Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

GAQM CEH-001 Exam Questions
Certified Ethical Hacker (CEH) (Page 16 )

Updated On: 24-Feb-2026
Page 16 of 177
PDF with 878 Questions

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.
Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.
The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.


What is the risk of installing Fake AntiVirus?

  1. Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums
  2. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker
  3. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk
  4. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Answer(s): B



How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.

  1. Session Hijacking
  2. Session Stealing
  3. Session Splicing
  4. Session Fragmentation

Answer(s): C



Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason's behavior within a security context?

  1. Smooth Talking
  2. Swipe Gating
  3. Tailgating
  4. Trailing

Answer(s): C



While performing a ping sweep of a local subnet you receive an ICMP reply of Code 3/Type 13 for all the pings you have sent out. What is the most likely cause of this?

  1. The firewall is dropping the packets
  2. An in-line IDS is dropping the packets
  3. A router is blocking ICMP
  4. The host does not respond to ICMP packets

Answer(s): C



Consider the following code:

URL:http://www.certified.com/search.pl?

text=<script>alert(document.cookie)</script>

If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.
What is the countermeasure against XSS scripting?

  1. Create an IP access list and restrict connections based on port number
  2. Replace "<" and ">" characters with "& l t;" and "& g t;" using server scripts
  3. Disable Javascript in IE and Firefox browsers
  4. Connect to the server using HTTPS protocol instead of HTTP

Answer(s): B






Post your Comments and Discuss GAQM CEH-001 exam dumps with other Community members:

Join the CEH-001 Discussion