Certified Ethical Hacker (CEH) V12
Exam Version 2 (Latest Update 2025
/ 2026) Certification Test Questions
and Answers | Grade A | 100%
Correct
Question:
After an audit, the auditors inform you that there is a critical finding that you
must tackle immediately. You read the audit report, and the problem is the
service running on port 389.
Which service is this and how can you tackle the problem?
A. The service is NTP, and you have to change it from UDP to TCP in order to
encrypt it.
B. The service is LDAP, and you must change it to 636, which is LDAPS.
C. The findings do not require immediate actions and are only suggestions.
D. The service is SMTP, and you must change it to SMIME, which is an
encrypted way to send emails.
Answer:
B
,Question:
Mike, a security engineer, was recently hired by BigFox Ltd. The company
recently experienced disastrous DoS attacks. The management had instructed
Mike to build defensive strategies for the company's IT infrastructure to
thwart DoS/DDoS attacks. Mike deployed some countermeasures to handle
jamming and scrambling attacks.
What is the countermeasure Mike applied to defend against jamming and
scrambling attacks?
A. Allow the transmission of all types of addressed packets at the ISP level
B. Disable TCP SYN cookie protection
C. Allow the usage of functions such as gets and strcpy
D. Implement cognitive radios in the physical layer
Answer:
D
Question:
You are using a public Wi-Fi network inside a coffee shop. Before surfing the
web, you use your VPN to prevent intruders from sniffing your traffic. If you
did not have a VPN, how would you identify whether someone is performing
an ARP spoofing attack on your laptop?
A. You should check your ARP table and see if there is one IP address with two
different MAC addresses.
,B. You should scan the network using Nmap to check the MAC addresses of
all the hosts and look for duplicates.
C. You should use netstat to check for any suspicious connections with
another IP address within the LAN.
D. You cannot identify such an attack and must use a VPN to protect your
traffic.
Answer:
A
Question:
Lewis, a professional hacker, targeted the IoT cameras and devices used by a
target venture-capital firm. He used an information-gathering tool to collect
information about the IoT devices connected to a network, open ports and
services, and the attack surface area. Using this tool, he also generated
statistical reports on broad usage patterns and trends. This tool helped Lewis
continually monitor every reachable server and device on the Internet, further
allowing him to exploit these devices in the network.
Which of the following tools was employed by Lewis in the above scenario?
A. NeuVector
B. Lacework
C. Censys
D. Wapiti
Answer:
C
, Question:
Techno Security Inc. recently hired John as a penetration tester. He was tasked
with identifying open ports in the target network and determining whether
the ports are online and any firewall rule sets are encountered.John decided to
perform a TCP SYN ping scan on the target network.
Which of the following Nmap commands must John use to perform the TCP
SYN ping scan?
A. nmap -sn -PO < target IP address >
B. nmap -sn -PS < target IP address >
C. nmap -sn -PA < target IP address >
D. nmap -sn -PP < target IP address >
Answer:
B
Question:
Ricardo has discovered the username for an application in his target's
environment. As he has a limited amount of time, he decides to attempt to
use a list of common passwords he found on the Internet. He compiles them
into a list and then feeds that list as an argument into his password-cracking
application.
What type of attack is Ricardo performing?
Exam Version 2 (Latest Update 2025
/ 2026) Certification Test Questions
and Answers | Grade A | 100%
Correct
Question:
After an audit, the auditors inform you that there is a critical finding that you
must tackle immediately. You read the audit report, and the problem is the
service running on port 389.
Which service is this and how can you tackle the problem?
A. The service is NTP, and you have to change it from UDP to TCP in order to
encrypt it.
B. The service is LDAP, and you must change it to 636, which is LDAPS.
C. The findings do not require immediate actions and are only suggestions.
D. The service is SMTP, and you must change it to SMIME, which is an
encrypted way to send emails.
Answer:
B
,Question:
Mike, a security engineer, was recently hired by BigFox Ltd. The company
recently experienced disastrous DoS attacks. The management had instructed
Mike to build defensive strategies for the company's IT infrastructure to
thwart DoS/DDoS attacks. Mike deployed some countermeasures to handle
jamming and scrambling attacks.
What is the countermeasure Mike applied to defend against jamming and
scrambling attacks?
A. Allow the transmission of all types of addressed packets at the ISP level
B. Disable TCP SYN cookie protection
C. Allow the usage of functions such as gets and strcpy
D. Implement cognitive radios in the physical layer
Answer:
D
Question:
You are using a public Wi-Fi network inside a coffee shop. Before surfing the
web, you use your VPN to prevent intruders from sniffing your traffic. If you
did not have a VPN, how would you identify whether someone is performing
an ARP spoofing attack on your laptop?
A. You should check your ARP table and see if there is one IP address with two
different MAC addresses.
,B. You should scan the network using Nmap to check the MAC addresses of
all the hosts and look for duplicates.
C. You should use netstat to check for any suspicious connections with
another IP address within the LAN.
D. You cannot identify such an attack and must use a VPN to protect your
traffic.
Answer:
A
Question:
Lewis, a professional hacker, targeted the IoT cameras and devices used by a
target venture-capital firm. He used an information-gathering tool to collect
information about the IoT devices connected to a network, open ports and
services, and the attack surface area. Using this tool, he also generated
statistical reports on broad usage patterns and trends. This tool helped Lewis
continually monitor every reachable server and device on the Internet, further
allowing him to exploit these devices in the network.
Which of the following tools was employed by Lewis in the above scenario?
A. NeuVector
B. Lacework
C. Censys
D. Wapiti
Answer:
C
, Question:
Techno Security Inc. recently hired John as a penetration tester. He was tasked
with identifying open ports in the target network and determining whether
the ports are online and any firewall rule sets are encountered.John decided to
perform a TCP SYN ping scan on the target network.
Which of the following Nmap commands must John use to perform the TCP
SYN ping scan?
A. nmap -sn -PO < target IP address >
B. nmap -sn -PS < target IP address >
C. nmap -sn -PA < target IP address >
D. nmap -sn -PP < target IP address >
Answer:
B
Question:
Ricardo has discovered the username for an application in his target's
environment. As he has a limited amount of time, he decides to attempt to
use a list of common passwords he found on the Internet. He compiles them
into a list and then feeds that list as an argument into his password-cracking
application.
What type of attack is Ricardo performing?
