GAQM CPEH-001 Certified Professional Ethical Hacker (CPEH) Exam Practice Test

Page: 1 / 14
Total 877 questions
Question 1

What type of port scan is represented here.



Answer : A


Question 2

In the context of Trojans, what is the definition of a Wrapper?



Answer : B

Wrapper does not change header or footer of any packets but it mix between legitimate file and Trojan file.


Question 3

Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?



Answer : D


Question 4

Vulnerability mapping occurs after which phase of a penetration test?



Answer : C

The order should be Passive information gathering, Network level discovery, Host scanning and Analysis of host scanning.


Question 5

This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do.



Answer : B


Question 6

What is the outcome of the comm''nc -l -p 2222 | nc 10.1.0.43 1234"?



Answer : B


Question 7

RC4 is known to be a good stream generator. RC4 is used within the WEP standard on wireless LAN. WEP is known to be insecure even if we are using a stream cipher that is known to be secured. What is the most likely cause behind this?



Answer : D

Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets.

Many WEP systems require a key in hexadecimal format. Some users choose keys that spell words in the limited 0-9, A-F hex character set, for example C0DE C0DE C0DE C0DE. Such keys are often easily guessed.


Page:    1 / 14   
Total 877 questions