1. Home
  2. GAQM
  3. CEH-001

GAQM CEH-001 Online Practice Questions and Exam Preparation

CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :May 30, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 801:

    Doug is conducting a port scan of a target network. He knows that his client target network has a web server and that there is a mail server also which is up and running. Doug has been sweeping the network but has not been able to elicit any response from the remote target. Which of the following could be the most likely cause behind this lack of response? Select 4.

    A. UDP is filtered by a gateway
    B. The packet TTL value is too low and cannot reach the target
    C. The host might be down
    D. The destination network might be down
    E. The TCP windows size does not match
    F. ICMP is filtered by a gateway

  • Question 802:

    When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?

    A. Vulnerability scanning
    B. Social engineering
    C. Application security testing
    D. Network sniffing

  • Question 803:

    Which of the following items of a computer system will an anti-virus program scan for viruses?

    A. Boot Sector
    B. Deleted Files
    C. Windows Process List
    D. Password Protected Files

  • Question 804:

    Bob has been hired to perform a penetration test on XYZ.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.

    Within the context of penetration testing methodology, what phase is Bob involved with?

    A. Passive information gathering
    B. Active information gathering
    C. Attack phase
    D. Vulnerability Mapping

  • Question 805:

    When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?

    A. Attacker generates TCP SYN packets with random destination addresses towards a victim host
    B. Attacker floods TCP SYN packets with random source addresses towards a victim host
    C. Attacker generates TCP ACK packets with random source addresses towards a victim host
    D. Attacker generates TCP RST packets with random source addresses towards a victim host

  • Question 806:

    In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

    A. Token Injection Replay attacks
    B. Shoulder surfing attack
    C. Rainbow and Hash generation attack
    D. Dumpster diving attack

  • Question 807:

    You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

    A. Reconfigure the firewall
    B. Enforce the corporate security policy
    C. Install a network-based IDS
    D. Conduct a needs analysis

  • Question 808:

    Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

    A. Penetration testing
    B. Social engineering
    C. Vulnerability scanning
    D. Access control list reviews

  • Question 809:

    What port number is used by LDAP protocol?

    A. 110
    B. 389
    C. 464
    D. 445

  • Question 810:

    What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected?

    A. nc -port 56 -s cmd.exe
    B. nc -p 56 -p -e shell.exe
    C. nc -r 56 -c cmd.exe
    D. nc -L 56 -t -e cmd.exe

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.