1. Home
  2. GAQM
  3. CEH-001

Certified Ethical Hacker (CEH)

Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 10, 2025

GAQM GAQM Certifications CEH-001 Questions & Answers

  • Question 491:

    Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

    A. Detective

    B. Passive

    C. Intuitive

    D. Reactive

  • Question 492:

    A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

    A. True negatives

    B. False negatives

    C. True positives

    D. False positives

  • Question 493:

    The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106: Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:21 Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP What type of activity has been logged?

    A. Port scan targeting 192.168.1.103

    B. Teardrop attack targeting 192.168.1.106

    C. Denial of service attack targeting 192.168.1.103

    D. Port scan targeting 192.168.1.106

  • Question 494:

    International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

    A. guidelines and practices for security controls.

    B. financial soundness and business viability metrics.

    C. standard best practice for configuration management.

    D. contract agreement writing standards.

  • Question 495:

    Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

    A. Firewall

    B. Honeypot

    C. Core server

    D. Layer 4 switch

  • Question 496:

    While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web sitE.

    Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?

    A. Buffer overflow

    B. Cross-site request forgery

    C. Distributed denial of service

    D. Cross-site scripting

  • Question 497:

    A hacker was able to sniff packets on a company's wireless network. The following information was discovereD.

    The Key 10110010 01001011

    The Cyphertext 01100101 01011010

    Using the Exlcusive OR, what was the original message?

    A. 00101000 11101110

    B. 11010111 00010001

    C. 00001101 10100100

    D. 11110010 01011011

  • Question 498:

    A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting language and it uses MSSQL as a database backend. The analyst locates the application's search form and introduces the following code in the search input fielD.

    IMG SRC=vbscript:msgbox("Vulnerable");> originalAttribute="SRC" originalPath="vbscript:msgbox("Vulnerable");>"

    When the analyst submits the form, the browser returns a pop-up window that says "Vulnerable". Which web applications vulnerability did the analyst discover?

    A. Cross-site request forgery

    B. Command injection

    C. Cross-site scripting

    D. SQL injection

  • Question 499:

    Which type of scan is used on the eye to measure the layer of blood vessels?

    A. Facial recognition scan

    B. Retinal scan

    C. Iris scan

    D. Signature kinetics scan

  • Question 500:

    To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

    A. Harvesting

    B. Windowing

    C. Hardening

    D. Stealthing

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.