Halloween Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM CPEH-001 - Certified Professional Ethical Hacker (CPEH)

GAQM CPEH-001 Premium Access     Download Demo    
Page: 15 / 15
Total 736 questions

Which of the following is not a Bluetooth attack?

A.

Bluedriving

B.

Bluejacking

C.

Bluesmacking

D.

Bluesnarfing

Which of the following is the greatest threat posed by backups?

A.

A backup is the source of Malware or illicit information.

B.

A backup is unavailable during disaster recovery.

C.

A backup is incomplete because no verification was performed.

D.

An un-encrypted backup can be misplaced or stolen.

Perspective clients want to see sample reports from previous penetration tests.

What should you do next?

A.

Decline but, provide references.

B.

Share full reports, not redacted.

C.

Share full reports with redactions.

D.

Share reports, after NDA is signed.

Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

A.

Maltego

B.

Cain & Abel

C.

Metasploit

D.

Wireshark

You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk.

What is one of the first things you should do when given the job?

A.

Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

B.

Interview all employees in the company to rule out possible insider threats.

C.

Establish attribution to suspected attackers.

D.

Start the wireshark application to start sniffing network traffic.

Which of the following parameters describe LM Hash (see exhibit):

Exhibit:

A.

I, II, and III

B.

I

C.

II

D.

I and II

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.

What is the best nmap command you will use?

A.

nmap -T4 -F 10.10.0.0/24

B.

nmap -T4 -r 10.10.1.0/24

C.

nmap -T4 -O 10.10.0.0/24

D.

nmap -T4 -q 10.10.0.0/24

When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, PUT, DELETE, TRACE) using NMAP script engine.

What nmap script will help you with this task?

A.

http-methods

B.

http enum

C.

http-headers

D.

http-git

> NMAP -sn 192.168.11.200-215

The NMAP command above performs which of the following?

A.

A ping scan

B.

A trace sweep

C.

An operating system detect

D.

A port scan

Which regulation defines security and privacy controls for Federal information systems and organizations?

A.

NIST-800-53

B.

PCI-DSS

C.

EU Safe Harbor

D.

HIPAA