Halloween Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM CPEH-001 - Certified Professional Ethical Hacker (CPEH)

GAQM CPEH-001 Premium Access     Download Demo    
Page: 10 / 15
Total 736 questions

Which statement best describes a server type under an N-tier architecture?

A.

A group of servers at a specific layer

B.

A single server with a specific role

C.

A group of servers with a unique role

D.

A single server at a specific layer

Which of the following network attacks relies on sending an abnormally large packet size that exceeds TCP/IP specifications?

A.

Ping of death

B.

SYN flooding

C.

TCP hijacking

D.

Smurf attack

When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

A.

The key entered is a symmetric key used to encrypt the wireless data.

B.

The key entered is a hash that is used to prove the integrity of the wireless data.

C.

The key entered is based on the Diffie-Hellman method.

D.

The key is an RSA key used to encrypt the wireless data.

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

A.

Multiple keys for non-repudiation of bulk data

B.

Different keys on both ends of the transport medium

C.

Bulk encryption for data transmission over fiber

D.

The same key on each end of the transmission medium

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

A.

Birthday attack

B.

Plaintext attack

C.

Meet in the middle attack

D.

Chosen ciphertext attack

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

A.

MD5

B.

SHA-1

C.

RC4

D.

MD4

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

A.

Timing attack

B.

Replay attack

C.

Memory trade-off attack

D.

Chosen plain-text attack

Which of the following is optimized for confidential communications, such as bidirectional voice and video?

A.

RC4

B.

RC5

C.

MD4

D.

MD5

Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?

A.

RSA 1024 bit strength

B.

AES 1024 bit strength

C.

RSA 512 bit strength

D.

AES 512 bit strength

In the OSI model, where does PPTP encryption take place?

A.

Transport layer

B.

Application layer

C.

Data link layer

D.

Network layer

Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?

A.

CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide.

B.

CSIRT provides a computer security surveillance service to supply a government with important intelligence information on individuals travelling abroad.

C.

CSIRT provides a penetration testing service to support exception reporting on incidents worldwide by individuals and multi-national corporations.

D.

CSIRT provides a vulnerability assessment service to assist law enforcement agencies with profiling an individual's property or company's asset.

Which of the following guidelines or standards is associated with the credit card industry?

A.

Control Objectives for Information and Related Technology (COBIT)

B.

Sarbanes-Oxley Act (SOX)

C.

Health Insurance Portability and Accountability Act (HIPAA)

D.

Payment Card Industry Data Security Standards (PCI DSS)

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

A.

Public key

B.

Private key

C.

Modulus length

D.

Email server certificate

To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

A.

Harvesting

B.

Windowing

C.

Hardening

D.

Stealthing