CEH V12 Exam V1 (Latest 2025/ 2026 Update)
Certified Ethical Hacker | Questions and Answers |
Grade A| 100 out of 100 (Verified Answers)
..//////////
Question:
Attacker uses various IDS evasion techniques to bypass intrusion detection mechanisms. At the
same time, IDS is configured to detect possible violations of the security policy, including
unauthorized access and misuse. Which of the following evasion method depend on the Time-to-
Live (TTL) fields of a TCP/IP ?
Answer:
Insertion Attack
Question:
Which of the following is an encryption technique where data is encrypted by a sequence of
photons that have a spinning trait while traveling from one end to another?
Answer:
Quantum cryptography
Question:
Determine the attack by the description:
Answer:
Determine the attack by the description: The known-plaintext attack used against DES. This
attack causes that encrypting plaintext with one DES key followed by encrypting it with a second
DES key is no more secure than using a single key.
-
,Meet in the middle Attack
Question:
The evil hacker Antonio is trying to attack the IoT device. He will use several fake identities to
create a strong illusion of traffic congestion, affecting communication between neighboring
nodes and networks. What kind of attack does Antonio perform?
Answer:
Sybil Attack
Question:
Determine the attack according to the following scenario:
Answer:
Benjamin performs a cloud attack during the translation of the SOAP message in the TLS layer.
He duplicates the body of the message and sends it to the server as a legitimate user. As a result
of these actions, Benjamin managed to access the server resources to unauthorized access.
Wrapping
Question:
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate network.
For this, he connects his router to the network and redirects traffic to intercept packets. What can
the administrator do to mitigate the attack?
Answer:
Add message authentication to the routing table
, Question:
Which of the following option is a security feature on switches leverages the DHCP snooping
database to help prevent man-in-the-middle attacks?
Answer:
DAI
Question:
All the industrial control systems of your organization are connected to the Internet. Your
management wants to empower the manufacturing process, ensure the reliability of industrial
networks, and reduce downtime and service disruption. You have been assigned to find and
install an OT security tool that further protects against security incidents such as cyber
espionage, zero-day attacks, and malware.
Which of the following tools will you use to accomplish this task?
Answer:
Flowmon
Question:
Ivan, the evil hacker, decided to attack the cloud services of the target organization.
First of all, he decided to infiltrate the target's MSP provider by sending phishing emails that
distributed specially created malware. This program compromised users' credentials, and Ivan
managed to gain remote access to the cloud service. Further, he accessed the target customer
profiles with his MSP account, compressed the customer data, and stored them in the MSP. After
this, he used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Ivan perform?
Answer:
Cloude hopper
Certified Ethical Hacker | Questions and Answers |
Grade A| 100 out of 100 (Verified Answers)
..//////////
Question:
Attacker uses various IDS evasion techniques to bypass intrusion detection mechanisms. At the
same time, IDS is configured to detect possible violations of the security policy, including
unauthorized access and misuse. Which of the following evasion method depend on the Time-to-
Live (TTL) fields of a TCP/IP ?
Answer:
Insertion Attack
Question:
Which of the following is an encryption technique where data is encrypted by a sequence of
photons that have a spinning trait while traveling from one end to another?
Answer:
Quantum cryptography
Question:
Determine the attack by the description:
Answer:
Determine the attack by the description: The known-plaintext attack used against DES. This
attack causes that encrypting plaintext with one DES key followed by encrypting it with a second
DES key is no more secure than using a single key.
-
,Meet in the middle Attack
Question:
The evil hacker Antonio is trying to attack the IoT device. He will use several fake identities to
create a strong illusion of traffic congestion, affecting communication between neighboring
nodes and networks. What kind of attack does Antonio perform?
Answer:
Sybil Attack
Question:
Determine the attack according to the following scenario:
Answer:
Benjamin performs a cloud attack during the translation of the SOAP message in the TLS layer.
He duplicates the body of the message and sends it to the server as a legitimate user. As a result
of these actions, Benjamin managed to access the server resources to unauthorized access.
Wrapping
Question:
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate network.
For this, he connects his router to the network and redirects traffic to intercept packets. What can
the administrator do to mitigate the attack?
Answer:
Add message authentication to the routing table
, Question:
Which of the following option is a security feature on switches leverages the DHCP snooping
database to help prevent man-in-the-middle attacks?
Answer:
DAI
Question:
All the industrial control systems of your organization are connected to the Internet. Your
management wants to empower the manufacturing process, ensure the reliability of industrial
networks, and reduce downtime and service disruption. You have been assigned to find and
install an OT security tool that further protects against security incidents such as cyber
espionage, zero-day attacks, and malware.
Which of the following tools will you use to accomplish this task?
Answer:
Flowmon
Question:
Ivan, the evil hacker, decided to attack the cloud services of the target organization.
First of all, he decided to infiltrate the target's MSP provider by sending phishing emails that
distributed specially created malware. This program compromised users' credentials, and Ivan
managed to gain remote access to the cloud service. Further, he accessed the target customer
profiles with his MSP account, compressed the customer data, and stored them in the MSP. After
this, he used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Ivan perform?
Answer:
Cloude hopper
