Free GAQM CPEH-001 Exam Questions

Become GAQM Certified with updated CPEH-001 exam questions and correct answers

Page: 1 / 177

Total 881 Questions | Updated On: Jul 30, 2025

Add To Cart

Question 1

Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?

A : l IVs are vulnerable to attack

B : r Snort uses a cache of packets

C : r Snort implements the FMS attack and only encrypted packets are counted

D : majority of weak IVs transmitted by access points and wireless cards are not filtered by contemporary wireless manufacturers

Answer: C

Question 2

A circuit level gateway works at which of the following layers of the OSI Model?

A : yer 5 - Application

B : yer 4 -- TCP

C : yer 3 -- Internet protocol

D : yer 2 -- Data link

Answer: B

Question 3

In the following example, which of these is the 'exploit'?

Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites. Select the best answer.

A : crosoft Corporation is the exploit.

B : security 'hole' in the product is the exploit.

C : ndows 2003 Server

D : exploit is the hacker that would use this vulnerability.

E : documented method of how to use the vulnerability to gain unprivileged access.

Answer: A

Question 4

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

A : gus ECHO reply packets are flooded on the network spoofing the IP and MAC address

B : ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

C : HO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

D : DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Answer: B,D

Question 5

Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold's boss this new password policy should not apply to them. To comply with the management's wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters. Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC's on the original domain and the new domain using Pwdump6. Harold uses the password cracking software John the Ripper to crack users' passwords to make sure they are strong enough. Harold expects that the users' passwords in the original domain will take much longer to crack than the management's passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords. Why did the 14 character passwords not take much longer to crack than the 8 character passwords?

A : rold should have used Dumpsec instead of Pwdump6

B : rold's dictionary file was not large enough

C : rold should use LC4 instead of John the Ripper

D : nManger hashes are broken up into two 7 character fields

Answer: D

Page: 1 / 177

Total 881 Questions | Updated On: Jul 30, 2025

Add To Cart