1. Home
  2. GAQM
  3. CEH-001

GAQM CEH-001 Online Practice Questions and Exam Preparation

CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 30, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 661:

    Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

    A. NMAP -PN -A -O -sS 192.168.2.0/24
    B. NMAP -P0 -A -O -p1-65535 192.168.0/24
    C. NMAP -P0 -A -sT -p0-65535 192.168.0/16
    D. NMAP -PN -O -sS -p 1-1024 192.168.0/8

  • Question 662:

    Jason's Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the trojan communicates to a remote server on the Internet. Shown below is the standard "hexdump" representation of the network packet, before being decoded. Jason wants to identify the trojan by looking at the destination port number and mapping to a trojan-port number database on the Internet. Identify the remote server's port number by decoding the packet?

    A. Port 1890 (Net-Devil Trojan)
    B. Port 1786 (Net-Devil Trojan)
    C. Port 1909 (Net-Devil Trojan)
    D. Port 6667 (Net-Devil Trojan)

  • Question 663:

    A covert channel is a channel that

    A. transfers information over, within a computer system, or network that is outside of the security policy.
    B. transfers information over, within a computer system, or network that is within the security policy.
    C. transfers information via a communication path within a computer system, or network for transfer of data.
    D. transfers information over, within a computer system, or network that is encrypted.

  • Question 664:

    Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

    A. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications
    B. A reduction in network and application monitoring since all recording will be completed at the SSO system
    C. A reduction in system administration overhead since any user login problems can be resolved at the SSO system
    D. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

  • Question 665:

    Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

    A. Cavity virus
    B. Polymorphic virus
    C. Tunneling virus
    D. Stealth virus

  • Question 666:

    Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to- date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

    A. They are using UDP that is always authorized at the firewall
    B. They are using an older version of Internet Explorer that allow them to bypass the proxy server
    C. They have been able to compromise the firewall, modify the rules, and give themselves proper access
    D. They are using tunneling software that allows them to communicate with protocols in a way it was not intended

  • Question 667:

    What is the algorithm used by LM for Windows2000 SAM?

    A. MD4
    B. DES
    C. SHA
    D. SSL

  • Question 668:

    A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:89

    A. The host is likely a Windows machine.
    B. The host is likely a Linux machine.
    C. The host is likely a router.
    D. The host is likely a printer.

  • Question 669:

    Which of the following tools are used for enumeration? (Choose three.)

    A. SolarWinds
    B. USER2SID
    C. Cheops
    D. SID2USER
    E. DumpSec

  • Question 670:

    Which type of attack is port scanning?

    A. Web server attack
    B. Information gathering
    C. Unauthorized access
    D. Denial of service attack

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.