CPEH-001 Exam Questions

A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

Which of the following describes the characteristics of a Boot Sector Virus?

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures...

Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?

While using your bank's online servicing you notice the following string in the URL bar: account?id=368940911028389&Damount=10980&Camount=21" You observe that if you modify the Dam...

It is an entity or event with the potential to adversely impact a system through unauthorized acces, destruction, disclosure, denial of service or modification of data. Which of th...

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated sof...

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-187288382...

Elliot is in the process of exploiting a web application that uses SQL as a back-end database. He is determined that the application is vulnerable to SQL injection and has introduc...

You have successfully logged on a Linux system. You want to now cover your track. Your login attempt may be logged on several files located in /var/log. Which file does NOT belong...

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange c...

The "gray box testing" methodology enforces what kind of restriction?

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occuring during non-business hours. After further examination of all lo...

The "black box testing" methodology enforces what kind of restriction?

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____ database structure instead of SQL's ______ structure. Because of this, LDAP has diffi...

What is the purpose of DNS AAAA record?

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the interna...

Which command can be used to show the current TCP/IP connections?

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files a...

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular e...

This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering and it will tell you the "landscape" l...

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about p...

You have successfully gained access to your client's internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Mic...

Which of the following is assured by the use of a hash?

Risks=Threats x Vulnerabilities is referred to as the:

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relev...

You have just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities...

The purpose of a _______is to deny network access to local area networks and other information assets by unauthorized wireless devices.

What does the -oX flag do in an Nmap scan?

During an Xmas scan, what indicates a port is closed?

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser...

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: -Verifies success or failure...

Which of the following parameters describe LM Hash: I - The maximum password length is 14 characters II - There are no distinctions between uppercase and lowercase III - The passwo...

Which of the following is not a Bluetooth attack?

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary co...

A pen-tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscous mode?

Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is ve...

During the security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any a...

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-...

Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device. In this process, he injects faults into the power supply that can be used f...

The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk...

An IT employee got a call from one our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration are...

You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

What is a "Collision attack" in cryptography?

Which of the following is the successor of SSL?

This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security contr...

Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending...