Free CEH Practice

Free Certified Ethical Hacker (CEH) Quiz

Test your CEH v12 knowledge with this free practice quiz. Questions cover all major ethical hacking phases: footprinting, scanning, enumeration, exploitation, system hacking, malware, web application attacks, wireless hacking, and cryptography.

Designed for cybersecurity professionals in Australia preparing for the EC-Council CEH certification.

Explore IT Courses

CEH Ready? Start the Free Quiz

Answer the multiple-choice questions below and submit to see how many you got right. A new randomised set is drawn from the question bank each session.

Select an answer to start0%
01Which footprinting technique involves querying publicly available DNS records to gather information about a target organization?
02Which WHOIS server is authoritative for .com and .net top-level domain registrations?
03An attacker uses Google search operators such as 'site:', 'filetype:', and 'inurl:' to find sensitive information about a target. This technique is known as:
04Which tool is specifically designed for footprinting and gathering OSINT (Open Source Intelligence) about a target?
05Which protocol can an attacker query to determine the email server of a target domain during footprinting?
06Which Nmap scan type sends a TCP packet with only the SYN flag set and is considered a 'stealth' scan because it does not complete the three-way handshake?
07An attacker sends a TCP packet with the FIN, URG, and PSH flags set to a target port. What type of scan is this?
08Which ICMP type and code is used in a standard ping (echo request)?
09Which tool is commonly used to perform OS fingerprinting based on analysis of TCP/IP stack behaviour?
10What does the acronym 'IDS' stand for and how does banner grabbing relate to it?
11Which protocol/port combination is most commonly targeted for NetBIOS enumeration on Windows networks?
12An attacker uses the 'enum4linux' tool against a target. Which service is primarily being enumerated?
13Which SNMP version sends community strings in cleartext, making it vulnerable to sniffing?
14Which command-line tool can be used to enumerate Active Directory users using LDAP queries?
15During SMTP enumeration, which command is used to verify whether a specific user exists on the mail server?
16Which scoring system is used to assess the severity of security vulnerabilities on a scale of 0–10?
17Which vulnerability scanner is widely used in enterprise environments and provides credentialed and non-credentialed scans?
18What is the primary difference between a vulnerability scan and a penetration test?
19Which phase of system hacking involves gaining access to additional accounts or systems beyond the initial compromise?
20Which technique allows an attacker to elevate privileges on a Windows system by exploiting improperly configured service permissions?
21What is 'Pass-the-Hash' (PtH)?
22Which Windows tool stores password hashes in the SAM (Security Account Manager) database, and what algorithm protects them?
23What is steganography in the context of covering tracks?
24Which type of malware disguises itself as legitimate software but contains malicious code that executes when the program is run?
25What distinguishes a computer worm from a virus?
Ask anything!