EC-COUNCIL CEH CERTIFICATION PRACTICE EXAM QUESTIONS AND ANSWERS
Which of the following cryptographic algorithms is used in asymmetric encryption? - CORRECT
ANSWER✅✅Diffie-Hellman
Which of the following is a tool for cracking Windows login passwords using rainbow tables? - CORRECT
ANSWER✅✅Ophcrack
Jason is at home, attempting to access the website for his music store. When he goes to the website, it
has a simple form asking for name, email, and phone number. This is not the music store website. Jason
is sure the website has been hacked. How did the attacker accomplish this hack? - CORRECT
ANSWER✅✅DNS cache poisoning
On your network, you have a Windows 10 system with the IP address 10.10.10.195. You have installed
XAMPP along with some web pages, php, and forms. You want to put it on the public-facing internet,
but you are not sure if it has any vulnerabilities. On your Kali Linux system, you have downloaded the
nmap-vulners script from GitHub. Which of the following is the correct nmap command to run? -
CORRECT ANSWER✅✅nmap --script nmap-vulners -sV 10.10.10.195
Implementing emergency lighting that runs on protected power and automatically switches on when the
main power goes off is part of which physical control? - CORRECT ANSWER✅✅Employee and visitor
safety
A hacker finds a system that has a poorly design and unpatched program installed. He wants to create a
backdoor for himself. Which of the following tools could he use to establish a backdoor? - CORRECT
ANSWER✅✅Metasploit
Which of the following is considered an out-of-band distribution method for private key encryption? -
CORRECT ANSWER✅✅Copying the key to a USB drive.
Based on your review of physical security, you have recommended several improvements. Your plan
includes smart card readers, IP cameras, signs, and access logs.
Smart cards have the ability to encrypt access information. Smart cards can require contact or be
contactless. Proximity cards, also known as RFID (radio frequency identification) cards, are a subset of
smart cards that use the 125 kHz frequency to communicate with proximity readers. Proximity cards
, differ from smart cards because they are designed to only communicate the card's ID, but the smart
card can communicate more information.
Use IP security cameras because they operate over the TCP/IP network.
Implement your physical security plan by dragging the correct items from the shelf into the various
locations in the building. As you drag the items from the shelf, the possible drop locations are
highlighted. Not all items on the shelf will be used.
In this l - CORRECT ANSWER✅✅LabSim
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an
administrative assistant at the law firm, is having lunch at the food court around the corner from her
office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a
conversation about dogs. Which phase of the social engineering process is Ron in? - CORRECT
ANSWER✅✅Development phase
YuJin drove his smart car to the beach to fly his drone in search of ocean animal activity. Which of the
following operation systems are most likely being used by his car and drone? - CORRECT
ANSWER✅✅Integrity RTOS and snappy
Which of the following is a short-range wireless personal area network that supports low-power, long-
use IoT needs? - CORRECT ANSWER✅✅BLE(Bluetooth low energy)
Mark is moving files from a device that is formatted using NTFS to a device that is formatted using FAT.
Which of the following is he trying to get rid of? - CORRECT ANSWER✅✅Malicious alternate data
streams.
An IDS can perform many types of intrusion detections. Three common detection methods are
signature-based, anomaly-based, and protocol-based. Which of the following best describes protocol-
based detection? - CORRECT ANSWER✅✅This detection method can include malformed messages and
sequencing errors.
What are the two types of Intrusion Detection Systems (IDSs)? - CORRECT ANSWER✅✅HIDS and NIDS
Which of the following best describes what SOX does? - CORRECT ANSWER✅✅Implements accounting
and disclosure requirements that increase transparency.
Which of the following cryptographic algorithms is used in asymmetric encryption? - CORRECT
ANSWER✅✅Diffie-Hellman
Which of the following is a tool for cracking Windows login passwords using rainbow tables? - CORRECT
ANSWER✅✅Ophcrack
Jason is at home, attempting to access the website for his music store. When he goes to the website, it
has a simple form asking for name, email, and phone number. This is not the music store website. Jason
is sure the website has been hacked. How did the attacker accomplish this hack? - CORRECT
ANSWER✅✅DNS cache poisoning
On your network, you have a Windows 10 system with the IP address 10.10.10.195. You have installed
XAMPP along with some web pages, php, and forms. You want to put it on the public-facing internet,
but you are not sure if it has any vulnerabilities. On your Kali Linux system, you have downloaded the
nmap-vulners script from GitHub. Which of the following is the correct nmap command to run? -
CORRECT ANSWER✅✅nmap --script nmap-vulners -sV 10.10.10.195
Implementing emergency lighting that runs on protected power and automatically switches on when the
main power goes off is part of which physical control? - CORRECT ANSWER✅✅Employee and visitor
safety
A hacker finds a system that has a poorly design and unpatched program installed. He wants to create a
backdoor for himself. Which of the following tools could he use to establish a backdoor? - CORRECT
ANSWER✅✅Metasploit
Which of the following is considered an out-of-band distribution method for private key encryption? -
CORRECT ANSWER✅✅Copying the key to a USB drive.
Based on your review of physical security, you have recommended several improvements. Your plan
includes smart card readers, IP cameras, signs, and access logs.
Smart cards have the ability to encrypt access information. Smart cards can require contact or be
contactless. Proximity cards, also known as RFID (radio frequency identification) cards, are a subset of
smart cards that use the 125 kHz frequency to communicate with proximity readers. Proximity cards
, differ from smart cards because they are designed to only communicate the card's ID, but the smart
card can communicate more information.
Use IP security cameras because they operate over the TCP/IP network.
Implement your physical security plan by dragging the correct items from the shelf into the various
locations in the building. As you drag the items from the shelf, the possible drop locations are
highlighted. Not all items on the shelf will be used.
In this l - CORRECT ANSWER✅✅LabSim
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an
administrative assistant at the law firm, is having lunch at the food court around the corner from her
office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a
conversation about dogs. Which phase of the social engineering process is Ron in? - CORRECT
ANSWER✅✅Development phase
YuJin drove his smart car to the beach to fly his drone in search of ocean animal activity. Which of the
following operation systems are most likely being used by his car and drone? - CORRECT
ANSWER✅✅Integrity RTOS and snappy
Which of the following is a short-range wireless personal area network that supports low-power, long-
use IoT needs? - CORRECT ANSWER✅✅BLE(Bluetooth low energy)
Mark is moving files from a device that is formatted using NTFS to a device that is formatted using FAT.
Which of the following is he trying to get rid of? - CORRECT ANSWER✅✅Malicious alternate data
streams.
An IDS can perform many types of intrusion detections. Three common detection methods are
signature-based, anomaly-based, and protocol-based. Which of the following best describes protocol-
based detection? - CORRECT ANSWER✅✅This detection method can include malformed messages and
sequencing errors.
What are the two types of Intrusion Detection Systems (IDSs)? - CORRECT ANSWER✅✅HIDS and NIDS
Which of the following best describes what SOX does? - CORRECT ANSWER✅✅Implements accounting
and disclosure requirements that increase transparency.
