The Cybersecurity Trail

A path to cyber mastery

EC-Council CEH Practice Tests

CEH v13 Domain 7.2 Practice Test 001

ByThe Test Master

Apr 15, 2026 #CEH, #EC-Council, #ethical hacking, #IoT, #OT

Welcome to this CEH v13 practice test!

This practice test covers Domain 7 (Mobile Platform, IoT, and OT Hacking) Subdomain 2 (IoT and OT Hacking) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link.

CEH v13 Domain 7.2 Practice Test 001
10 questions • 8 single-answer, 2 multi-select
CEH v13 (312-50v13) • Domain 7: Mobile Platform, IoT, and OT Hacking — Sub-Domain 7.2: IoT and OT Hacking
Question 1
During an industrial assessment, an engineer discovers that a PLC device is accessible over the network without authentication. The device accepts commands from any connected host. What is the primary security issue in this scenario?
    Question 2
    A smart home camera is found to have default credentials that have never been changed. An attacker logs in remotely using publicly known credentials. What type of vulnerability is this?
      Question 3
      A security analyst identifies that an IoT device communicates with its cloud server over HTTP instead of HTTPS, exposing data in transit. What vulnerability does this represent?
        Question 4
        An attacker modifies the firmware of an IoT device to include malicious code that persists after reboot. What type of attack is this?
          Question 5
          A factory uses SCADA systems to control industrial processes. An attacker sends unauthorized commands to disrupt operations. What type of attack is being performed?
            Question 6
            Select all that apply
            A security team is assessing IoT device risks. Which TWO common weaknesses are frequently found in IoT environments? (Choose two)
              Question 7
              An attacker scans an IoT network and finds devices exposing Telnet services with no authentication. What risk does this pose?
                Question 8
                A hacker intercepts communication between IoT sensors and a central controller and alters the data being transmitted. What type of attack is this?
                  Question 9
                  A smart thermostat exposes an API that allows unauthenticated users to change temperature settings remotely. What vulnerability does this indicate?
                    Question 10
                    Select all that apply
                    An organization is improving IoT and OT security posture. Which TWO measures are most effective in reducing risk? (Choose two)
                      Answered: 0/10

                      Related Post

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.2 Practice Test 002

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.1 Practice Test 002

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 1.1 Practice Test 002

                      Leave a Reply

                      Your email address will not be published. Required fields are marked *

                      You missed

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.2 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 1.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 9.1 Practice Test 001

                      April 16, 2026 The Test Master