CPEH-001 Exam Questions

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet 10.1.4.0/23. Which of the following IP addresses could be leased as a result of the...

Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-base...

You are analyzing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs. - 192.168.8.0/24. What com...

Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The...

What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files loc...

Which of these options is the most secure procedure for storing backup tapes?

Which security strategy requires using several, varying methods to protect IT systems against attacks?

Which utility will tell you in real time which ports are listening or in another state?

Which of the following statements regarding ethical hacking is incorrect?

A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010

Why containers are less secure that virtual machine?

Which of the following is a component of a risk assessment?

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

You are monitoring the network of your organizations. You notice that: 1. There are huge outbound connections from your Internal Network to External IPs 2. On further investigation...

Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

Jim's company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. In...

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencryp...

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more sec...

What is the minimum number of network connections in a multihomed firewall?

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to dete...

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the...

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by a...

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatt...

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two cr...

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has...

Which of the following Linux commands will resolve a domain name into IP address?

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive em...

Which of the following steps for risk assessment methodology refers to vulnerability identification?

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet...

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the...

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

What is one of the advantages of using both symmetric and asymmetric cryptogrsphy in SSL/TLS?

In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. Y...

Why is a penetration test considered to be more thorough than vulnerability scan?

Which of the following tools is used to detect wireless LANs using the 802.11 a/b/g/n WLAN standards on a linux platform?

Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in networ...

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by comp...

What is the main security service a cryptographic hash provide?

When a security analyst prepares for the formal security assessment, what of the following should be done in order to determine inconsistencies in the secure assets database and ve...

These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?

How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender's identity?

The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules....

The Payment Card Industry Data Security Standard (PCI DSS) con ai s six different categories of control objectives. Each objective contains one or more requirements, which must be...