Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

CPEH-001 Exam Dumps - GAQM Information Systems Security Questions and Answers

Question # 44

Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user’s browser to send malicious requests they did not intend?

Options:

A.

Command Injection Attacks

B.

File Injection Attack

C.

Cross-Site Request Forgery (CSRF)

D.

Hidden Field Manipulation Attack

Buy Now
Question # 45

Which is the first step followed by Vulnerability Scanners for scanning a network?

Options:

A.

TCP/UDP Port scanning

B.

Firewall detection

C.

OS Detection

D.

Checking if the remote host is alive

Buy Now
Question # 46

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?

Options:

A.

OPPORTUNISTICTLS STARTTLS

B.

FORCETLS

C.

UPGRADETLS

Buy Now
Question # 47

What is the minimum number of network connections in a multi homed firewall?

Options:

A.

3

B.

5

C.

4

D.

2

Buy Now
Question # 48

What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

Options:

A.

Black-box

B.

Announced

C.

White-box

D.

Grey-box

Buy Now
Question # 49

In which of the following cryptography attack methods, the attacker makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions?

Options:

A.

Chosen-plaintext attack

B.

Ciphertext-only attack

C.

Adaptive chosen-plaintext attack

D.

Known-plaintext attack

Buy Now
Question # 50

Which of the following provides a security professional with most information about the system’s security posture?

Options:

A.

Wardriving, warchalking, social engineering

B.

Social engineering, company site browsing, tailgating

C.

Phishing, spamming, sending trojans

D.

Port scanning, banner grabbing, service identification

Buy Now
Question # 51

An attacker scans a host with the below command. Which three flags are set? (Choose three.)

#nmap –sX host.domain.com

Options:

A.

This is ACK scan. ACK flag is set

B.

This is Xmas scan. SYN and ACK flags are set

C.

This is Xmas scan. URG, PUSH and FIN are set

D.

This is SYN scan. SYN flag is set

Buy Now
Question # 52

Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?

Options:

A.

Function Testing

B.

Dynamic Testing

C.

Static Testing

D.

Fuzzing Testing

Buy Now
Question # 53

You are monitoring the network of your organizations. You notice that:

1. There are huge outbound connections from your Internal Network to External IPs.

2. On further investigation, you see that the External IPs are blacklisted.

3. Some connections are accepted, and some are dropped.

4. You find that it is a CnC communication.

Which of the following solution will you suggest?

Options:

A.

Block the Blacklist IP’s @ Firewall

B.

Update the Latest Signatures on your IDS/IPS

C.

Clean the Malware which are trying to Communicate with the External Blacklist IP’s

D.

Both B and C

Buy Now
Exam Code: CPEH-001
Exam Name: Certified Professional Ethical Hacker (CPEH)
Last Update: Feb 25, 2025
Questions: 736
CPEH-001 pdf

CPEH-001 PDF

$29.75  $84.99
CPEH-001 Engine

CPEH-001 Testing Engine

$33.25  $94.99
CPEH-001 PDF + Engine

CPEH-001 PDF + Testing Engine

$47.25  $134.99