CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 10, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 61:

    Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide?

    A. Incident response services to any user, company, government agency, or organization in partnership with the Department of Homeland Security
    B. Maintenance of the nation's Internet infrastructure, builds out new Internet infrastructure, and decommissions old Internet infrastructure
    C. Registration of critical penetration testing for the Department of Homeland Security and public and private sectors
    D. Measurement of key vulnerability assessments on behalf of the Department of Defense (DOD) and State Department, as well as private sectors

  • Question 62:

    Data is sent over the network as clear text (unencrypted) when Basic Authentication is configured on Web Servers.

    A. true
    B. false

  • Question 63:

    Study the following exploit code taken from a Linux machine and answer the questions below:

    echo "ingreslock stream tcp nowait root /bin/sh sh " > /tmp/x;

    /usr/sbin/inetd /tmp/x;

    sleep 10;

    /bin/ rm /tmp/x AAAA...AAA

    In the above exploit code, the command "/bin/sh sh " is given.

    What is the purpose, and why is `sh' shown twice?

    A. The command /bin/sh sh appearing in the exploit code is actually part of an inetd configuration file.
    B. The length of such a buffer overflow exploit makes it prohibitive for user to enter manually. The second `sh' automates this function.
    C. It checks for the presence of a codeword (setting the environment variable) among the environment variables.
    D. It is a giveaway by the attacker that he is a script kiddy.

  • Question 64:

    ICMP ping and ping sweeps are used to check for active systems and to check

    A. if ICMP ping traverses a firewall.
    B. the route that the ICMP ping took.
    C. the location of the switchport in relation to the ICMP ping.
    D. the number of hops an ICMP ping takes to reach a destination.

  • Question 65:

    If an attacker's computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?

    A. The zombie computer will respond with an IPID of 24334.
    B. The zombie computer will respond with an IPID of 24333.
    C. The zombie computer will not send a response.
    D. The zombie computer will respond with an IPID of 24335.

  • Question 66:

    A file integrity program such as Tripwire protects against Trojan horse attacks by:

    A. Automatically deleting Trojan horse programs
    B. Rejecting packets generated by Trojan horse programs
    C. Using programming hooks to inform the kernel of Trojan horse behavior
    D. Helping you catch unexpected changes to a system utility file that might indicate it had been replaced by a Trojan horse

  • Question 67:

    There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)

    A. The IP address of the AP
    B. The MAC address of the AP
    C. The SSID of the wireless network
    D. A failed authentication packet

  • Question 68:

    Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a 32-bit address to a 48-bit address?

    A. ICPM
    B. ARP
    C. RARP
    D. ICMP

  • Question 69:

    You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner?

    A. Convert the Trojan.exe file extension to Trojan.txt disguising as text file
    B. Break the Trojan into multiple smaller files and zip the individual pieces
    C. Change the content of the Trojan using hex editor and modify the checksum
    D. Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1

  • Question 70:

    Which of the following is NOT a valid NetWare access level?

    A. Not Logged in
    B. Logged in
    C. Console Access
    D. Administrator

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.