ECCouncil Certified Ethical Hacker Exam (CEHv13) Sample Questions:
1. Michael, an ethical hacker at a New York-based e-commerce company, is evaluating the security of their online payment system after a recent incident where fraudulent transactions went undetected. His investigation reveals that the system uses an asymmetric encryption algorithm to ensure the authenticity of payment confirmations. He finds that the algorithm employs a public-key cryptosystem, where the sender signs the transaction with a private key, and the recipient verifies it using a corresponding public key located in a directory. During his test, Michael intercepts a signed message and notices that the algorithm supports modular exponentiation for generating digital signatures, a process critical for verifying the identity of the signatory. He aims to assess if the algorithm's configuration could be vulnerable to a man-in-the-middle attack due to its key structure.
Which asymmetric encryption algorithm should Michael identify as the one used by the payment system?
A) ElGamal
B) RSA
C) Diffie-Hellman
D) DSA
2. During an internal security review at a transportation authority in Columbus, Ohio, a red team analyst positioned himself on the same local network segment as several domain-joined administrative workstations.
Over several hours, he recorded authentication exchanges as legitimate users performed their routine logon activities across the network.
He later analyzed the captured traffic to recover valid credentials associated with privileged accounts. Based on the attacker's actions, how should this password attack be classified?
A) Passive Online Attack
B) Non-Electronic Attack
C) Offline Attack
D) Active Online Attack
3. While simulating a reconnaissance phase against a cloud-hosted retail application, your team attempts to gather DNS records to map the infrastructure. You avoid brute-forcing subdomains and instead aim to collect specific details such as the domain's mail server, authoritative name servers, and potential administrative information such as serial number and refresh interval.
Given these goals, which DNS record type should you query to extract both administrative and technical metadata about the target zone?
A) MX
B) TXT
C) NS
D) SOA
4. As an Ethical Hacker, you have been asked to test an application's vulnerability to SQL injection. During testing, you discover an entry field that appears susceptible. However, the backend database is unknown, and regular SQL injection techniques have failed to produce useful information. Which advanced SQL injection technique should you apply next?
A) Error-Based SQL Injection
B) Union-Based SQL Injection
C) Time-Based Blind SQL Injection
D) Content-Based Blind SQL Injection
5. During a security assessment of a fintech startup in San Francisco, ethical hacker Michael analyzes the company ' s cloud platform. He observes that the system automates deployment, scaling, service discovery, and workload management across multiple nodes, ensuring smooth operation of critical services without requiring manual coordination. Which Kubernetes capability is primarily responsible for these functions?
A) Container orchestration
B) Self-healing
C) Container vulnerabilities
D) Kube-controller-manager
Solutions:
| Question # 1 Answer: B | Question # 2 Answer: A | Question # 3 Answer: D | Question # 4 Answer: C | Question # 5 Answer: A |
We're so confident of our products that we provide no hassle product exchange.


By Dawn

