GAQM CPEH-001 Actual Free Exam Questions & Community Discussion

  • Exam Code/Number: CPEH-001
  • Exam Name/Title: GAQM Certified Professional Ethical Hacker (CPEH) Exam
  • Certification Provider: GAQM
  • Corresponding Certification: GAQM Information Systems Security
  • Exam Questions: 876
  • Updated On: Jul 11, 2026
_________ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.
Correct Answer: C Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
Correct Answer: D Vote an answer
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?
Correct Answer: B Vote an answer
Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?
Correct Answer: B Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
According to the CEH methodology, what is the next step to be performed after footprinting?
Correct Answer: D Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Advanced encryption standard is an algorithm used for which of the following?
Correct Answer: B Vote an answer
An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?
Correct Answer: B Vote an answer
Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?
Correct Answer: C Vote an answer
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?
Correct Answer: B Vote an answer
0
0
0
10