The Certified Ethical Hacker (CEH) exam is a challenging and comprehensive test that evaluates a candidate’s knowledge of network security, ethical hacking techniques, and threat management. To succeed, it’s essential not only to study the theory but also to practice with realistic questions that reflect the exam format and complexity.

In this article, we’ve compiled 15 free CEH practice questions with detailed answers and explanations. These questions cover a range of topics from the CEH v12 blueprint and are designed to help you test your knowledge, identify weak areas, and boost your confidence before exam day.

CEH Practice Questions and Answers

Question 1:

You are conducting a reconnaissance phase for a penetration test. Which tool would best help you identify open ports and services running on a target machine?

A. Nikto
B. Nmap
C. Metasploit
D. Aircrack-ng

Answer: B. Nmap
Explanation: Nmap is a widely used network scanner that helps identify live hosts, open ports, and running services on a target system.

Question 2:

Which of the following best describes “footprinting” in ethical hacking?

A. Exploiting vulnerabilities
B. Gaining unauthorized access
C. Gathering target information
D. Launching DoS attacks

Answer: C. Gathering target information
Explanation: Footprinting is the first step in the hacking process, where attackers collect as much information as possible about a target to identify potential entry points.

Question 3:

What type of attack involves sending multiple ICMP echo requests to a victim to overload their network?

A. Smurf attack
B. Man-in-the-middle attack
C. ARP poisoning
D. SQL injection

Answer: A. Smurf attack
Explanation: A Smurf attack floods a victim’s network with ICMP echo requests, causing denial of service.

Question 4:

Which tool is commonly used for password cracking in ethical hacking?

A. Wireshark
B. John the Ripper
C. Nikto
D. Netcat

Answer: B. John the Ripper
Explanation: John the Ripper is a fast password cracker widely used in penetration testing.

Question 5:

What is the default port number for HTTP?

A. 443
B. 21
C. 80
D. 22

Answer: C. 80
Explanation: Port 80 is the default port for HTTP web traffic, while 443 is used for HTTPS.

Question 6:

During a penetration test, you use aircrack-ng. What type of system are you targeting?

A. Web server
B. Wireless network
C. FTP server
D. Active Directory

Answer: B. Wireless network
Explanation: Aircrack-ng is used to crack WEP and WPA/WPA2 keys in Wi-Fi networks.

Question 7:

What kind of attack is primarily aimed at exploiting vulnerabilities in a web application?

A. ARP spoofing
B. XSS
C. Packet sniffing
D. DNS spoofing

Answer: B. XSS
Explanation: Cross-Site Scripting (XSS) exploits weaknesses in web applications to inject malicious scripts into webpages.

Question 8:

Which of the following is an example of active information gathering?

A. Google search
B. Whois lookup
C. Port scanning
D. Social media profiling

Answer: C. Port scanning
Explanation: Port scanning directly interacts with the target system, making it an example of active information gathering.

Question 9:

Which of these is a common method used for privilege escalation?

A. VPN tunneling
B. Buffer overflow
C. Port forwarding
D. Subnet masking

Answer: B. Buffer overflow
Explanation: Buffer overflow attacks exploit software vulnerabilities to gain higher privileges on a system.

Question 10:

What does the acronym “OWASP” stand for?

A. Open Web Application Security Project
B. Open Wireless Access Scanning Program
C. Online Web Attacks Security Protocol
D. Open Web Anonymous Security Platform

Answer: A. Open Web Application Security Project
Explanation: OWASP is a non-profit organization that focuses on improving web application security.

Question 11:

Which tool allows an attacker to set up a fake login page to capture credentials?

A. Nikto
B. Metasploit
C. Social Engineer Toolkit (SET)
D. Wireshark

Answer: C. Social Engineer Toolkit (SET)
Explanation: SET is designed to perform social engineering attacks, including phishing using fake web pages.

Question 12:

You are analyzing packets to identify unusual network traffic. Which tool is most appropriate?

A. Netcat
B. Nmap
C. Burp Suite
D. Wireshark

Answer: D. Wireshark
Explanation: Wireshark captures and analyzes network traffic to help identify security anomalies.

Question 13:

Which of the following techniques is used in session hijacking?

A. ARP spoofing
B. SQL injection
C. DNS enumeration
D. XSS

Answer: A. ARP spoofing
Explanation: ARP spoofing can help intercept network traffic and hijack sessions between users and servers.

Question 14:

What is the main purpose of penetration testing?

A. To install firewalls and antivirus
B. To simulate real-world attacks and identify vulnerabilities
C. To monitor user behavior on the network
D. To encrypt all internal traffic

Answer: B. To simulate real-world attacks and identify vulnerabilities
Explanation: Penetration testing mimics the actions of malicious hackers to discover weaknesses before they can be exploited.

Question 15:

Which port is commonly used by SSH?

A. 21
B. 22
C. 25
D. 110

Answer: B. 22
Explanation: Port 22 is the standard port used by Secure Shell (SSH) for secure remote access.

CEH Domains Covered in These Questions

The above questions span several key CEH v12 exam domains, including:

• Information Security and Ethical Hacking Overview
• Reconnaissance Techniques
• System Hacking Phases
• Wireless Network Security
• Web Application Hacking
• Malware and Attack Vectors
• Cryptography and Risk Management

Familiarity with all of these domains is crucial to passing the CEH exam.

How to Use Practice Questions Effectively

Here are a few tips to get the most out of CEH practice questions:

1. Track Your Progress

Use a spreadsheet or app to monitor your scores and spot recurring weak areas.

2. Time Your Sessions

Simulate exam conditions by timing yourself—125 questions in 4 hours equals about 2 minutes per question.

3. Review Explanations Thoroughly

Understanding why an answer is right or wrong is more important than memorizing.

4. Use Questions as Learning Tools

Each question can guide you toward topics that need review or further practice in labs.

5. Combine with Hands-On Practice

If a question mentions Metasploit or Wireshark, spend time using the tool in a lab environment like TryHackMe, Hack The Box, or EC-Council iLabs.

Bonus Resources for CEH Exam Prep

Here are some platforms offering more free and premium CEH practice questions: