CERTIFIED ETHICAL HACKER
EXAMINATION QUESTIONS AND
CORRECT ANSWERS (VERIFIED
ANSWERS) PLUS RATIONALES 2026 Q&A
| INSTANT DOWNLOAD PDF
1. What is the primary goal of ethical hacking?
A. To damage systems for learning
B. To secure systems by identifying vulnerabilities
C. To create malware for testing
D. To bypass firewalls illegally
Correct Answer: B. To secure systems by identifying vulnerabilities
Rationale: Ethical hacking focuses on legally and systematically probing systems,
networks, and applications to discover weaknesses before malicious attackers
can exploit them. The goal is defensive improvement, not exploitation or
damage.
2. Which tool is commonly used for network scanning?
A. Wireshark
B. Nmap
C. Metasploit
D. John the Ripper
Correct Answer: B. Nmap
Rationale: Nmap is a powerful network scanning tool used to discover hosts,
,services, open ports, and operating systems on a network. It is widely used in
reconnaissance phases of ethical hacking.
3. What does CIA triad stand for in cybersecurity?
A. Control, Integrity, Availability
B. Confidentiality, Integrity, Availability
C. Cyber, Internet, Access
D. Control, Internet, Authorization
Correct Answer: B. Confidentiality, Integrity, Availability
Rationale: The CIA triad is a foundational security model ensuring data
confidentiality (protection from unauthorized access), integrity (accuracy and
completeness), and availability (accessible when needed).
4. Which attack involves overwhelming a system with traffic?
A. Phishing
B. SQL Injection
C. DoS attack
D. Brute force
Correct Answer: C. DoS attack
Rationale: A Denial of Service (DoS) attack floods a system with excessive traffic
or requests, making it unavailable to legitimate users by exhausting resources.
5. What is the purpose of a firewall?
A. Encrypt data
B. Filter network traffic
C. Store passwords
D. Detect malware only
Correct Answer: B. Filter network traffic
Rationale: A firewall monitors and controls incoming and outgoing network
,traffic based on security rules, acting as a barrier between trusted and untrusted
networks.
6. Which attack exploits user trust through fake emails?
A. SQL Injection
B. Phishing
C. Spoofing
D. Sniffing
Correct Answer: B. Phishing
Rationale: Phishing uses deceptive emails or messages to trick users into
revealing sensitive information such as passwords or credit card details.
7. What is footprinting in ethical hacking?
A. Exploiting vulnerabilities
B. Collecting information about a target
C. Encrypting data
D. Blocking attackers
Correct Answer: B. Collecting information about a target
Rationale: Footprinting is the initial reconnaissance phase where hackers gather
as much information as possible about a target system or organization.
8. Which protocol is used for secure web browsing?
A. HTTP
B. FTP
C. HTTPS
D. SMTP
Correct Answer: C. HTTPS
Rationale: HTTPS uses SSL/TLS encryption to secure communication between
browser and server, protecting data from interception.
, 9. What is a brute force attack?
A. Guessing passwords systematically
B. Encrypting data
C. Scanning networks
D. Injecting scripts
Correct Answer: A. Guessing passwords systematically
Rationale: A brute force attack attempts all possible combinations of passwords
until the correct one is found, often using automation tools.
10.Which tool is used for password cracking?
A. Wireshark
B. John the Ripper
C. Nmap
D. Netcat
Correct Answer: B. John the Ripper
Rationale: John the Ripper is a popular password cracking tool used to test
password strength by attempting to break hashed passwords.
11.What is SQL Injection?
A. Network scanning method
B. Database attack using malicious SQL queries
C. Encryption method
D. Firewall configuration
Correct Answer: B. Database attack using malicious SQL queries
Rationale: SQL Injection exploits vulnerabilities in database queries by inserting
malicious SQL code to access or manipulate data.
EXAMINATION QUESTIONS AND
CORRECT ANSWERS (VERIFIED
ANSWERS) PLUS RATIONALES 2026 Q&A
| INSTANT DOWNLOAD PDF
1. What is the primary goal of ethical hacking?
A. To damage systems for learning
B. To secure systems by identifying vulnerabilities
C. To create malware for testing
D. To bypass firewalls illegally
Correct Answer: B. To secure systems by identifying vulnerabilities
Rationale: Ethical hacking focuses on legally and systematically probing systems,
networks, and applications to discover weaknesses before malicious attackers
can exploit them. The goal is defensive improvement, not exploitation or
damage.
2. Which tool is commonly used for network scanning?
A. Wireshark
B. Nmap
C. Metasploit
D. John the Ripper
Correct Answer: B. Nmap
Rationale: Nmap is a powerful network scanning tool used to discover hosts,
,services, open ports, and operating systems on a network. It is widely used in
reconnaissance phases of ethical hacking.
3. What does CIA triad stand for in cybersecurity?
A. Control, Integrity, Availability
B. Confidentiality, Integrity, Availability
C. Cyber, Internet, Access
D. Control, Internet, Authorization
Correct Answer: B. Confidentiality, Integrity, Availability
Rationale: The CIA triad is a foundational security model ensuring data
confidentiality (protection from unauthorized access), integrity (accuracy and
completeness), and availability (accessible when needed).
4. Which attack involves overwhelming a system with traffic?
A. Phishing
B. SQL Injection
C. DoS attack
D. Brute force
Correct Answer: C. DoS attack
Rationale: A Denial of Service (DoS) attack floods a system with excessive traffic
or requests, making it unavailable to legitimate users by exhausting resources.
5. What is the purpose of a firewall?
A. Encrypt data
B. Filter network traffic
C. Store passwords
D. Detect malware only
Correct Answer: B. Filter network traffic
Rationale: A firewall monitors and controls incoming and outgoing network
,traffic based on security rules, acting as a barrier between trusted and untrusted
networks.
6. Which attack exploits user trust through fake emails?
A. SQL Injection
B. Phishing
C. Spoofing
D. Sniffing
Correct Answer: B. Phishing
Rationale: Phishing uses deceptive emails or messages to trick users into
revealing sensitive information such as passwords or credit card details.
7. What is footprinting in ethical hacking?
A. Exploiting vulnerabilities
B. Collecting information about a target
C. Encrypting data
D. Blocking attackers
Correct Answer: B. Collecting information about a target
Rationale: Footprinting is the initial reconnaissance phase where hackers gather
as much information as possible about a target system or organization.
8. Which protocol is used for secure web browsing?
A. HTTP
B. FTP
C. HTTPS
D. SMTP
Correct Answer: C. HTTPS
Rationale: HTTPS uses SSL/TLS encryption to secure communication between
browser and server, protecting data from interception.
, 9. What is a brute force attack?
A. Guessing passwords systematically
B. Encrypting data
C. Scanning networks
D. Injecting scripts
Correct Answer: A. Guessing passwords systematically
Rationale: A brute force attack attempts all possible combinations of passwords
until the correct one is found, often using automation tools.
10.Which tool is used for password cracking?
A. Wireshark
B. John the Ripper
C. Nmap
D. Netcat
Correct Answer: B. John the Ripper
Rationale: John the Ripper is a popular password cracking tool used to test
password strength by attempting to break hashed passwords.
11.What is SQL Injection?
A. Network scanning method
B. Database attack using malicious SQL queries
C. Encryption method
D. Firewall configuration
Correct Answer: B. Database attack using malicious SQL queries
Rationale: SQL Injection exploits vulnerabilities in database queries by inserting
malicious SQL code to access or manipulate data.
