CPEH-001 Exam Questions

You work as a Security Analyst for a retail organization. In securing the company's network, you set up a firewall and an IDS. However, hackers are able to attack the network. Afte...

Which of the following types of firewalls ensures that the packets are part of the established session?

During a security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

Which of the following statements regarding ethical hacking is incorrect?

Craig received a report of all the computers on the network that showed all the missing patches and weak passwords. What type of software generated this report?

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The a...

The company ABC recently discovered that their new product was released by the opposition before their premiere. They contract an investigator who discovered that the maid threw aw...

An attacker tries to do banner grabbing on a remote web server and executes the following command. $ nmap -sV host.domain.com -p 80 He gets the following output. scan report for ho...

Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle...

You're doing an internal security audit and you want to find out what ports are open on all the servers. What is the best way to find out?

Which protocol is used for setting up secured channels between two devices, typically in VPNs?

The establishment of a TCP connection involves a negotiation called 3 way handshake. What type of message sends the client to the server in order to begin this negotiation?

Look at the following output. What did the hacker accomplish? ; <<>> DiG 9.7.-P1 <<>> axfr domam.com @192.168.1.105 ;; global options: +cmd domain.com. 3600 IN SOA srv1.domain.com....

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to...

If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?

Which Intrusion Detection System is best applicable for large environments where critical assets on the network need extra security and is ideal for observing sensitive network seg...

Your next door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse the network's SSID and password and you hear them both clear...

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal condi...

One of the Forbes 500 companies has been subjected to a large scale attack. You are one of the shortlisted pen testers that they may hire. During the interview with the CIO, he emp...

Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time?

It is a short-range wireless communication technology that allows mobile phones, computers and other devices to connect and communicate. This technology intends to replace cables c...

Matthew received an email with an attachment named "YouWon$10Grand.zip." The zip file contains a file named "HowToClaimYourPrize.docx.exe." Out of excitement and curiosity, Matthew...

Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?

What is the approximate cost of replacement and recovery operation per year of a hard drive that has a value of $300 given that the technician who charges $10/hr would need 10 hour...

Knowing the nature of backup tapes, which of the following is the MOST RECOMMENDED way of storing backup tapes?

Which of the following tools would MOST LIKELY be used to perform security audit on various of forms of network systems?

A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous...

You are about to be hired by a well known Bank to perform penetration tests. Which of the following documents describes the specifics of the testing, the associated violations, and...

The practical realities facing organizations today make risk response strategies essential. Which of the following is NOT one of the five basic responses to risk?

A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not...

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools...

The chance of a hard drive failure is known to be once every four years. The cost of a new hard drive is $500. EF (Exposure Factor) is about 0.5. Calculate for the Annualized Loss...

Backing up data is a security must. However, it also have certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?

What kind of risk will remain even if all theoretically possible safety measures would be applied?

While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host. However, you also noti...

It is a widely used standard for message logging. It permits separation of the software that generates messages, the system that stores them, and the software that reports and anal...

While doing a technical assessment to determine network vulnerabilities, you used the TCP XMAS scan. What would be the response of all open ports?

Which of the following tools is used by pen testers and analysts specifically to analyze links between data using link analysis and graphs?

If you are to determine the attack surface of an organization, which of the following is the BEST thing to do?

What is the best Nmap command to use when you want to list all devices in the same network quickly after you successfully identified a server whose IP address is 10.10.0.5?

You've just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the ca...

What tool should you use when you need to analyze extracted metadata from files you collected when you were in the initial stage of penetration test (information gathering)?

Which of the following is NOT an ideal choice for biometric controls?

While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activit...

Suppose you've gained access to your client's hybrid network. On which port should you listen to in order to know which Microsoft Windows workstations has its file sharing enabled?

Which of the following BEST describes the mechanism of a Boot Sector Virus?

What is the term coined for logging, recording and resolving events in a company?

XOR is a common cryptographic tool. 10110001 XOR 00111010 is?

A server has been infected by a certain type of Trojan. The hacker intended to utilize it to send and host junk mails. What type of Trojan did the hacker use?