Exam Version 2 Latest Update Certification Test Questions

Certified Ethical Hacker (CEH) V12 Exam Version 2 (Latest Update 2025 / 2026) Certification Test Questions and Answers | Grade A | 100% Correct

Question:

After an audit, the auditors inform you that there is a critical finding that you must tackle immediately. You read the audit report, and the problem is the service running on port 389.

Which service is this and how can you tackle the problem?

• The service is NTP, and you have to change it from UDP to TCP in order to

encrypt it.

• The service is LDAP, and you must change it to 636, which is LDAPS.
• The findings do not require immediate actions and are only suggestions.
• The service is SMTP, and you must change it to SMIME, which is an

encrypted way to send emails.

Answer:

B 1 / 4

Question:

Mike, a security engineer, was recently hired by BigFox Ltd. The company recently experienced disastrous DoS attacks. The management had instructed Mike to build defensive strategies for the company's IT infrastructure to thwart DoS/DDoS attacks. Mike deployed some countermeasures to handle jamming and scrambling attacks.

What is the countermeasure Mike applied to defend against jamming and scrambling attacks?

• Allow the transmission of all types of addressed packets at the ISP level
• Disable TCP SYN cookie protection
• Allow the usage of functions such as gets and strcpy
• Implement cognitive radios in the physical layer

Answer:

D

Question:

You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify whether someone is performing an ARP spoofing attack on your laptop?

• You should check your ARP table and see if there is one IP address with two

different MAC addresses. 2 / 4

• You should scan the network using Nmap to check the MAC addresses of

all the hosts and look for duplicates.

• You should use netstat to check for any suspicious connections with

another IP address within the LAN.

• You cannot identify such an attack and must use a VPN to protect your

traffic.

Answer:

A

Question:

Lewis, a professional hacker, targeted the IoT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the IoT devices connected to a network, open ports and services, and the attack surface area. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network.Which of the following tools was employed by Lewis in the above scenario?

• NeuVector
• Lacework
• Censys
• Wapiti

Answer:

C 3 / 4

Question:

Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule sets are encountered.John decided to perform a TCP SYN ping scan on the target network.

Which of the following Nmap commands must John use to perform the TCP SYN ping scan?

• nmap -sn -PO < target IP address >
• nmap -sn -PS < target IP address >
• nmap -sn -PA < target IP address >
• nmap -sn -PP < target IP address >

Answer:

B

Question:

Ricardo has discovered the username for an application in his target's environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application.

What type of attack is Ricardo performing?

• / 4