2025 EC-COUNCIL CEH CERTIFICATION PRACTICE
EXAM | 125 UPDATED QUESTIONS | WITH
ACTUAL SOLUTIONS!!
Which of the following cryptographic algorithms is used in asymmetric
encryption? Answer - Diffie-Hellman
Which of the following is a tool for cracking Windows login passwords using
rainbow tables? Answer - Ophcrack
Jason is at home, attempting to access the website for his music store. When
he goes to the website, it has a simple form asking for name, email, and phone
number. This is not the music store website. Jason is sure the website has been
hacked. How did the attacker accomplish this hack? Answer - DNS cache
poisoning
On your network, you have a Windows 10 system with the IP address
10.10.10.195. You have installed XAMPP along with some web pages, php, and
forms. You want to put it on the public-facing internet, but you are not sure if it
has any vulnerabilities. On your Kali Linux system, you have downloaded the
nmap-vulners script from GitHub. Which of the following is the correct nmap
command to run? Answer - nmap --script nmap-vulners -sV 10.10.10.195
,Implementing emergency lighting that runs on protected power and
automatically switches on when the main power goes off is part of which
physical control? Answer - Employee and visitor safety
A hacker finds a system that has a poorly design and unpatched program
installed. He wants to create a backdoor for himself. Which of the following
tools could he use to establish a backdoor? Answer - Metasploit
Which of the following is considered an out-of-band distribution method for
private key encryption? Answer - Copying the key to a USB drive.
Based on your review of physical security, you have recommended several
improvements. Your plan includes smart card readers, IP cameras, signs, and
access logs.
Smart cards have the ability to encrypt access information. Smart cards can
require contact or be contactless. Proximity cards, also known as RFID (radio
frequency identification) cards, are a subset of smart cards that use the 125
kHz frequency to communicate with proximity readers. Proximity cards differ
from smart cards because they are designed to only communicate the card's ID,
but the smart card can communicate more information.
Use IP security cameras because they operate over the TCP/IP network.
Implement your physical security plan by dragging the correct items from the
shelf into the various locations in the building. As you drag the items from the
shelf, the possible drop locations are highlighted. Not all items on the shelf will
be used.
In this l Answer - LabSim
Ron, a hacker, wants to get access to a prestigious law firm he has been
watching for a while. June, an administrative assistant at the law firm, is having
lunch at the food court around the corner from her office. Ron notices that
June has a picture of a dog on her phone. He casually walks by and starts a
, conversation about dogs. Which phase of the social engineering process is Ron
in? Answer - Development phase
YuJin drove his smart car to the beach to fly his drone in search of ocean animal
activity. Which of the following operation systems are most likely being used by
his car and drone? Answer - Integrity RTOS and snappy
Which of the following is a short-range wireless personal area network that
supports low-power, long-use IoT needs? Answer - BLE(Bluetooth low energy)
Mark is moving files from a device that is formatted using NTFS to a device that
is formatted using FAT. Which of the following is he trying to get rid of? Answer
- Malicious alternate data streams.
An IDS can perform many types of intrusion detections. Three common
detection methods are signature-based, anomaly-based, and protocol-based.
Which of the following best describes protocol-based detection? Answer - This
detection method can include malformed messages and sequencing errors.
What are the two types of Intrusion Detection Systems (IDSs)? Answer - HIDS
and NIDS
Which of the following best describes what SOX does? Answer - Implements
accounting and disclosure requirements that increase transparency.
Which of the following best describes a stateful inspection? Answer -
Determines the legitimacy of traffic based on the state of the connection from
which the traffic originated.
EXAM | 125 UPDATED QUESTIONS | WITH
ACTUAL SOLUTIONS!!
Which of the following cryptographic algorithms is used in asymmetric
encryption? Answer - Diffie-Hellman
Which of the following is a tool for cracking Windows login passwords using
rainbow tables? Answer - Ophcrack
Jason is at home, attempting to access the website for his music store. When
he goes to the website, it has a simple form asking for name, email, and phone
number. This is not the music store website. Jason is sure the website has been
hacked. How did the attacker accomplish this hack? Answer - DNS cache
poisoning
On your network, you have a Windows 10 system with the IP address
10.10.10.195. You have installed XAMPP along with some web pages, php, and
forms. You want to put it on the public-facing internet, but you are not sure if it
has any vulnerabilities. On your Kali Linux system, you have downloaded the
nmap-vulners script from GitHub. Which of the following is the correct nmap
command to run? Answer - nmap --script nmap-vulners -sV 10.10.10.195
,Implementing emergency lighting that runs on protected power and
automatically switches on when the main power goes off is part of which
physical control? Answer - Employee and visitor safety
A hacker finds a system that has a poorly design and unpatched program
installed. He wants to create a backdoor for himself. Which of the following
tools could he use to establish a backdoor? Answer - Metasploit
Which of the following is considered an out-of-band distribution method for
private key encryption? Answer - Copying the key to a USB drive.
Based on your review of physical security, you have recommended several
improvements. Your plan includes smart card readers, IP cameras, signs, and
access logs.
Smart cards have the ability to encrypt access information. Smart cards can
require contact or be contactless. Proximity cards, also known as RFID (radio
frequency identification) cards, are a subset of smart cards that use the 125
kHz frequency to communicate with proximity readers. Proximity cards differ
from smart cards because they are designed to only communicate the card's ID,
but the smart card can communicate more information.
Use IP security cameras because they operate over the TCP/IP network.
Implement your physical security plan by dragging the correct items from the
shelf into the various locations in the building. As you drag the items from the
shelf, the possible drop locations are highlighted. Not all items on the shelf will
be used.
In this l Answer - LabSim
Ron, a hacker, wants to get access to a prestigious law firm he has been
watching for a while. June, an administrative assistant at the law firm, is having
lunch at the food court around the corner from her office. Ron notices that
June has a picture of a dog on her phone. He casually walks by and starts a
, conversation about dogs. Which phase of the social engineering process is Ron
in? Answer - Development phase
YuJin drove his smart car to the beach to fly his drone in search of ocean animal
activity. Which of the following operation systems are most likely being used by
his car and drone? Answer - Integrity RTOS and snappy
Which of the following is a short-range wireless personal area network that
supports low-power, long-use IoT needs? Answer - BLE(Bluetooth low energy)
Mark is moving files from a device that is formatted using NTFS to a device that
is formatted using FAT. Which of the following is he trying to get rid of? Answer
- Malicious alternate data streams.
An IDS can perform many types of intrusion detections. Three common
detection methods are signature-based, anomaly-based, and protocol-based.
Which of the following best describes protocol-based detection? Answer - This
detection method can include malformed messages and sequencing errors.
What are the two types of Intrusion Detection Systems (IDSs)? Answer - HIDS
and NIDS
Which of the following best describes what SOX does? Answer - Implements
accounting and disclosure requirements that increase transparency.
Which of the following best describes a stateful inspection? Answer -
Determines the legitimacy of traffic based on the state of the connection from
which the traffic originated.
