Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CEH-001

GAQM CEH-001 Exam Questions
Certified Ethical Hacker (CEH) (Page 25 )

Updated On: 16-Apr-2026
Page 25 of 177
PDF with 878 Questions

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

  1. 16 million years
  2. 5 minutes
  3. 23 days
  4. 200 years

Answer(s): B



While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

<script>alert('Testing Testing Testing')</script>

Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?

  1. Cross Site Scripting
  2. Password attacks
  3. A Buffer Overflow
  4. A hybrid attack

Answer(s): A



What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

  1. Use fragmented IP packets
  2. Spoof your IP address when launching attacks and sniff responses from the server
  3. Overload the IDS with Junk traffic to mask your scan
  4. Use source routing (if possible)
  5. Connect to proxy servers or compromised Trojaned machines to launch attacks

Answer(s): A,B,D,E



Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment.
Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it.
What kind of Denial of Service attack was best illustrated in the scenario above?

  1. Simple DDoS attack
  2. DoS attacks which involves flooding a network or system
  3. DoS attacks which involves crashing a network or system
  4. DoS attacks which is done accidentally or deliberately

Answer(s): C



Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the Department of Defense's front end Exchange Server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password.
What tool would be best used to accomplish this?

  1. SMBCrack
  2. SmurfCrack
  3. PSCrack
  4. RainbowTables

Answer(s): D



Viewing page 25 of 177
Viewing questions 121 - 125 out of 878 questions



Post your Comments and Discuss GAQM CEH-001 exam dumps with other Community members:

CEH-001 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!