Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

GAQM CEH-001 Exam Questions
Certified Ethical Hacker (CEH) (Page 13 )

Updated On: 16-Apr-2026
Page 13 of 177
PDF with 878 Questions

What does FIN in TCP flag define?

  1. Used to abort a TCP connection abruptly
  2. Used to close a TCP connection
  3. Used to acknowledge receipt of a previous packet or transmission
  4. Used to indicate the beginning of a TCP connection

Answer(s): B



Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

  1. It works because encryption is performed at the application layer (single encryption key)
  2. The scenario is invalid as a secure cookie cannot be replayed
  3. It works because encryption is performed at the network layer (layer 1 encryption)
  4. Any cookie can be replayed irrespective of the session status

Answer(s): A



This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

  1. Unique SQL Injection
  2. Blind SQL Injection
  3. Generic SQL Injection
  4. Double SQL Injection

Answer(s): B



A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.
Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments.
Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.
How do you ensure if the e-mail is authentic and sent from fedex.com?

  1. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all
  2. Check the Sender ID against the National Spam Database (NSD)
  3. Fake mail will have spelling/grammatical errors
  4. Fake mail uses extensive images, animation and flash content

Answer(s): A



What file system vulnerability does the following command take advantage of?
type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

  1. HFS
  2. Backdoor access
  3. XFS
  4. ADS

Answer(s): D



Viewing page 13 of 177
Viewing questions 61 - 65 out of 878 questions



Post your Comments and Discuss GAQM CEH-001 exam dumps with other Community members:

CEH-001 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!