CEH V12 STUDY GUIDE 2025/2026 QUESTIONS WITH
ANSWERS GRADED A+
✔✔Your organization conducts a vulnerability assessment for mitigating threats. Your
task is to scan the organization by building an inventory of the protocols found on the
organization's machines to detect which ports are attached to services such as a web
server, an email server or a database server. After this, you will need to select the
vulnerabilities on each machine and start executing only the relevant tests.
Which of the following type of vulnerability assessment solutions will you perform? -
✔✔Inference based assessment
✔✔Which of the following Metasploit Framework tool can be used to bypass antivirus? -
✔✔Msfencode
✔✔Identify the Bluetooth hacking technique, which refers to the theft of information from
a wireless device through Bluetooth? - ✔✔Bluesnarfing
✔✔Which of the following is an IOS jailbreaking technique that patches the kernel
during the device boot to keep jailbroken after each reboot? - ✔✔Untethered
jailbreaking
✔✔Storing cryptographic keys carries a particular risk. In cryptography, there is a
mechanism in which a third party stores copies of private keys. By using it, you are can
ensure that in the case of a catastrophe, be it a security breach, lost or forgotten keys,
natural disaster, or otherwise, your critical keys are safe.
What is the name of this mechanism? - ✔✔Key escrow
✔✔Identify the encryption algorithm by the description:
Symmetric-key block cipher having a classical 12- or 16-round Feistel network with a
block size of 64 bits for encryption, which includes large 8 × 32-bit S-boxes based on
bent functions, modular addition and subtraction, key-dependent rotation, and XOR
operations. This cipher also uses a "masking" key and a "rotation" key for performing its
functions. - ✔✔CAST-128
✔✔Which of the following is a Kubernetes component that can assign nodes based on
the overall resource requirement, data locality, software/hardware/policy restrictions,
and internal workload interventions? - ✔✔Kube-scheduler
✔✔Which of the following algorithms is a symmetric key block cipher with a block size
of 128 bits representing a 32-round SP-network operating on a block of four 32-bit
words? - ✔✔Serpent
✔✔Ivan, the black hat hacker, plugged in a rogue switch to an unused port in the LAN
with a priority lower than any other switch in the network so that he could make it a root
, bridge that will later allow him to sniff all the traffic in the target's network. What attack
did Ivan perform? - ✔✔STP attack
✔✔Jack, a cybersecurity specialist, plans to do some security research for the
embedded hardware he uses. He wants to perform side-channel power analysis and
glitching attacks during this research. Which of the following will Jack use? -
✔✔ChipWhisperer
✔✔Adam is a shopaholic, and he constantly surfs on the Internet in search of
discounted products. The hacker decided to take advantage of this weakness of Adam
and sent a fake email containing a deceptive page link to his social media page with
information about a sale. Adam anticipating the benefit didn't notice the malicious link,
clicked on them and logged in to that page using his valid credentials. Which of the
following tools did the hacker probably use? - ✔✔Evilgnix
✔✔Which of the following is a Mirai-based botnet created by threat group Keksec,
which specializes in crypto mining and DDoS attacks? - ✔✔Enemybot
✔✔Your boss has instructed you to introduce a hybrid encryption software program into
a web application to secure email messages. You are planning to use free software that
uses both symmetric-key cryptography and asymmetric-key cryptography for improved
speed and secure key exchange.
Which of the following meets these requirements? - ✔✔GPG
✔✔The attacker needs to collect information about his victim - Maria. She is an
extrovert who often posts a large amount of private information, photos, and location
tags of recently visited places on social networks. Which automated tool should an
attacker use to gather information to perform other sophisticated attacks? - ✔✔Hoot
Suite
✔✔You need to protect the company's network from imminent threats. To complete this
task, you will enter information about threats into the security devices in a digital format
to block and identify inbound and outbound malicious traffic entering the company's
network. Which of the following types of threat intelligence will you use? - ✔✔Technical
Threat Intelligence
✔✔Which antenna is commonly used in communications for a frequency band of 10
MHz to VHF and UHF? - ✔✔Yagi antenna
✔✔This attack exploits a vulnerability that provides additional routing information in the
SOAP header to support asynchronous communication. Also, it further allows the
transmission of web-service requests and response messages using different TCP
connections.
ANSWERS GRADED A+
✔✔Your organization conducts a vulnerability assessment for mitigating threats. Your
task is to scan the organization by building an inventory of the protocols found on the
organization's machines to detect which ports are attached to services such as a web
server, an email server or a database server. After this, you will need to select the
vulnerabilities on each machine and start executing only the relevant tests.
Which of the following type of vulnerability assessment solutions will you perform? -
✔✔Inference based assessment
✔✔Which of the following Metasploit Framework tool can be used to bypass antivirus? -
✔✔Msfencode
✔✔Identify the Bluetooth hacking technique, which refers to the theft of information from
a wireless device through Bluetooth? - ✔✔Bluesnarfing
✔✔Which of the following is an IOS jailbreaking technique that patches the kernel
during the device boot to keep jailbroken after each reboot? - ✔✔Untethered
jailbreaking
✔✔Storing cryptographic keys carries a particular risk. In cryptography, there is a
mechanism in which a third party stores copies of private keys. By using it, you are can
ensure that in the case of a catastrophe, be it a security breach, lost or forgotten keys,
natural disaster, or otherwise, your critical keys are safe.
What is the name of this mechanism? - ✔✔Key escrow
✔✔Identify the encryption algorithm by the description:
Symmetric-key block cipher having a classical 12- or 16-round Feistel network with a
block size of 64 bits for encryption, which includes large 8 × 32-bit S-boxes based on
bent functions, modular addition and subtraction, key-dependent rotation, and XOR
operations. This cipher also uses a "masking" key and a "rotation" key for performing its
functions. - ✔✔CAST-128
✔✔Which of the following is a Kubernetes component that can assign nodes based on
the overall resource requirement, data locality, software/hardware/policy restrictions,
and internal workload interventions? - ✔✔Kube-scheduler
✔✔Which of the following algorithms is a symmetric key block cipher with a block size
of 128 bits representing a 32-round SP-network operating on a block of four 32-bit
words? - ✔✔Serpent
✔✔Ivan, the black hat hacker, plugged in a rogue switch to an unused port in the LAN
with a priority lower than any other switch in the network so that he could make it a root
, bridge that will later allow him to sniff all the traffic in the target's network. What attack
did Ivan perform? - ✔✔STP attack
✔✔Jack, a cybersecurity specialist, plans to do some security research for the
embedded hardware he uses. He wants to perform side-channel power analysis and
glitching attacks during this research. Which of the following will Jack use? -
✔✔ChipWhisperer
✔✔Adam is a shopaholic, and he constantly surfs on the Internet in search of
discounted products. The hacker decided to take advantage of this weakness of Adam
and sent a fake email containing a deceptive page link to his social media page with
information about a sale. Adam anticipating the benefit didn't notice the malicious link,
clicked on them and logged in to that page using his valid credentials. Which of the
following tools did the hacker probably use? - ✔✔Evilgnix
✔✔Which of the following is a Mirai-based botnet created by threat group Keksec,
which specializes in crypto mining and DDoS attacks? - ✔✔Enemybot
✔✔Your boss has instructed you to introduce a hybrid encryption software program into
a web application to secure email messages. You are planning to use free software that
uses both symmetric-key cryptography and asymmetric-key cryptography for improved
speed and secure key exchange.
Which of the following meets these requirements? - ✔✔GPG
✔✔The attacker needs to collect information about his victim - Maria. She is an
extrovert who often posts a large amount of private information, photos, and location
tags of recently visited places on social networks. Which automated tool should an
attacker use to gather information to perform other sophisticated attacks? - ✔✔Hoot
Suite
✔✔You need to protect the company's network from imminent threats. To complete this
task, you will enter information about threats into the security devices in a digital format
to block and identify inbound and outbound malicious traffic entering the company's
network. Which of the following types of threat intelligence will you use? - ✔✔Technical
Threat Intelligence
✔✔Which antenna is commonly used in communications for a frequency band of 10
MHz to VHF and UHF? - ✔✔Yagi antenna
✔✔This attack exploits a vulnerability that provides additional routing information in the
SOAP header to support asynchronous communication. Also, it further allows the
transmission of web-service requests and response messages using different TCP
connections.
