CEH V12 Exam (Latest 2025/ 2026 Update)
Qs & As | Grade A| 100% Correct (Verified
Answers)
For messages sent through an insecure channel, a properly implemented digital
signature gives the receiver reason to believe the message was sent by the claimed
sender. While using a digital signature, the message digest is encrypted with which
key? - ANSWER Sender's private key
Which of the following is the entity in the NIST cloud deployment reference
architecture that manages cloud services in terms of use, performance, and delivery
and maintains the relationship between cloud providers and consumers? -
ANSWER Cloud broker
Which of the following hping command performs UDP scan on port 80? -
ANSWER hping3 -2 <IP Address> -p 80
Which of the following DNS records allows attackers to map the IP address to a
hostname?
A MX
B PTR
C CNAME
D NS - ANSWER PTR
Which of the following Encryption techniques is used in WEP? - ANSWER
RC4
,Which of the following commands is an example of a Snort rule using a
bidirectional operator? - ANSWER log !192.168.1.0/24 any <>
192.168.1.0/24 23
Which of the following types of attack is a cross-protocol weakness that can
communicate and initiate an attack on servers supporting recent SSLv3/TLS
protocol suites? - ANSWER DROWN attack
Which of the following is not a defensive measure for web server attacks? -
ANSWER Configure IIS to accept URLs with "../"
Which of the following tool determines the OS of the queried host by looking in
detail at the network characteristics of the HTTP response received from the
website? - ANSWER Netcraft
Which of the following DoS attack detection techniques analyzes network traffic in
terms of spectral components? It divides incoming signals into various frequencies
and examines different frequency components separately. - ANSWER
Wavelet-based signal analysis
Allen, a security professional in an organization, was suspicious about the
activities in the network and decided to scan all the logs. In this process, he used a
tool that automatically collects all the event logs from all the systems present in the
network and transfers the real-time event logs from the network systems to the
main dashboard.
, Which of the following tools did Allen employ in the above scenario? -
ANSWER Splunk
Which assessment focuses on transactional web applications, traditional client-
server applications, and hybrid systems? - ANSWER Application
assessment
Given below are the different phases involved in the web API hacking
methodology.
1. Detect security standards
2. Identify the target
3. Launch attacks
4. Identify the attack surface
What is the correct sequence of phases followed in the web API hacking
methodology? - ANSWER 2143
Which of the following techniques is used to gather information about the target
without direct interaction with the target? - ANSWER Passive
footprinting
Name an attack where the attacker connects to nearby devices and exploits the
vulnerabilities of the Bluetooth protocol to compromise the device?
A Rolling code attack
B Jamming attack
C DDoS attack
D BlueBorne attack - ANSWER BlueBorne attack
Qs & As | Grade A| 100% Correct (Verified
Answers)
For messages sent through an insecure channel, a properly implemented digital
signature gives the receiver reason to believe the message was sent by the claimed
sender. While using a digital signature, the message digest is encrypted with which
key? - ANSWER Sender's private key
Which of the following is the entity in the NIST cloud deployment reference
architecture that manages cloud services in terms of use, performance, and delivery
and maintains the relationship between cloud providers and consumers? -
ANSWER Cloud broker
Which of the following hping command performs UDP scan on port 80? -
ANSWER hping3 -2 <IP Address> -p 80
Which of the following DNS records allows attackers to map the IP address to a
hostname?
A MX
B PTR
C CNAME
D NS - ANSWER PTR
Which of the following Encryption techniques is used in WEP? - ANSWER
RC4
,Which of the following commands is an example of a Snort rule using a
bidirectional operator? - ANSWER log !192.168.1.0/24 any <>
192.168.1.0/24 23
Which of the following types of attack is a cross-protocol weakness that can
communicate and initiate an attack on servers supporting recent SSLv3/TLS
protocol suites? - ANSWER DROWN attack
Which of the following is not a defensive measure for web server attacks? -
ANSWER Configure IIS to accept URLs with "../"
Which of the following tool determines the OS of the queried host by looking in
detail at the network characteristics of the HTTP response received from the
website? - ANSWER Netcraft
Which of the following DoS attack detection techniques analyzes network traffic in
terms of spectral components? It divides incoming signals into various frequencies
and examines different frequency components separately. - ANSWER
Wavelet-based signal analysis
Allen, a security professional in an organization, was suspicious about the
activities in the network and decided to scan all the logs. In this process, he used a
tool that automatically collects all the event logs from all the systems present in the
network and transfers the real-time event logs from the network systems to the
main dashboard.
, Which of the following tools did Allen employ in the above scenario? -
ANSWER Splunk
Which assessment focuses on transactional web applications, traditional client-
server applications, and hybrid systems? - ANSWER Application
assessment
Given below are the different phases involved in the web API hacking
methodology.
1. Detect security standards
2. Identify the target
3. Launch attacks
4. Identify the attack surface
What is the correct sequence of phases followed in the web API hacking
methodology? - ANSWER 2143
Which of the following techniques is used to gather information about the target
without direct interaction with the target? - ANSWER Passive
footprinting
Name an attack where the attacker connects to nearby devices and exploits the
vulnerabilities of the Bluetooth protocol to compromise the device?
A Rolling code attack
B Jamming attack
C DDoS attack
D BlueBorne attack - ANSWER BlueBorne attack
