CERTIFIED ETHICAL HACKER (CEH) PRACTICE EXAM
LATEST 2026 UPDATE 100 QUESTIONS AND
DETAILED VERIFIED ANSWERS FROM ACTUAL
EXAMS TEST GRADE A+
1.
Which phase of ethical hacking involves gathering publicly available information
about a target without directly interacting with it?
A. Scanning
B. Gaining Access
C. Reconnaissance
D. Maintaining Access
Rationale: Reconnaissance, also known as footprinting, involves collecting
information about a target using passive techniques such as WHOIS and search
engines.
2.
Which tool is primarily used for network discovery and port scanning?
A. Wireshark
B. Nmap
C. Metasploit
D. John the Ripper
Rationale: Nmap is widely used for discovering hosts and scanning open ports on a
network.
3.
,What type of attack involves overwhelming a system with traffic from multiple
sources?
A. Phishing
B. Distributed Denial-of-Service (DDoS)
C. SQL Injection
D. Session Hijacking
Rationale: A DDoS attack uses many compromised systems to flood a target,
making services unavailable.
4.
Which protocol is commonly used to securely transfer files over a network?
A. FTP
B. Telnet
C. SFTP
D. TFTP
Rationale: SFTP operates over SSH and provides encryption for secure file
transfers.
5.
Which type of malware disguises itself as legitimate software?
A. Worm
B. Virus
C. Trojan Horse
D. Rootkit
Rationale: A Trojan horse appears legitimate to trick users into installing malicious
software.
,6.
What does the principle of least privilege ensure?
A. Users have administrator access
B. Systems run faster
C. Users receive only the access necessary to perform their tasks
D. All data is encrypted
Rationale: The principle minimizes security risks by limiting user permissions to
only what is required.
7.
Which attack exploits improper validation of user input in web applications?
A. Cross-Site Scripting
B. SQL Injection
C. DNS Spoofing
D. ARP Poisoning
Rationale: SQL Injection occurs when malicious SQL statements are inserted into
input fields to manipulate databases.
8.
Which tool is commonly used for password cracking through brute-force or
dictionary attacks?
A. Nessus
B. John the Ripper
C. Burp Suite
D. Nikto
Rationale: John the Ripper is designed to crack passwords using various attack
techniques.
, 9.
What is the primary purpose of a firewall?
A. Detect malware
B. Control incoming and outgoing network traffic based on security rules
C. Encrypt data
D. Monitor user behavior
Rationale: Firewalls enforce security policies by filtering network traffic.
10.
Which type of reconnaissance involves direct interaction with the target system?
A. Passive Reconnaissance
B. Active Reconnaissance
C. Social Engineering
D. Enumeration
Rationale: Active reconnaissance includes activities like ping sweeps and port
scanning, which interact with the target.
11.
Which attack involves injecting malicious scripts into web pages viewed by other
users?
A. SQL Injection
B. Cross-Site Scripting (XSS)
C. Buffer Overflow
D. Directory Traversal
Rationale: XSS allows attackers to execute scripts in a victim’s browser.
LATEST 2026 UPDATE 100 QUESTIONS AND
DETAILED VERIFIED ANSWERS FROM ACTUAL
EXAMS TEST GRADE A+
1.
Which phase of ethical hacking involves gathering publicly available information
about a target without directly interacting with it?
A. Scanning
B. Gaining Access
C. Reconnaissance
D. Maintaining Access
Rationale: Reconnaissance, also known as footprinting, involves collecting
information about a target using passive techniques such as WHOIS and search
engines.
2.
Which tool is primarily used for network discovery and port scanning?
A. Wireshark
B. Nmap
C. Metasploit
D. John the Ripper
Rationale: Nmap is widely used for discovering hosts and scanning open ports on a
network.
3.
,What type of attack involves overwhelming a system with traffic from multiple
sources?
A. Phishing
B. Distributed Denial-of-Service (DDoS)
C. SQL Injection
D. Session Hijacking
Rationale: A DDoS attack uses many compromised systems to flood a target,
making services unavailable.
4.
Which protocol is commonly used to securely transfer files over a network?
A. FTP
B. Telnet
C. SFTP
D. TFTP
Rationale: SFTP operates over SSH and provides encryption for secure file
transfers.
5.
Which type of malware disguises itself as legitimate software?
A. Worm
B. Virus
C. Trojan Horse
D. Rootkit
Rationale: A Trojan horse appears legitimate to trick users into installing malicious
software.
,6.
What does the principle of least privilege ensure?
A. Users have administrator access
B. Systems run faster
C. Users receive only the access necessary to perform their tasks
D. All data is encrypted
Rationale: The principle minimizes security risks by limiting user permissions to
only what is required.
7.
Which attack exploits improper validation of user input in web applications?
A. Cross-Site Scripting
B. SQL Injection
C. DNS Spoofing
D. ARP Poisoning
Rationale: SQL Injection occurs when malicious SQL statements are inserted into
input fields to manipulate databases.
8.
Which tool is commonly used for password cracking through brute-force or
dictionary attacks?
A. Nessus
B. John the Ripper
C. Burp Suite
D. Nikto
Rationale: John the Ripper is designed to crack passwords using various attack
techniques.
, 9.
What is the primary purpose of a firewall?
A. Detect malware
B. Control incoming and outgoing network traffic based on security rules
C. Encrypt data
D. Monitor user behavior
Rationale: Firewalls enforce security policies by filtering network traffic.
10.
Which type of reconnaissance involves direct interaction with the target system?
A. Passive Reconnaissance
B. Active Reconnaissance
C. Social Engineering
D. Enumeration
Rationale: Active reconnaissance includes activities like ping sweeps and port
scanning, which interact with the target.
11.
Which attack involves injecting malicious scripts into web pages viewed by other
users?
A. SQL Injection
B. Cross-Site Scripting (XSS)
C. Buffer Overflow
D. Directory Traversal
Rationale: XSS allows attackers to execute scripts in a victim’s browser.
