As our world is leaning toward modernization and digitalization, the demand for CEH Certification is constantly increasing. But, to become a certified ethical hacker, an individual must pass the CEH exam.

So, if you are searching for the free questions and answers of the Certified Ethical Hacker examination, you have landed on the correct page. Here, we have discussed 25 sample questions that may help you to pass the exam seamlessly. So, let's jump into the question and answers now without further ado. Also check CEH Exam Cheat Sheet.

Q.1. Suppose an attacker tries to copy the password file of the target and then crack the target's password at a different location in the system. Then, what kind of password attack did the attacker perform?

1. A) Passive Online Attack
2. B) Active Online Attack
3. C) Offline Attack
4. D) Non-Electronic Attack

Answer: Offline Attack

Explanation: The Offline Attack is the correct answer here. The hacker will copy the password file of the target. After that, the attacker will try to crack the passwords in the system at a different location.

Q.2. An organization currently implements a specific security policy with zero restrictions on system resource usage. What kind of security policy did the organization implement?

1. A) Prudent Policy
2. B) Promiscuous Policy
3. C) Paranoid Policy
4. D) Permissive Policy

Answer: Promiscuous Policy

Explanation: The Promiscuous Policy is the correct answer here. This specific policy has zero restrictions, implying that users can transfer any application and access any website. Hence, network directors must be alert when they select this policy.

Q.3. It is a type of malicious software that activates upon specific predetermined actions of the users. If activated, it grants the attackers unlimited control or accesses all stored data in compromised information software and potentially causes massive damage. So, which term matches the definition more from the following?

1. A) Ransomware
2. B) Virus
3. C) Worm
4. D) Trojan

Answer: Trojan

Explanation: Trojan is mainly a specific program where harmful or malicious code resides inside the data or malicious program. It can cause severe damage or gain control of your system, making it vulnerable to significant attacks.

Q.4. A company allows its employees to work from outside networks to get access to the data for a certain reason. What technology should they implement to ensure data privacy while transmitting the data?

1. A) WPA2
2. B) VLAN
3. C) VPN
4. D) Telnet

Answer: VPN

Explanation: The Virtual Private Network or VPN generally extends a private network over a public network. It allows users to receive and send data or information across the public or shared network with strong security.

Q.5. The Server Administrator configures the access setting for its users to first authenticate before accessing the web pages. So, what information security requirements are met by implementing configuration?

1. A) Confidentiality
2. B) Integrity
3. C) Scalability
4. D) Availability

Answer: Confidentiality

Explanation: Confidentiality implies that only authorized individuals will be able to work on a certain network. Also, they can see the digital resources of the infrastructure.

Q.6. What Intrusion Detection System is among the best suited for analyzing system behavior for server or Desktop PCs?

1. A) Antivirus
2. B) HIDS
3. C) Firewall
4. D) NIDS

Answer: HIDS

Explanation: There are two types of IDS there- network-based and host-based. The Host-based Intrusion Detection System or HIDS can analyze the application and behavior of the system on servers or systems.

Q.7. If attackers use image files so that they can hide information for malicious purposes, then what kind of technique did they perform?

1. A) Cryptography
2. B) Backdoor
3. C) Spyware
4. D) Steganography

Answer: Steganography

Explanation: Steganography is mainly the art of hiding the data "behind' the other data without the knowledge of the target. It hides all the messages and replaces the unused data with regular files such as audio, text, sound, video, and graphics.

Q.8. What is the role of the demilitarized zone on networks?

1. A) Provide the users' security on the servers
2. B) Offer protection to the network devices
3. C) Detects malicious intrusion on the network
4. D) Secure the internal network and offer access directly to the DMZ nodes

Answer: Secure the internal network and offer access directly to the DMZ nodes

Explanation: DMZ is a very small network between the external or untrusted network and the internal or trusted network. It acts as a neutral zone to prevent external users from directly accessing the internal network.

Q.9. A system administrator uses virus detection to safeguard from viruses. He or she uses a specific tool to monitor the system operation request written to the desk. So, which virus detection method the system administrator is performing?

1. A) Code Emulation
2. B) Scanning
3. C) Integrity Checking
4. D) Interception

Answer: Interception

Explanation: Among the four options, Interception is the right answer here. It is so because only the interceptors' system operation request is written to the desk.

Q.10. Which kinds of firewalls inspect certain traffic like post or http:get from the following?

1. A) Application-level firewall
2. B) Stateful Multilayer Inspection
3. C) Packet filtering firewall
4. D) Circuit-level gateway firewall

Answer: Application-level firewall

Explanation: The Application-level Proxy or Firewall is the filter packet at the OSI model's application layer. It inspects particular traffic on the applications like post or http:get.

Q.11. Hyena is an Information Security tool that secures and manages Windows Operating Systems. It uses an Explorer-style interface of Windows to perform every operation. Also, it displays user login names and shares for domain controllers and Windows servers. So, why do cyber security experts use this tool?

1. A) SNMP Enumeration
2. B) NETBIOS Enumeration
3. C) SMTP Enumeration
4. D) LDAP Enumeration

Answer: NETBIOS Enumeration

Explanation: The NETBIOS Enumeration is the right answer among the following options. It is so because Hyena is a specific tool for only NETBIO Enumeration.

Q.12. Hashing is creating values from strings of the text with the help of a mathematical function. So, which is verified by the use of hash among the following?

1. A) Integrity
2. B) Authentication
3. C) Confidentiality
4. D) Availability

Answer: Integrity

Explanation: The primary role of the cryptographic hash function is to offer integrity in document management. So, integrity ensures that only an authorized individual can modify the information or data.

Q.13. Jonathan is surfing the internet, and after a few hours, a message notification pops up which clearly states that his system got infected with the malware. Additionally, it is also displaying an option to remove the virus. Once he clicks on the option, another message pops up stating that his system will be quarantined because of the infection nature. It offers a link and instructions to regain control and eliminate the virus. Which kind of infection hit Jonathan's system?

1. A) Ransomware
2. B) Adware
3. C) Spyware
4. D) Trojan

Answer: Ransomware

Explanation: As the name suggests, Ransomware is malware that can infect a system and limit access to folders and files, offering a ransom payment to regain control. Hence, the description mentioned above goes perfectly with Ransomware.

Q.14. If a tester tries to ping a target that exists but does not respond that says the destination is unreachable, then the network is using the TCP, and the ICMP is disabled. What other option can the expert use to receive the response from the host using the TCP?

1. A) Hping
2. B) Broadcast Ping
3. C) Traceroute
4. D) TCP Ping

Answer: Hping

Explanation: Hping is a Linux-based tool that is a significant part of the CEH module. Experts use it to test the leachability of a specific service on a host using the TCP.

Q.15. Among the following options, which structure was developed to authenticate and verify the identity of the individuals who will take part in the data exchange within the enterprise?

1. A) Single Sign On
2. B) SOA
3. C) PKI
4. D) Biometrics

Answer: PKI

Explanation: Public Key Structure is mainly a security architecture that helps to maximize the information's confidentiality exchanged over an insecure internet. So, it can help authenticate and verify an individual's identity within the enterprise.

Q.16. Suppose user A tries to write an email message outside the local network to user B. User A chooses to use the PKI to secure the messages and ensure it only goes to user B. So, at which level of the OSI do decryption and encryption of messages occur?

1. A) Session
2. B) Presentation
3. C) Transport
4. D) Application

Answer: Presentation

Explanation: Layer 6, or the Presentation layer of the OSI model, is responsible for decryption and encryption. So, the straightforward answer is the Presentation layer.

Q.17. The attackers exploit the vulnerabilities in the dynamically generated web pages to implement the client side into those web pages received by other users. Which of the following web application attacks are we talking about?

1. A) SQL Injection attack
2. B) LDAP Injection attack
3. C) CSRF or Cross-Site Request Forgery
4. D) XSS or Cross-Site Scripting

Answer: XSS or Cross-Site Scripting.

Explanation: XSS or Cross-Site Scripting attacks redirect the users to a specific website from where they can steal the data. It sends and receives the HTTP responses and requests to collect required information without user interaction. Hence, XSS is the right answer here.

Q.18. Which of the following services of the PKI will prove the identity of a company or an individual?

1. A) CBC
2. B) KDC
3. C) CA
4. D) CR

Answer: CA.

Explanation: The Certification Authorities or CA is among the trusted entities that generally validate the digital certificates that are issued under its name. Hence, the right answer is CA.

Q.19. An user is performing online banking, and suddenly the user receives an email with a website link. After clicking on the specific link, another browser shows a cat playing piano. The next day, the individual receives a mail from the bank that says an unknown user is accessing his or her account from a foreign country. Also, the email asks the individual to verify the authorization of the transferred fund that took place. So, what kind of internet-based security vulnerability was used to compromise the individual or user?

1. A) Web Form Input Validation
2. B) Clickjacking
3. C) Cross-Site Request Forgery
4. D) Cross-Site Scripting

Answer: Cross-Site Request Forgery

Explanation: The Cross-Site Request Forgery is widely popular as a one-click attack. It generally occurs when an attacker instructs a user's web browser to send requests to specific vulnerable websites via a malicious web page. So, the example matches perfectly with the definition of the CSRF attack.

Q.20. If you wish to scan only fewer ports rather than using the default scan with the Nmap tool, which of the following options will you select to perform this?

1. A) –F
2. B) –sP
3. C) –r
4. D) – P

Answer: -F

Explanation: The –F is the correct answer because it represents a quick scan that can scan only the 100 ports rather than the default scan.

Q.21. A user from the Pen test team is attempting to guess ISN'T for the TCP session. So, which attack will the user carry out?

1. A) Session Splicing
2. B) XSS
3. C) Multipartite attack
4. D) Session Hijacking

Answer: Session Hijacking

Explanation: The concept of session hijacking is pretty straightforward. The hacker waits for a session to start, and one can jump into the session after the annoying authentication. It is a little complex, but the key to the entire attack is mainly determining the ISN or Initial Sequence Number used for the session.

Q.22. An unauthorized user enters an office building by following one of its employees during the lunch rush. What kind of violation did the person commit?

1. A) Piggybacking
2. B) Reverse Social Engineering
3. C) Announced
4. D) Tailgating

Answer: Tailgating

Explanation: Tailgating refers to the process of accessing a secured area by following an authorized person without the individual's consent. So, the correct answer here is option D, Tailgating.

Q.23. Samantha is working with a travel agency. Therefore, she needs to travel a lot because of her work. But, she is worried that her system contains confidential information that attackers can steal. So, which of the following protection will be the best option for Samantha?

1. A) BIOS Password
2. B) Password Protected Files
3. C) Full Disk Encryption
4. D) Hidden Folders

Answer: Full Disk Protection

Explanation: Full Disk Protection offers solutions to protect the user's data from unwanted and unauthorized users that may access the device. So, here the right answer is Full Disk Protection.

Q.24. Among the following options, which act needs the standard national number of employers for their identification on the standard transaction?

1. A) DMCA
2. B) SOX
3. C) PCI- DSS
4. D) HIPAA

Answer: HIPAA

Explanation: HIPAA needs that employers have a standard national number that will identify them on the standard transaction. The IRS issued the Employer Identification Number or EIN, which was chosen as the identifier for an employee.

Q.25. DNS, or Domain Name System, has several kinds of records. Among the records, one kind of them is AAAA Record. So, what is the primary role of the AAAA Record?

1. A) Text Record
2. B) Mail Exchange Record
3. C) IPv6 Address Resolution Record
4. D) IPv4 Address Resolution Record

Answer: IPv6 Address Resolution Record

Explanation: Experts generally use AAAA to return. It is a 128-bit IPv6 address generally used to map hostnames to the host's IP address.

Conclusion:

We hope that the questions mentioned above will be helpful for you. Preparation is the key to getting a great score in the actual CEH exam. Going through these questions will assist you in better preparation so that you can ace the Ethical Hacking examination confidently. If you want to start your CEH journey, enroll for the CEH training at Vinsys.