1. Home
  2. GAQM
  3. CEH-001

Certified Ethical Hacker (CEH)

Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 10, 2025

GAQM GAQM Certifications CEH-001 Questions & Answers

  • Question 141:

    Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain functions are executed on his local system under his privileges, which allow Kevin access to information used on the BBS. However, no executables are downloaded and run on the local system. What would you term this attack?

    A. Phishing

    B. Denial of Service

    C. Cross Site Scripting

    D. Backdoor installation

  • Question 142:

    Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?

    A. You cannot use a buffer overflow to deface a web page

    B. There is a problem with the shell and he needs to run the attack again

    C. The HTML file has permissions of read only

    D. The system is a honeypot

  • Question 143:

    What are the differences between SSL and S-HTTP?

    A. SSL operates at the network layer and S-HTTP operates at the application layer

    B. SSL operates at the application layer and S-HTTP operates at the network layer

    C. SSL operates at the transport layer and S-HTTP operates at the application layer

    D. SSL operates at the application layer and S-HTTP operates at the transport layer

  • Question 144:

    Take a look at the following attack on a Web Server using obstructed URL:

    http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74% 63%2f%70%61%73%73%77%64

    The request is made up of:

    %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../

    %65%74%63 = etc

    %2f = /

    %70%61%73%73%77%64 = passwd

    How would you protect information systems from these attacks?

    A. Configure Web Server to deny requests involving Unicode characters.

    B. Create rules in IDS to alert on strange Unicode requests.

    C. Use SSL authentication on Web Servers.

    D. Enable Active Scripts Detection at the firewall and routers.

  • Question 145:

    Bubba has just accessed he preferred ecommerce web site and has spotted an item that he would like to buy. Bubba considers the price a bit too steep. He looks at the source code of the webpage and decides to save the page locally, so that he can modify the page variables. In the context of web application security, what do you think Bubba has changes?

    A. A hidden form field value.

    B. A hidden price value.

    C. An integer variable.

    D. A page cannot be changed locally, as it is served by a web server.

  • Question 146:

    This kind of attack will let you assume a users identity at a dynamically generated web page or site:

    A. SQL Injection

    B. Cross Site Scripting

    C. Session Hijacking

    D. Zone Transfer

  • Question 147:

    ____________ will let you assume a users identity at a dynamically generated web page or site.

    A. SQL attack

    B. Injection attack

    C. Cross site scripting

    D. The shell attack

    E. Winzapper

  • Question 148:

    What is Form Scalpel used for?

    A. Dissecting HTML Forms

    B. Dissecting SQL Forms

    C. Analysis of Access Database Forms

    D. Troubleshooting Netscape Navigator

    E. Quatro Pro Analysis Tool

  • Question 149:

    This packet was taken from a packet sniffer that monitors a Web server.

    This packet was originally 1514 bytes long, but only the first 512 bytes are shown here. This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line-feeds (0D 0A 0D 0A) and then the data. By examining the packet identify the name and version of the Web server?

    A. Apache 1.2

    B. IIS 4.0

    C. IIS 5.0

    D. Linux WServer 2.3

  • Question 150:

    You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website?

    A. Through Google searching cached files

    B. Through Archive.org

    C. Download the website and crawl it

    D. Visit customers' and prtners' websites

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.