Free GAQM CPEH-001 Exam Questions
Absolute Free CPEH-001 Exam Practice for Comprehensive Preparation
-
GAQM CPEH-001 Exam Questions
-
Provided By: GAQM
- Exam: Certified Professional Ethical Hacker (CPEH)
- Certification: Information Systems Security
-
Total Questions: 881
-
Updated On: Apr 02, 2026
-
Rated: 4.9 |
-
Online Users: 1762
-
Question 1
-
Consider the following code:URL:http://www.certified.com/search.pl?text=<script>alert([removed])</script>If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site. What is the countermeasure against XSS scripting?
Answer: B
-
-
Question 2
-
In the following example, which of these is the 'exploit'?Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites. Select the best answer.
Answer: A
-
-
Question 3
-
Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website. Where can Stephanie go to see past versions and pages of a website?
Answer: C
-
Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website. Where can Stephanie go to see past versions and pages of a website?
-
Question 4
-
Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?
Answer: D
-
Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?
-
Question 5
-
Question Type: SingleChoiceTCP SYN Flood attack uses the three-way handshake mechanism.1. An attacker at system A sends a SYN packet to victim at system B2. System B sends a SYN/ACK packet to victim A3. As a normal three-way handshake mechanism system A should send an ACK packet to system B, however, system A does not send an ACK packet to system B. In this case client B is waiting for an ACK packet from client AThis status of client B is called _________________
Answer: B
-