CPEH-001 Exam Questions

First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do...

Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?

Which of the following BEST describes how Address Resolution Protocol (ARP) works?

Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

What tool and process are you going to use in order to remain undetected by an IDS while pivoting and passing traffic over a server you've compromised and gained root access to?

You've just gained root access to a Centos 6 server after days of trying. What tool should you use to maintain access?

What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators...

The following are types of Bluetooth attack EXCEPT_____?

Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

A possibly malicious sequence of packets that were sent to a web server has been captured by an Intrusion Detection System (IDS) and was saved to a PCAP file. As a network administ...

Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?

This configuration allows NIC to pass all traffic it receives to the Central Processing Unit (CPU), instead of passing only the frames that the controller is intended to receive. S...

Which of the following is designed to verify and authenticate individuals taking part in a data exchange within an enterprise?

A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software p...

What would you type on the Windows command line in order to launch the Computer Management Console provided that you are logged in as an admin?

Which of the following is a wireless network detector that is commonly found on Linux?

Which specific element of security testing is being assured by using hash?

Which of the following is a restriction being enforced in "white box testing?"

Which of the following is a vulnerability in GNU's bash shell (discovered in September of 2014) that gives attackers access to run remote commands on a vulnerable system?

When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?

Jack was attempting to fingerprint all machines in the network using the following Nmap syntax: invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24 TCP/IP fingerprinting (for OS sca...

While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser open...

A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploit...

Supposed you are the Chief Network Engineer of a certain Telco. Your company is planning for a big business expansion and it requires that your network authenticate users connectin...

Which type of cryptography does SSL, IKE and PGP belongs to?

A recent security audit revealed that there were indeed several occasions that the company's network was breached. After investigating, you discover that your IDS is not configured...

Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?

Which of the following is an application that requires a host application for replication?

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

Which of the following describes the characteristics of a Boot Sector Virus?

Which statement is TRUE regarding network firewalls preventing Web Application attacks?

Bluetooth uses which digital modulation technique to exchange information between paired devices?

In order to show improvement of security over time, what must be developed?

Passive reconnaissance involves collecting information through which of the following?

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106: What is most likely taking place?

Which statement best describes a server type under an N-tier architecture?

If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this sec...

Which of the following network attacks relies on sending an abnormally large packet size that exceeds TCP/ IP specifications?

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network's IDS?

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

Which cipher encrypts the plain text digit (bit or byte) one by one?

Which of the following types of firewall inspects only header information in network traffic?

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this res...

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP p...

Which of the following is an example of an asymmetric encryption implementation?

A hacker was able to sniff packets on a company's wireless network. The following information was discovered: The Key 10110010 01001011 The Cyphertext 01100101 01011010 Using the E...

Which of the following cryptography attack methods is usually performed without the use of a computer?