1. Home
  2. GAQM
  3. CEH-001

GAQM CEH-001 Online Practice Questions and Exam Preparation

CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 30, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 551:

    You want to carry out session hijacking on a remote server. The server and the client are communicating via TCP after a successful TCP three way handshake. The server has just received packet #120 from the client. The client has a receive window of 200 and the server has a receive window of 250.

    Within what range of sequence numbers should a packet, sent by the client fall in order to be accepted by the server?

    A. 200-250
    B. 121-371
    C. 120-321
    D. 121-231
    E. 120-370

  • Question 552:

    Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

    A. Converts passwords to uppercase.
    B. Hashes are sent in clear text over the network.
    C. Makes use of only 32 bit encryption.
    D. Effective length is 7 characters.

  • Question 553:

    When Jason moves a file via NFS over the company's network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?

    A. macof
    B. webspy
    C. filesnarf
    D. nfscopy

  • Question 554:

    How can a policy help improve an employee's security awareness?

    A. By implementing written security procedures, enabling employee security training, and promoting the benefits of security
    B. By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees
    C. By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line
    D. By decreasing an employee's vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths

  • Question 555:

    An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that

    appears to come from an individual who might reasonably request confidential information, such as a network administrator.

    The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.

    Google's Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that

    focused on targeted individuals working for the company.

    What is this deadly attack called?

    A. Spear phishing attack
    B. Trojan server attack
    C. Javelin attack
    D. Social networking attack

  • Question 556:

    In the OSI model, where does PPTP encryption take place?

    A. Transport layer
    B. Application layer
    C. Data link layer
    D. Network layer

  • Question 557:

    There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? Select the best answers.

    A. Emulators of vulnerable programs
    B. More likely to be penetrated
    C. Easier to deploy and maintain
    D. Tend to be used for production
    E. More detectable
    F. Tend to be used for research

  • Question 558:

    What is the purpose of conducting security assessments on network resources?

    A. Documentation
    B. Validation
    C. Implementation
    D. Management

  • Question 559:

    In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR.

    These flags have decimal numbers assigned to them:

    FIN = 1

    SYN = 2

    RST = 4

    PSH = 8

    ACK = 16

    URG = 32

    ECE = 64

    CWR =128

    Example: To calculate SYN/ACK flag decimal value, add 2 (which is the decimal value of the SYN flag) to 16 (which is the decimal value of the ACK flag), so the result would be 18.

    Based on the above calculation, what is the decimal value for XMAS scan?

    A. 23
    B. 24
    C. 41
    D. 64

  • Question 560:

    Which DNS resource record can indicate how long any "DNS poisoning" could last?

    A. MX
    B. SOA
    C. NS
    D. TIMEOUT

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.