1. Home
  2. GAQM
  3. CEH-001

Certified Ethical Hacker (CEH)

Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 10, 2025

GAQM GAQM Certifications CEH-001 Questions & Answers

  • Question 411:

    Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

    A. Teardrop

    B. SYN flood

    C. Smurf attack

    D. Ping of death

  • Question 412:

    Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

    A. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications

    B. A reduction in network and application monitoring since all recording will be completed at the SSO system

    C. A reduction in system administration overhead since any user login problems can be resolved at the SSO system

    D. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

  • Question 413:

    A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company's internal network. Which of the following can be implemented to minimize the opportunity for the man-in-themiddle attack to occur?

    A. SSL

    B. Mutual authentication

    C. IPSec

    D. Static IP addresses

  • Question 414:

    What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?

    A. A stealth scan, opening port 123 and 153

    B. A stealth scan, checking open ports 123 to 153

    C. A stealth scan, checking all open ports excluding ports 123 to 153

    D. A stealth scan, determine operating system, and scanning ports 123 to 153

  • Question 415:

    Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP port 21 ?no response TCP port 22 ?no response TCP port 23 ?Time-to-live exceeded

    A. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.

    B. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.

    C. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.

    D. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.

  • Question 416:

    When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

    A. The key entered is a symmetric key used to encrypt the wireless data.

    B. The key entered is a hash that is used to prove the integrity of the wireless data.

    C. The key entered is based on the Diffie-Hellman method.

    D. The key is an RSA key used to encrypt the wireless data.

  • Question 417:

    Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

    A. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.

    B. The root CA stores the user's hash value for safekeeping.

    C. The CA is the trusted root that issues certificates.

    D. The root CA is used to encrypt email messages to prevent unintended disclosure of data.

  • Question 418:

    Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

    A. Restore a random file.

    B. Perform a full restore.

    C. Read the first 512 bytes of the tape.

    D. Read the last 512 bytes of the tape.

  • Question 419:

    An NMAP scan of a server shows port 69 is open. What risk could this pose?

    A. Unauthenticated access

    B. Weak SSL version

    C. Cleartext login

    D. Web portal data leak

  • Question 420:

    A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions.

    On further research, the tester come across a perl script that runs the following msadc functions:system("perl msadc.pl -h $host -C \"echo open $your >testfile\""); Which exploit is indicated by this script?

    A. A buffer overflow exploit

    B. A chained exploit

    C. A SQL injection exploit

    D. A denial of service exploit

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.