GAQM CPEH-001 Actual Free Exam Questions & Community Discussion

  • Exam Code/Number: CPEH-001
  • Exam Name/Title: GAQM Certified Professional Ethical Hacker (CPEH) Exam
  • Certification Provider: GAQM
  • Corresponding Certification: GAQM Information Systems Security
  • Exam Questions: 876
  • Updated On: Jul 11, 2026
Which type of hacker represents the highest risk to your network?
Correct Answer: B Vote an answer
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____ defense against buffer overflow attacks.
Correct Answer: B Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?
Correct Answer: B Vote an answer
The SYN flood attack sends TCP connections requests faster than a machine can process them.
* Attacker creates a random source address for each packet
* SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
* Victim responds to spoofed IP address, then waits for confirmation that never arrives (timeout wait is about 3 minutes)
* Victim's connection table fills up waiting for replies and ignores new connections
* Legitimate users are ignored and will not be able to access the server
How do you protect your network against SYN Flood attacks?
Correct Answer: A,B,C,D Vote an answer
You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where?
Select the best answer.
Correct Answer: B Vote an answer
In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?
Correct Answer: D Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Blane is a security analyst for a law firm. One of the lawyers needs to send out an email to a client but he wants to know if the email is forwarded on to any other recipients. The client is explicitly asked not to re-send the email since that would be a violation of the lawyer's and client's agreement for this particular case. What can Blane use to accomplish this?
Correct Answer: B Vote an answer
Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?
Correct Answer: D Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?
Correct Answer: C Vote an answer
0
0
0
10