CPEH-001 Exam Questions

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into t...

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

An NMAP scan of a server shows port 25 is open. What risk could this pose?

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user s...

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

Which of the following techniques will identify if computer files have been changed?

What are two things that are possible when scanning UDP ports? (Choose two)

What does a type 3 code 13 represent?(Choose two.

Destination unreachable administratively prohibited messages can inform the hacker to what?

Which of the following Nmap commands would be used to perform a stack fingerprinting?

(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump...

Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?

Name two software tools used for OS guessing? (Choose two.

Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data...

While reviewing the result of scanning run against a target network you come across the following: Which among the following can be used to get this output?

You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two...

While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack. When you...

Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidt...

A distributed port scan operates by:

An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets...

Which of the following commands runs snort in packet logger mode?

You have initiated an active operating system fingerprinting attempt with nmap against a target system: What operating system is the target host running based on the open ports sho...

Study the log below and identify the scan type.

Which of the following command line switch would you use for OS detection in Nmap?

Why would an attacker want to perform a scan on port 137?

Which Type of scan sends a packets with no flags set? Select the Answer

Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135...

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of informat...

Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites. Bob is willing to share his knowledge with those who are willing to learn, and many...

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: From the above list identify the user account w...

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

What is the following command used for? net use \targetipc$ "" /u:""

One of your team members has asked you to analyze the following SOA record. What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

MX record priority increases as the number increases. (True/False.)

Which of the following tools can be used to perform a zone transfer?

Under what conditions does a secondary name server request a zone transfer from a primary name server?

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all th...

Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web the Web site. One night, Joseph received an urgent phone call from his friend, Smith. Acco...

Which of the following tools are used for enumeration? (Choose three.)

What did the following commands determine?

Which definition among those given below best describes a covert channel?

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the serv...

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able...

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice...

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

Study the following log extract and identify the attack.

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your n...

The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the...