Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CPEH-001

GAQM CPEH-001 Exam
Certified Professional Ethical Hacker (CPEH) Exam (Page 13 )

Updated On: 1-Feb-2026
Page 13 of 177
PDF with 878 Questions

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

  1. Full Blown
  2. Thorough
  3. Hybrid
  4. BruteDics

Answer(s): C

Explanation:

A combination of Brute force and Dictionary attack is called a Hybrid attack or Hybrid dictionary attack.



What is the algorithm used by LM for Windows2000 SAM?

  1. MD4
  2. DES
  3. SHA
  4. SSL

Answer(s): B

Explanation:

Okay, this is a tricky question. We say B, DES, but it could be A "MD4" depending on what their asking
- Windows 2000/XP keeps users passwords not "apparently", but as hashes, i.e. actually as "check sum" of the passwords. Let's go into the passwords keeping at large. The most interesting structure of the complex SAM-file building is so called V-block. It's size is 32 bytes and it includes hashes of the password for the local entering: NT Hash of 16-byte length, and hash used during the authentication of access to the common resources of other computers LanMan Hash, or simply LM Hash, of the same 16-byte length. Algorithms of the formation of these hashes are following:
NT Hash formation:
1. User password is being generated to the Unicode-line.
2. Hash is being generated based on this line using MD4 algorithm.
3. Gained hash in being encoded by the DES algorithm, RID (i.e. user identifier) had been used as a key. It was necessary for gaining variant hashes for users who have equal passwords. You remember that all users have different RIDs (RID of the Administrator's built in account is 500, RID of the Guest's built in account is 501, all other users get RIDs equal 1000, 1001, 1002, etc.).
LM Hash formation:
1. User password is being shifted to capitals and added by nulls up to 14-byte length.
2. Gained line is divided on halves 7 bytes each, and each of them is being encoded separately using DES, output is 8-byte hash and total 16-byte hash.
3. Then LM Hash is being additionally encoded the same way as it had been done in the NT Hash formation algorithm step 3.



E-mail scams and mail fraud are regulated by which of the following?

  1. 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
  2. 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
  3. 18 U.S. par. 1362 Communication Lines, Stations, or Systems
  4. 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Answer(s): A

Explanation:

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html



Which of the following LM hashes represent a password of less than 8 characters? (Select 2)

  1. BA810DBA98995F1817306D272A9441BB
  2. 44EFCE164AB921CQAAD3B435B51404EE
  3. 0182BD0BD4444BF836077A718CCDF409
  4. CEC52EB9C8E3455DC2265B23734E0DAC
  5. B757BF5C0D87772FAAD3B435B51404EE
  6. E52CAC67419A9A224A3B108F3FA6CB6D

Answer(s): B,E

Explanation:

Notice the last 8 characters are the same



Which of the following is the primary objective of a rootkit?

  1. It opens a port to provide an unauthorized service
  2. It creates a buffer overflow
  3. It replaces legitimate programs
  4. It provides an undocumented opening in a program

Answer(s): C

Explanation:

Actually the objective of the rootkit is more to hide the fact that a system has been compromised and the normal way to do this is by exchanging, for example, ls to a version that doesn't show the files and process implanted by the attacker.



Viewing page 13 of 177
Viewing questions 61 - 65 out of 878 questions



Post your Comments and Discuss GAQM CPEH-001 exam prep with other Community members:

Join the CPEH-001 Discussion