because of the great work performed.

Answer

Questions # 23:

Which of the following processes evaluates the adherence of an organization to its stated security policy?

Options:

Vulnerability assessment

Penetration testing

Risk assessment

Security auditing

Answer

Questions # 24:

Low humidity in a data center can cause which of the following problems?

Options:

Heat

Corrosion

Static electricity

Airborne contamination

Answer

Questions # 25:

From the two screenshots below, which of the following is occurring?

Question # 25

Options:

10.0.0.253 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.253 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.2 is performing an IP scan against 10.0.0.0/24, 10.0.0.252 is performing a port scan against 10.0.0.2.

10.0.0.252 is performing an IP scan against 10.0.0.2, 10.0.0.252 is performing a port scan against 10.0.0.2.

Answer

Questions # 26:

Which property ensures that a hash function will not produce the same hashed value for two different messages?

Options:

Collision resistance

Bit length

Key strength

Entropy

Answer

Questions # 27:

A hacker was able to sniff packets on a company's wireless network. The following information was discovered:

Question # 27

Using the Exlcusive OR, what was the original message?

Options:

00101000 11101110

11010111 00010001

00001101 10100100

11110010 01011011

Answer

Questions # 28:

Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?

Options:

ping 192.168.2.

ping 192.168.2.255

for %V in (1 1 255) do PING 192.168.2.%V

for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I "Reply"

Answer

Questions # 29:

Which of the following examples best represents a logical or technical control?

Options:

Security tokens

Heating and air conditioning

Smoke and fire alarms

Corporate security policy

Answer

Questions # 30:

How can rainbow tables be defeated?

Options:

Password salting

Use of non-dictionary words

All uppercase character passwords

Lockout accounts under brute force password cracking attempts

Answer

Viewing page 2 out of 15 pages

Viewing questions 16-30 out of questions

Modal title

Registered Required

In order to participate in the comments you need to be logged-in.
You can sign-up or login (it's free).

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25

ADM-201

Agentforce-Specialist

CMMC-CCP

Data-Cloud-Consultant

PCNSE

PDI

PSE-Strata-Pro-24

Secure-Software-Design

Sharing-and-Visibility-Architect

Workday-Pro-Integrations

ZDTA