6/28/25, 2:11
PM
CERTIFIED ETHICAL HACKER CERTIFICATION - CEH V10. EXAM
QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED
LATEST UPDATE 2025/2026
Terms in this set (271)
ARP poisoning ARP poisoning refers to flooding the target machine's ARP cache
with forged entries.
A combination of black box and white box testing that
Grey box testing
gives a full inspection of the system, simulating both
outside and inside attacks
NTP stands for Network Time Protocol and its role is to
ensure that the networked computer clocks are
NTP Enumeration synchronized. NTP enumeration provides hackers
with
information about the hosts that are connected to NTP
server as well as IP addresses, system names, and
operating systems of the clients.
Active online attacks require the attacker to
Active online attacks
communicate with the target machine in order to
crack the password.
Static analysis refers to analyzing malware without running or
Static malware analysis installing it. The
1/
26
,6/28/25, 2:11
PM
malware's binary code is examined to determine if
there are any data structures or function calls that
have malicious behavior.
Access control attack is someone tries to penetrate a
Access control wireless network by avoiding access control
measures, such as Access Point MAC filters or Wi-Fi
port access
control.
Find the target's
username Create
a password list
Sort the passwords by the probability
Password guessing attack
steps
Try each password
Packet sniffing programs are called sniffers and
Sniffer they are designed to capture packets that contain
information such as passwords, router configuration,
traffic, and more.
2/
26
, 6/28/25, 2:11
PM
Identify important data
Choose the appropriate
backup media Choose the
appropriate backup
technology Choose the
appropriate RAID levels
Choose the appropriate
backup method Choose the
appropriate location
Data backup strategy steps Choose the backup type
Choose the appropriate
backup solution Perform a
recovery test
WPA2-Personal encryption uses a pre-shared key (PSK)
WPA2-Personal
to protect the network access.
Threat modeling is an assessment approach in which the
Threat modeling security of an application is analyzed. It helps in
identifying threats that are relevant to the application,
discovering application vulnerabilities, and improve the security.
Administrative security policies Administrative policies define the behaviour of employees.
Doxing is revealing and publishing personal information
Doxing about someone. It involves gathering private and
valuable information about a person or organization
and then misusing that information for different
3/
26
PM
CERTIFIED ETHICAL HACKER CERTIFICATION - CEH V10. EXAM
QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED
LATEST UPDATE 2025/2026
Terms in this set (271)
ARP poisoning ARP poisoning refers to flooding the target machine's ARP cache
with forged entries.
A combination of black box and white box testing that
Grey box testing
gives a full inspection of the system, simulating both
outside and inside attacks
NTP stands for Network Time Protocol and its role is to
ensure that the networked computer clocks are
NTP Enumeration synchronized. NTP enumeration provides hackers
with
information about the hosts that are connected to NTP
server as well as IP addresses, system names, and
operating systems of the clients.
Active online attacks require the attacker to
Active online attacks
communicate with the target machine in order to
crack the password.
Static analysis refers to analyzing malware without running or
Static malware analysis installing it. The
1/
26
,6/28/25, 2:11
PM
malware's binary code is examined to determine if
there are any data structures or function calls that
have malicious behavior.
Access control attack is someone tries to penetrate a
Access control wireless network by avoiding access control
measures, such as Access Point MAC filters or Wi-Fi
port access
control.
Find the target's
username Create
a password list
Sort the passwords by the probability
Password guessing attack
steps
Try each password
Packet sniffing programs are called sniffers and
Sniffer they are designed to capture packets that contain
information such as passwords, router configuration,
traffic, and more.
2/
26
, 6/28/25, 2:11
PM
Identify important data
Choose the appropriate
backup media Choose the
appropriate backup
technology Choose the
appropriate RAID levels
Choose the appropriate
backup method Choose the
appropriate location
Data backup strategy steps Choose the backup type
Choose the appropriate
backup solution Perform a
recovery test
WPA2-Personal encryption uses a pre-shared key (PSK)
WPA2-Personal
to protect the network access.
Threat modeling is an assessment approach in which the
Threat modeling security of an application is analyzed. It helps in
identifying threats that are relevant to the application,
discovering application vulnerabilities, and improve the security.
Administrative security policies Administrative policies define the behaviour of employees.
Doxing is revealing and publishing personal information
Doxing about someone. It involves gathering private and
valuable information about a person or organization
and then misusing that information for different
3/
26
