CPEH-001 Exam Questions

The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the offic...

Which of the following is considered an acceptable option when managing a risk?

Which security control role does encryption meet?

Which type of access control is used on a router or firewall to limit network activity?

At a Windows Server command prompt, which command could be used to list the running services?

A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti- virus and E-mail gateway. This approach can be used to mitigate which kin...

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

Which of the following processes evaluates the adherence of an organization to its stated security policy?

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints...

Which type of scan is used on the eye to measure the layer of blood vessels?

What is the main reason the use of a stored biometric is vulnerable to an attack?

During a wireless penetration test, a tester detects an access point using WPA2 encryption. Which of the following attacks should be used to obtain the key?

Which type of antenna is used in wireless communication?

What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for e...

One way to defeat a multi-level security solution is to leak data via

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

What is the main difference between a "Normal" SQL Injection and a "Blind" SQL Injection vulnerability?

During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. H...

The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of security control?

A pentester gains access to a Windows application server and needs to determine the settings of the built- in Windows firewall. Which command would be used?

In the software security development life cycle process, threat modeling occurs in which phase?

A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming int...

Which of the following techniques does a vulnerability scanner use in order to detect a vulnerability on a target service?

Which of the following business challenges could be solved by using a vulnerability scanner?

A security policy will be more accepted by employees if it is consistent and has the support of

A company has hired a security administrator to maintain and administer Linux and Windows- based systems. Written in the nightly report file is the following: - Firewall log files...

Which type of scan measures a person's external features through a digital video camera?

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack?

A newly discovered flaw in a software application would be considered which kind of security vulnerability?

During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to expl...

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

What is the main advantage that a network-based IDS/IPS system has over a host-based solution?

The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronical...

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces...

From the two screenshots below, which of the following is occurring? First one: 1 [10.0.0.253]# nmap -sP 10.0.0.0/24 3 Starting Nmap 5 Host 10.0.0.1 appears to be up. 6 MAC Address...

Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

Which set of access control solutions implements two-factor authentication?

A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company's internal network. Which of the following can be i...

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage serv...

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command w...

A recently hired network security associate at a local bank was given the responsibility to perform daily scans of the internal network to look for unauthorized devices. The employ...

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended...