6/28/25, 2:03
PM
CEH V12 PRACTICE QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS
VERIFIED LATEST UPDATE GRADED A++ 2025/2026
Terms in this set (487)
Which of the following tools is Nikto
a command- line
vulnerability scanner that
scans web
servers for dangerous
files/CGIs?
A) Snort
B) Kon-Boot
C) John the Ripper
D) Nikto
Michael, a technical The gateway is not routing to a public IP address
specialist, discovered that
the laptop of one of the
employees connecting to
a wireless point couldn't
access the internet, but at the
same time, it can transfer
files locally. He checked the
IP address and the default
gateway. They are both on
192.168.1.0/24. Which of
the
following caused the
problem?
A) The laptop is using an
1/55
,6/28/25, 2:03
PM
invalid IP address
B) The laptop and the
gateway are not on the
same network
C) The laptop isn't using
a private IP address
D) The gateway is not routing
to a public IP address
Josh, a security analyst, Maltego
wants to choose a tool for
himself to examine links
between data. One of the
main requirements is to
present data using graphs and
link analysis. Which of the
following tools will meet
John's requirements?
A) Palantir
B) Maltego
C) Analyst's Notebook
D) Metasploit
What describes two-factor Something you have and something you know
authentication for a credit
card (using a card and
pin)?
A) Something you know
and something you are
B) Something you have and
something you know
C) Something you are and
something you remember
2/55
,6/28/25, 2:03
PM
D) Something you have and
something you are
Identify a vulnerability in Heartbleed Bug
OpenSSL that
allows stealing the
information protected
under normal conditions by
the SSL/TLS encryption
used to secure the
internet?
A) SSL/TLS Renegotiation
Vulnerability
B) POODLE
C) Heartbleed Bug
D) Shellshock
You make a series of Adaptive chosen-plaintext attack
interactive queries,
choosing subsequent
plaintexts based on the
information from the
previous
encryption. What type of
attack are you trying to
perform?
A) Adaptive chosen-plaintext
attack
B) Ciphertext-only attack
C) Known-plaintext attack
D) Chosen-plaintext attack
Which of the following does Work at the Data Link Layer
not apply to IPsec?
3/55
, 6/28/25, 2:03
PM
A) Provides authentication
B) Use key exchange
C) Encrypts the payloads
D) Work at the Data Link Layer
Alex, a cybersecurity TCP Connect/Full Open Scan
specialist, received a task
from the head to scan open
ports.
One of the main conditions
was to use the most reliable
type of TCP scanning. Which
of the following types of
scanning would Alex use?
A) NULL Scan
B) Half-open Scan
C) TCP Connect/Full Open
Scan
D) Xmas Scan
Which of the following -F
Nmap options will you use
if you want to scan fewer
ports than the default?
A) -p
B) -sP
C) -T
D) -F
You conduct an Cross-Site Request Forgery (CSRF)
investigation and finds out
that the browser of one of
4/55
PM
CEH V12 PRACTICE QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS
VERIFIED LATEST UPDATE GRADED A++ 2025/2026
Terms in this set (487)
Which of the following tools is Nikto
a command- line
vulnerability scanner that
scans web
servers for dangerous
files/CGIs?
A) Snort
B) Kon-Boot
C) John the Ripper
D) Nikto
Michael, a technical The gateway is not routing to a public IP address
specialist, discovered that
the laptop of one of the
employees connecting to
a wireless point couldn't
access the internet, but at the
same time, it can transfer
files locally. He checked the
IP address and the default
gateway. They are both on
192.168.1.0/24. Which of
the
following caused the
problem?
A) The laptop is using an
1/55
,6/28/25, 2:03
PM
invalid IP address
B) The laptop and the
gateway are not on the
same network
C) The laptop isn't using
a private IP address
D) The gateway is not routing
to a public IP address
Josh, a security analyst, Maltego
wants to choose a tool for
himself to examine links
between data. One of the
main requirements is to
present data using graphs and
link analysis. Which of the
following tools will meet
John's requirements?
A) Palantir
B) Maltego
C) Analyst's Notebook
D) Metasploit
What describes two-factor Something you have and something you know
authentication for a credit
card (using a card and
pin)?
A) Something you know
and something you are
B) Something you have and
something you know
C) Something you are and
something you remember
2/55
,6/28/25, 2:03
PM
D) Something you have and
something you are
Identify a vulnerability in Heartbleed Bug
OpenSSL that
allows stealing the
information protected
under normal conditions by
the SSL/TLS encryption
used to secure the
internet?
A) SSL/TLS Renegotiation
Vulnerability
B) POODLE
C) Heartbleed Bug
D) Shellshock
You make a series of Adaptive chosen-plaintext attack
interactive queries,
choosing subsequent
plaintexts based on the
information from the
previous
encryption. What type of
attack are you trying to
perform?
A) Adaptive chosen-plaintext
attack
B) Ciphertext-only attack
C) Known-plaintext attack
D) Chosen-plaintext attack
Which of the following does Work at the Data Link Layer
not apply to IPsec?
3/55
, 6/28/25, 2:03
PM
A) Provides authentication
B) Use key exchange
C) Encrypts the payloads
D) Work at the Data Link Layer
Alex, a cybersecurity TCP Connect/Full Open Scan
specialist, received a task
from the head to scan open
ports.
One of the main conditions
was to use the most reliable
type of TCP scanning. Which
of the following types of
scanning would Alex use?
A) NULL Scan
B) Half-open Scan
C) TCP Connect/Full Open
Scan
D) Xmas Scan
Which of the following -F
Nmap options will you use
if you want to scan fewer
ports than the default?
A) -p
B) -sP
C) -T
D) -F
You conduct an Cross-Site Request Forgery (CSRF)
investigation and finds out
that the browser of one of
4/55
