Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. CPEH-001

GAQM CPEH-001 Exam
Certified Professional Ethical Hacker (CPEH) Exam (Page 28 )

Updated On: 1-Feb-2026
Page 28 of 177
PDF with 878 Questions

Which statement best describes a server type under an N-tier architecture?

  1. A group of servers at a specific layer
  2. A single server with a specific role
  3. A group of servers with a unique role
  4. A single server at a specific layer

Answer(s): C



During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS).
Which of the following conditions must be met to exploit this vulnerability?

  1. The web application does not have the secure flag set.
  2. The session cookies do not have the HttpOnly flag set.
  3. The victim user should not have an endpoint security solution.
  4. The victim's browser must have ActiveX technology enabled.

Answer(s): B



Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

  1. UDP 123
  2. UDP 541
  3. UDP 514
  4. UDP 415

Answer(s): C



An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

  1. Start by foot printing the network and mapping out a plan of attack.
  2. Ask the employer for authorization to perform the work outside the company.
  3. Begin the reconnaissance phase with passive information gathering and then move into active information gathering.
  4. Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

Answer(s): B



Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

  1. A reduction in password fatigue for users because they do not need to know multiple passwords when accessing multiple applications
  2. A reduction in network and application monitoring since all recording will be completed at the SSO system
  3. A reduction in system administration overhead since any user login problems can be resolved at the SSO system
  4. A reduction in overall risk to the system since network and application attacks can only happen at the SSO point

Answer(s): A,C



Viewing page 28 of 177
Viewing questions 136 - 140 out of 878 questions



Post your Comments and Discuss GAQM CPEH-001 exam prep with other Community members:

Join the CPEH-001 Discussion