CEH v13 Domain 6.1 Practice Test 004

By /

This practice test covers Domain 6 (Wireless Network Hacking) Subdomain 1 (Hacking Wireless Networks) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link

CEH v13 Domain 6.1 Practice Test 004
10 questions • 8 single-answer, 2 multi-select
Question 1
During a wireless assessment, a penetration tester captures a single frame directly from the access point without waiting for any clients to associate. She then runs an offline dictionary attack against the captured value to recover the WPA2 passphrase. Which attack did she perform?
    Question 2
    Kevin sets up a rogue access point broadcasting the same network name as the corporate Wi-Fi at a coffee shop near the office. Employee devices automatically associate with his stronger signal, and he harvests their credentials through a fake captive portal. What attack is Kevin conducting?
      Question 3
      A security researcher demonstrates decrypting and forging wireless frames on a WPA2 network without ever recovering the passphrase. He achieves this by exploiting a flaw in the WPA2 standard's handshake implementation itself. Which attack is being demonstrated?
        Question 4
        Select all that apply
        A security analyst is auditing the wireless encryption standards deployed across an enterprise. She must flag the protocols now considered insecure and recommend they be replaced. Which two standards should she flag? (Choose two)
          Question 5
          Jane drives slowly through a business district with a laptop, a GPS unit, and a high-gain antenna mounted on her vehicle. She records the locations and signal details of every wireless network she detects along the route. Which activity is Jane performing?
            Question 6
            A penetration tester needs to capture a WPA2 four-way handshake and then run an offline dictionary attack against the captured file. He wants one suite that handles monitor mode, packet capture, and cracking together. Which tool suite should he use?
              Question 7
              During an engagement, Elijah repeatedly sends spoofed management frames to knock a client off the access point. His goal is to force the client to reconnect so he can capture the resulting handshake. Which technique is Elijah using?
                Question 8
                Select all that apply
                An auditor reviews threats targeting Bluetooth-enabled devices across a corporate office. She needs to list attacks that specifically abuse Bluetooth connectivity. Which of the following are Bluetooth attacks? (Choose two)
                  Question 9
                  A tester finds that Wi-Fi Protected Setup is enabled on a router with no lockout policy in place. He runs an automated tool that recovers the WPA2 passphrase without ever capturing a handshake. Which attack did he execute?
                    Question 10
                    A network administrator wants to stop attackers from spoofing the messages used to disconnect wireless clients. She enables a WPA3 feature that cryptographically authenticates these administrative frames. Which protection has she enabled?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top