CPEH-001 Exam Questions

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof...

This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security contr...

While using your bank's online servicing you notice the following string in the URL bar: &Camount= 21" You observe that if you modify the Damount & Camount values and submit the re...

Perspective clients want to see sample reports from previous penetration tests. What should you do next?

During a blackbox pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimped...

You've gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password....

After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?

What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host? env x=`(){ :;};echo exploit` bash -c 'cat /etc/passwd'

Using Windows CMD, how would an attacker list all the shares to which the current user context has access?

A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010

Which of the following is the successor of SSL?

You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information beside...

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files a...

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about p...

What is a "Collision attack" in cryptography?

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send h...

When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two cr...

You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. Y...

Which of the following parameters describe LM Hash (see exhibit):

What is the process of logging, recording, and resolving events that take place in an organization?

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary co...

Which of the following describes the characteristics of a Boot Sector Virus?

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular e...

You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to...

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version install...

Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?

Which of the following is not a Bluetooth attack?

This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering, and it will tell you what the "landsc...

The purpose of a __________ is to deny network access to local area networks and other information assets by unauthorized wireless devices.

The NMAP command above performs which of the following? > NMAP -sn 192.168.11.200-215

You are using NMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the central processing unit (CPU), rather than passing only the frames...

Which of the following is an extremely common IDS evasion technique in the web world?

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

Which of the following is a design pattern based on distinct pieces of software providing application functionality as services to other applications?

Which of the following is assured by the use of a hash?

Which of the following is the greatest threat posed by backups?

The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk...

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser...

A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempti...

Which of the following is considered the best way to protect Personally Identifiable Information (PII) from Web application vulnerabilities?

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Netw...

To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one...

Which of these options is the most secure procedure for storing backup tapes?

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detec...

Which of the following tools can be used for passive OS fingerprinting?

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notificati...