CPEH-001 Exam Questions

Which of the following is a strong post designed to stop a car?

A Network Administrator was recently promoted to Chief Security Officer at a local university. One of employee's new responsibilities is to manage the implementation of an RFID car...

A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, r...

An NMAP scan of a server shows port 69 is open. What risk could this pose?

What information should an IT system analysis provide to the risk assessor?

Which of the following is a preventive control?

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet...

An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this...

Which of the following is a protocol specifically designed for transporting event messages?

Which of the following security operations is used for determining the attack surface of an organization?

The security concept of "separation of duties" is most similar to the operation of which type of security device?

The "black box testing" methodology enforces which kind of restriction?

The "gray box testing" methodology enforces what kind of restriction?

Which of the following lists are valid data-gathering activities associated with a risk assessment?

A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior...

Which of the following is a detective control?

Which of the following is a component of a risk assessment?

Risks = Threats x Vulnerabilities is referred to as the:

Which of the following is designed to identify malicious attempts to penetrate systems?

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handsha...

A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set: Untrust (Inter...

A circuit level gateway works at which of the following layers of the OSI Model?

Which of the following is a symmetric cryptographic standard?

Which property ensures that a hash function will not produce the same hashed value for two different messages?

How can telnet be used to fingerprint a web server?

Low humidity in a data center can cause which of the following problems?

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed lik...

While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting...

A covert channel is a channel that

Least privilege is a security concept that requires that a user is

If the final set of security controls does not eliminate all risk in a system, what could be done next?

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

Which of the following examples best represents a logical or technical control?

It is an entity or event with the potential to adversely impact a system through unauthorized access, destruction, disclosure, denial of service or modification of data. Which of t...

Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. Th...

You have successfully gained access to your client's internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Mic...

It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobil...

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection Syste...

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up window, webpage, or...

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

While checking the settings on the internet browser, a technician finds that the proxy server settings have been checked and a computer is trying to use itself as a proxy server. W...

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the test...

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

ICMP ping and ping sweeps are used to check for active systems and to check

Which command line switch would be used in NMAP to perform operating system detection?