Free GAQM CPEH-001 Exam Dumps and CPEH-001 Exam Questions

Question No: 1

MultipleChoice

In the context of Windows Security, what is a 'null' user?

Options

AA user that has no skills

BAn account that has been suspended by the admin

CA pseudo account that has no username and password

DA pseudo account that was created for security administration purpose

Question No: 2

MultipleChoice

Choose one of the following pseudo codes to describe this statement:

"If we have written 200 characters to the buffer variable, the stack should stop because it cannot hold any more data."

Options

AIf (I > 200) then exit (1)

BIf (I < 200) then exit (1)

CIf (I <= 200) then exit (1)

DIf (I >= 200) then exit (1)

Question No: 3

MultipleChoice

What will the following command produce on a website's login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email = 'someone@somewhere.com'; DROP TABLE members; --'

Options

AThis code will insert the someone@somewhere.com email address into the members table.

BThis command will delete the entire members table.

CIt retrieves the password for the first user in the members table.

DThis command will not produce anything since the syntax is incorrect.

Question No: 4

MultipleChoice

What is the outcome of the comm''nc -l -p 2222 | nc 10.1.0.43 1234"?

Options

ANetcat will listen on the 10.1.0.43 interface for 1234 secondson port 2222.

BNetcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43port 1234.

CNetcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.

DNetcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

Question No: 5

MultipleChoice

What is the main difference between a ''Normal'' SQL Injection and a ''Blind'' SQL Injection vulnerability?

Options

AThe request to the web server is not visible to the administrator of the vulnerable application.

BThe attack is called ''Blind'' because, although the application properly filters user input, it is still vulnerable to code injection.

CThe successful attack does not show an error message to the administrator of the affected application.

DThe vulnerable application does not display errors with information about the injection results to the attacker.

Question No: 6

MultipleChoice

What does the term ''Ethical Hacking'' mean?

Options

ASomeone who is hacking for ethical reasons.

BSomeone who is using his/her skills for ethical reasons.

CSomeone who is using his/her skills for defensive purposes.

DSomeone who is using his/her skills for offensive purposes.

Question No: 7

MultipleChoice

To what does ''message repudiation'' refer to what concept in the realm of email security?

Options

AMessage repudiation means a user can validate which mail server or servers a message was passed through.

BMessage repudiation means a user can claim damages for a mail message that damaged their reputation.

CMessage repudiation means a recipient can be sure that a message was sent from a particular person.

DMessage repudiation means a recipient can be sure that a message was sent from a certain host.

EMessage repudiation means a sender can claim they did not actually send a particular message.

Question No: 8

MultipleChoice

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator" %%a

What is Eve trying to do?

Options

AEve is trying to connect as an user with Administrator privileges

BEve is trying to enumerate all users with Administrative privileges

CEve is trying to carry out a password crack for user Administrator

DEve is trying to escalate privilege of the null user to that of Administrator

Question No: 9

MultipleChoice

What file system vulnerability does the following command take advantage of?

type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

Options

AHFS

BADS

CNTFS

DBackdoor access

Question No: 10

MultipleChoice

Exhibit:

ettercap --NCLzs --quiet

What does the command in the exhibit do in ''Ettercap''?

Options

AThis command will provide you the entire list of hosts in the LAN

BThis command will check if someone is poisoning you and will report its IP.

CThis command will detach from console and log all the collected passwords from the network to a file.

DThis command broadcasts ping to scan the LAN instead of ARP request of all the subnet IPs.