1. Home
  2. GAQM
  3. CEH-001

GAQM CEH-001 Online Practice Questions and Exam Preparation

CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 30, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 601:

    Bob has been hired to do a web application security test. Bob notices that the site is dynamic and must make use of a back end database. Bob wants to see if SQL Injection would be possible. What is the first character that Bob should use to attempt breaking valid SQL request?

    A. Semi Column
    B. Double Quote
    C. Single Quote
    D. Exclamation Mark

  • Question 602:

    What do you call a pre-computed hash?

    A. Sun tables
    B. Apple tables
    C. Rainbow tables
    D. Moon tables

  • Question 603:

    Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

    A. Vendors MAC address assignment is published on the Internet.
    B. The MAC address is not a real random number.
    C. The MAC address is broadcasted and can be captured by a sniffer.
    D. The MAC address is used properly only on Macintosh computers.

  • Question 604:

    A botnet can be managed through which of the following?

    A. IRC
    B. E-Mail
    C. Linkedin and Facebook
    D. A vulnerable FTP server

  • Question 605:

    Which Windows system tool checks integrity of critical files that has been digitally signed by Microsoft?

    A. signverif.exe
    B. sigverif.exe
    C. msverif.exe
    D. verifier.exe

  • Question 606:

    Trojan horse attacks pose one of the most serious threats to computer security. The image below shows different ways a Trojan can get into a system. Which are the easiest and most convincing ways to infect a computer?

    A. IRC (Internet Relay Chat)
    B. Legitimate "shrink-wrapped" software packaged by a disgruntled employee
    C. NetBIOS (File Sharing)
    D. Downloading files, games and screensavers from Internet sites

  • Question 607:

    The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log given below and answer the following question:

    (Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which should tell them the OS from log captures):

    can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source ?destination entries from log entries.)

    What can you infer from the above log?

    A. The system is a windows system which is being scanned unsuccessfully.
    B. The system is a web application server compromised through SQL injection.
    C. The system has been compromised and backdoored by the attacker.
    D. The actual IP of the successful attacker is 24.9.255.53.

  • Question 608:

    What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

    A. Blue Book
    B. ISO 26029
    C. Common Criteria
    D. The Wassenaar Agreement

  • Question 609:

    You are doing IP spoofing while you scan your target. You find that the target has port 23 open. Anyway you are unable to connect. Why?

    A. A firewall is blocking port 23
    B. You cannot spoof + TCP
    C. You need an automated telnet tool
    D. The OS does not reply to telnet even if port 23 is open

  • Question 610:

    This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor- intensive task for IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network. What is this technique called?

    A. IP Routing or Packet Dropping
    B. IDS Spoofing or Session Assembly
    C. IP Fragmentation or Session Splicing
    D. IP Splicing or Packet Reassembly

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.