Palo Alto Networks

GAQM CPEH-001 Exam
Certified Professional Ethical Hacker (CPEH) Exam (Page 3 )

Updated On: 1-Feb-2026

Viewing Page 3 of 177 pages.

Download PDF version with 878 Questions

QUESTION: 583

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0.
What can you infer from this information?

The packets were sent by a worm spoofing the IP addresses of 47 infected sites
ICMP ID and Seq numbers were most likely set by a tool and not by the operating system
All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number
13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Answer(s): B

Show Answer Next Question

QUESTION: 584

Which of the following commands runs snort in packet logger mode?

./snort -dev -h ./log
./snort -dev -l ./log
./snort -dev -o ./log
./snort -dev -p ./log

Answer(s): B

Explanation:

Note: If you want to store the packages in binary mode for later analysis use ./snort -l ./log -b

Show Answer Next Question

QUESTION: 585

Which of the following command line switch would you use for OS detection in Nmap?

-D
-O
-P
-X

Answer(s): B

Explanation:

OS DETECTION:
-O: Enable OS detection (try 2nd generation w/fallback to 1st) -O2: Only use the new OS detection system (no fallback) -O1: Only use the old (1st generation) OS detection system --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively

Show Answer Next Question

QUESTION: 586

You have initiated an active operating system fingerprinting attempt with nmap against a target system:

What operating system is the target host running based on the open ports shown above?

Windows XP
Windows 98 SE
Windows NT4 Server
Windows 2000 Server

Answer(s): D

Explanation:

The system is reachable as an active directory domain controller (port 389, LDAP)

Show Answer Next Question

QUESTION: 587

Study the log below and identify the scan type.

nmap -sR 192.168.1.10
nmap -sS 192.168.1.10
nmap -sV 192.168.1.10
nmap -sO -T 192.168.1.10

Answer(s): D

Show Answer Next Question

1
2
3
4
5
…

Viewing page 3 of 177
Viewing questions 11 - 15 out of 878 questions

Post your Comments and Discuss GAQM CPEH-001 exam prep with other Community members:

Comments:

Name:

Join the CPEH-001 Discussion

khushi Commented on November 18, 2025
Q6 should be left outer for both
Anonymous

Anonymous Commented on November 18, 2025
Really useful, I’d recommend it!
Anonymous

khushi rao Commented on November 18, 2025
will this type of questions be in exam
Anonymous

K Commented on November 18, 2025
Its Very Helpful
Anonymous

NV Commented on November 18, 2025
Q.10 and 27 both ae same
INDIA

Skibidi CCNA Enjoyer Commented on November 17, 2025
272 doesn't look right. An autonomous AP is a lone wolf, meaning it's too sigma for a WLC.
UNITED STATES

Jack Commented on November 17, 2025
Just passed this exam. Valid Exam prep questions here.
UNITED STATES

Ngwuonu Commented on November 17, 2025
Very useful in my preparation for the upcoming exam....the answers are clearly explained.
Anonymous

Abhi Commented on November 17, 2025
Cool site and very accurate exam questions. I managed to pass this exam with the help of this practice questions.
Anonymous

Franz Commented on November 17, 2025
Good experience
Anonymous

Anonymous Commented on November 16, 2025
Question 31 SIT answer is incorrect. It should be DLP1 and Sensitivity1. Answer explainations says this as well.
UNITED STATES

Anon Commented on November 16, 2025
Very useful study material
Anonymous

Anon Commented on November 16, 2025
A good way to prepare for the exam
Anonymous

Anon Commented on November 15, 2025
Great resource
Anonymous

Ikram Commented on November 15, 2025
Question 60 Box 1 It should be no as user administrator(user 1)cannot reset password for global administrator (user 2)
Anonymous

aFEF Commented on November 15, 2025
thank you for covering alli fortigate items
Anonymous

aFEF Commented on November 15, 2025
it really helps thank YOU
Anonymous

Nasratullah Commented on November 15, 2025
Question Number 8 answer is wrong , netcat is the correct answer
Anonymous

Peter Commented on November 14, 2025
Perfect for the preparation
Anonymous

Keketso Commented on November 14, 2025
somehow challenging
Anonymous

Keketso Commented on November 14, 2025
this is nice
Anonymous

Dug Commented on November 12, 2025
A beautiful set of questions. Very well formatted and organized. I confirm the validity of these questions as of Nov 2025.
European Union

Ibraimomachemba Commented on November 12, 2025
Exame da 10 classe 2025
Anonymous

aaba Commented on November 11, 2025
i need real time exam questions
UNITED STATES

Anjan Commented on November 11, 2025
Questions is very good for Practice the Exam
INDIA

Anonymous Commented on November 11, 2025
Q 219 No option is correct
Anonymous

Nick Commented on November 11, 2025
Just cleared this exam with these questions. Questions are real but some answers are not accurate. Good enough to pass!
UNITED STATES

Anonymous Commented on November 11, 2025
Q no 180 option A is also correct
Anonymous

India Commented on November 11, 2025
answer for Q 111 is B
Anonymous

India Commented on November 11, 2025
Good Content
Anonymous

pratheep Commented on November 10, 2025
harpe skilly screen saver
EUROPEAN UNION

Rameshwar Suryawanshi Commented on November 10, 2025
Need more question for paractice
Anonymous

ola Commented on November 09, 2025
Question 55 of CCME, answer is B. Importing HF via CPUSE has no impact. However disabling secureXL could result in high CPU, traffic issue and outage.
CANADA

jody Stewart Commented on November 09, 2025
Question 285. The answer is wrong. You claim that 255.255.255.192 is the best for 30 hosts, but 255.255.255.224 provides right at 30 hosts with 1 network address and 1 broadcast address
UNITED STATES

Paul Commented on November 09, 2025
Amazing resource. Saved me so much time and made it so much easier to remember the material
UNITED STATES

Paul Commented on November 09, 2025
Fantastic resource
UNITED STATES

Britney Sunshine Fuller Commented on November 09, 2025
These questions are very useful
UNITED STATES

Britney Sunshine Fuller Commented on November 09, 2025
These are very similar question from the test
UNITED STATES

Brighton D. Commented on November 09, 2025
To be honest, this website Free-Braindumps.com is an excellent source to use as a study guide and it helped me tremendously to PASS my CompTIA Server Plus certification. The practice questions are very relevant to the actual test. As long as you combine the CompTIA study materials, labs tests and practice questions from Free-Braindumps.com you will most likey pass this certification. I highly recommend!
UNITED STATES

Britney Sunshine Fuller Commented on November 09, 2025
Great questions
UNITED STATES

Dev Commented on November 09, 2025
Very much helpful in the exam preparation.
INDIA

Pavan Commented on November 08, 2025
39 question answer ia still confusing, they didn't add asc order in the order by class
Anonymous

Pavan Commented on November 08, 2025
nice content
Anonymous

Antonio DS Commented on November 08, 2025
Thenks to all account and users also thanks to free-Exam preps for this shared document. It is very useful. Thanks Antonio
Anonymous

Abir Ghatak Commented on November 08, 2025
I have successfully cleared SC-900 exam today. I was able to access only 50% of the Q&A. I would say I have got 70%-75% common from this site. I have gone through Microsoft learning portal one time. Thank you.
INDIA

simar Commented on November 08, 2025
practice test
UNITED STATES

Omphemetse Appies Commented on November 06, 2025
Accounting November exam grade 10
Anonymous

Ria Commented on November 06, 2025
Thansk for the content .
Anonymous

Janardhana reddy Commented on November 06, 2025
Plan to write CAD exam in Dec 10th
UNITED STATES

redgar Commented on November 06, 2025
it was said the practice questions is free
Anonymous