2025 Comprehensive CEH™ Certified
Ethical Hacker Practice Exam Collection
Designed to Strengthen Skills, Test
Knowledge, and Prepare Students for Real
Cybersecurity Certification Success.
1. Which of the following is not true regarding SSIDs?
A. The SSID is broadcast by APs in the network,
unless otherwiseconfigured.
B. If the SSID changes, all clients must update to
the new SSID tocommunicate.
C. Turning off the SSID broadcast ensures only authorized
clients, whoknow the SSID, can connect.
D. The SSID serves to identify wireless networks.
E. SSIDs are case sensitive.
2. Which of the following correctly describe the war chalk
shown here?
(Choose all that apply.)
A. The nearby access point is secured via WPA2.
, B. The nearby access point uses MAC filtering.
C. The non-broadcasted SSID is Guest_AnyBiz.
D. The network access only provides guest-level resource
access.
3. Which wireless technology provides NIST FIPS 140-2
compliantencryption?
A. WPA
B. WPA2
C. WAP
D. WEP
4. Which of the following uses a 48-bit Initialization
Vector? (Choose allthat apply.)
A. WEP
B. WPA
C. WPA2
D. WEP2
5. Which of the following are true statements? (Choose
all that apply.)A. WEP uses shared key encryption
with TKIP.
B. WEP uses shared key encryption with RC4.
C. WPA2 uses shared key encryption with RC4.
D. WPA2 uses TKIP and AES encryption.
6. Which of the following best describes the “evil twin”
wireless hackingattack?
A. An attacker sets up a client machine using the same
MAC as anauthorized user.
B. An attacker connects using the same username and
password as anauthorized user.
C. An attacker sets up an access point inside the
network range forclients to connect to.
D. An attacker sets up an authentication server on
the wireless network.
,7. During an outbrief of a pen test, you share successes
your team has hadagainst the target’s wireless network.
The client asks for an explanation of the results,
stating directional antennas for the access points
were strategically placed to provide coverage for the
building instead of omnidirectional antennas. Which
of the following statements provides the correct response?
A. Positioning and types of antennas are irrelevant.
B. Directional antennas only provide for weak encryption
of signal.
C. Positioning of the antennas is irrelevant unless
802.11n is thestandard chosen.
D. Wireless signals can be detected from miles away;
therefore, this stepalone will not secure the
network.
8. An attacker is attempting to crack a WEP code to
gain access to thenetwork. After enabling monitor
mode on wlan0and creating a monitoring interface (mon
0), she types this command:
What is she trying to accomplish?
A. Gain access to the WEP access code by
examining the response todeauthentication packets,
which contain the WEP code.
B. Use deauthentication packets to generate lots of
network traffic.
C. Determine the BSSID of the access point.
D. Discover the cloaked SSID of the network.
9. Which wireless standard works at 54 Mbps on a
frequency range of2.4GHz? A. 802.11a
B. 802.11b
C. 802.11g
, D. 802.11n
10. Which of the following describes sending unsolicited
messages to aBluetooth device?
A. BlueSmacking
B. Bluejacking
C. BlueSniffing
D. BlueSnarfing
11. Which of the tools listed here is a passive discovery
tool?
A. Aircrack
B. Kismet
C. NetStumbler
D. Netsniff
12. You have discovered an access point using WEP for
encryption purposes.Which of the following is the best
choice for uncovering the network key?
A. NetStumbler
B. Aircrack
C. John the Ripper
D. Kismet
13. Which of the following statements are true regarding TKIP?
(Choose allthat apply.)
A. Temporal Key Integrity Protocol forces a key
change every 10,000packets.
B. Temporal Key Integrity Protocol ensures keys do not
change during asession.
C. Temporal Key Integrity Protocol is an integral part
of WEP.
D. Temporal Key Integrity Protocol is an integral part
of WPA.
14. Regarding SSIDs, which of the following are true
statements? (Chooseall that apply.)
Ethical Hacker Practice Exam Collection
Designed to Strengthen Skills, Test
Knowledge, and Prepare Students for Real
Cybersecurity Certification Success.
1. Which of the following is not true regarding SSIDs?
A. The SSID is broadcast by APs in the network,
unless otherwiseconfigured.
B. If the SSID changes, all clients must update to
the new SSID tocommunicate.
C. Turning off the SSID broadcast ensures only authorized
clients, whoknow the SSID, can connect.
D. The SSID serves to identify wireless networks.
E. SSIDs are case sensitive.
2. Which of the following correctly describe the war chalk
shown here?
(Choose all that apply.)
A. The nearby access point is secured via WPA2.
, B. The nearby access point uses MAC filtering.
C. The non-broadcasted SSID is Guest_AnyBiz.
D. The network access only provides guest-level resource
access.
3. Which wireless technology provides NIST FIPS 140-2
compliantencryption?
A. WPA
B. WPA2
C. WAP
D. WEP
4. Which of the following uses a 48-bit Initialization
Vector? (Choose allthat apply.)
A. WEP
B. WPA
C. WPA2
D. WEP2
5. Which of the following are true statements? (Choose
all that apply.)A. WEP uses shared key encryption
with TKIP.
B. WEP uses shared key encryption with RC4.
C. WPA2 uses shared key encryption with RC4.
D. WPA2 uses TKIP and AES encryption.
6. Which of the following best describes the “evil twin”
wireless hackingattack?
A. An attacker sets up a client machine using the same
MAC as anauthorized user.
B. An attacker connects using the same username and
password as anauthorized user.
C. An attacker sets up an access point inside the
network range forclients to connect to.
D. An attacker sets up an authentication server on
the wireless network.
,7. During an outbrief of a pen test, you share successes
your team has hadagainst the target’s wireless network.
The client asks for an explanation of the results,
stating directional antennas for the access points
were strategically placed to provide coverage for the
building instead of omnidirectional antennas. Which
of the following statements provides the correct response?
A. Positioning and types of antennas are irrelevant.
B. Directional antennas only provide for weak encryption
of signal.
C. Positioning of the antennas is irrelevant unless
802.11n is thestandard chosen.
D. Wireless signals can be detected from miles away;
therefore, this stepalone will not secure the
network.
8. An attacker is attempting to crack a WEP code to
gain access to thenetwork. After enabling monitor
mode on wlan0and creating a monitoring interface (mon
0), she types this command:
What is she trying to accomplish?
A. Gain access to the WEP access code by
examining the response todeauthentication packets,
which contain the WEP code.
B. Use deauthentication packets to generate lots of
network traffic.
C. Determine the BSSID of the access point.
D. Discover the cloaked SSID of the network.
9. Which wireless standard works at 54 Mbps on a
frequency range of2.4GHz? A. 802.11a
B. 802.11b
C. 802.11g
, D. 802.11n
10. Which of the following describes sending unsolicited
messages to aBluetooth device?
A. BlueSmacking
B. Bluejacking
C. BlueSniffing
D. BlueSnarfing
11. Which of the tools listed here is a passive discovery
tool?
A. Aircrack
B. Kismet
C. NetStumbler
D. Netsniff
12. You have discovered an access point using WEP for
encryption purposes.Which of the following is the best
choice for uncovering the network key?
A. NetStumbler
B. Aircrack
C. John the Ripper
D. Kismet
13. Which of the following statements are true regarding TKIP?
(Choose allthat apply.)
A. Temporal Key Integrity Protocol forces a key
change every 10,000packets.
B. Temporal Key Integrity Protocol ensures keys do not
change during asession.
C. Temporal Key Integrity Protocol is an integral part
of WEP.
D. Temporal Key Integrity Protocol is an integral part
of WPA.
14. Regarding SSIDs, which of the following are true
statements? (Chooseall that apply.)
