1. Home
  2. GAQM
  3. CEH-001

GAQM CEH-001 Online Practice Questions and Exam Preparation

CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 30, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 691:

    NTP allows you to set the clocks on your systems very accurately, to within 100ms and sometimes-even 10ms. Knowing the exact time is extremely important for enterprise security. Various security protocols depend on an accurate source of time information in order to prevent "playback" attacks. These protocols tag their communications with the current time, to prevent attackers from replaying the same communications, e.g., a login/password interaction or even an entire communication, at a later date. One can circumvent this tagging, if the clock can be set back to the time the communication was recorded. An attacker attempts to try corrupting the clocks on devices on your network. You run Wireshark to detect the NTP traffic to see if there are any irregularities on the network. What port number you should enable in Wireshark display filter to view NTP packets?

    A. TCP Port 124
    B. UDP Port 125
    C. UDP Port 123
    D. TCP Port 126

  • Question 692:

    What type of attack changes its signature and/or payload to avoid detection by antivirus programs?

    A. Polymorphic
    B. Rootkit
    C. Boot sector
    D. File infecting

  • Question 693:

    You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

    A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
    B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
    C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
    D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

  • Question 694:

    How many bits encryption does SHA-1 use?

    A. 64 bits
    B. 128 bits
    C. 160 bits
    D. 256 bits

  • Question 695:

    On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more reliable manner?

    A. Use "Is"
    B. Use "lsof"
    C. Use "echo"
    D. Use "netstat"

  • Question 696:

    You are performing a port scan with nmap. You are in hurry and conducting the scans at the fastest possible speed. However, you don't want to sacrifice reliability for speed. If stealth is not an issue, what type of scan should you run to get very reliable results?

    A. Stealth scan
    B. Connect scan
    C. Fragmented packet scan
    D. XMAS scan

  • Question 697:

    In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR.

    These flags have decimal numbers assigned to them:

    FIN = 1

    SYN = 2

    RST = 4

    PSH = 8

    ACK = 16

    URG = 32

    ECE = 64

    CWR = 128

    Jason is the security administrator of ASPEN Communications. He analyzes some traffic using Wireshark and has enabled the following filters.

    What is Jason trying to accomplish here?

    A. SYN, FIN, URG and PSH
    B. SYN, SYN/ACK, ACK
    C. RST, PSH/URG, FIN
    D. ACK, ACK, SYN, URG

  • Question 698:

    Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which one would you suggest she looks in first?

    A. LACNIC
    B. ARIN
    C. APNIC
    D. RIPE
    E. AfriNIC

  • Question 699:

    Lauren is performing a network audit for her entire company. The entire network is comprised of around 500 computers. Lauren starts an ICMP ping sweep by sending one IP packet to the broadcast address of the network, but only receives responses from around five hosts. Why did this ping sweep only produce a few responses?

    A. Only Windows systems will reply to this scan.
    B. A switched network will not respond to packets sent to the broadcast address.
    C. Only Linux and Unix-like (Non-Windows) systems will reply to this scan.
    D. Only servers will reply to this scan.

  • Question 700:

    Which Type of scan sends a packets with no flags set? Select the Answer

    A. Open Scan
    B. Null Scan
    C. Xmas Scan
    D. Half-Open Scan

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.