CEH v13 Domain 1.1 Practice Test 004

By /

This practice test covers Domain 1 (Information Security and Ethical Hacking Overview) Subdomain 1 (Introduction to Ethical Hacking) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link

CEH v13 Domain 1.1 Practice Test 004
10 questions • 8 single-answer, 2 multi-select
Question 1
Clark, a contracted penetration tester, completes active enumeration of open ports and services on a target network and cross-references discovered software versions against known CVE databases. He documents exploitable weaknesses before initiating any active compromise attempts. Which phase of the CEH hacking methodology does his current activity represent?
    Question 2
    A notorious threat actor breaches a major retailer's customer database and publicly releases millions of stolen credit card numbers purely for personal notoriety, with no financial motive and no ethical authorization from any organization. Security researchers classify this individual based on intent and authorization level. Which type of hacker does this individual represent?
      Question 3
      Elijah, a security analyst, discovers that a ransomware attack has encrypted all files on the company's file servers, rendering critical business documents completely inaccessible to authorized employees. The security team launches an incident response to restore normal operations. Which element of the CIA triad has been primarily violated in this attack?
        Question 4
        A large financial institution hires a professional security firm to evaluate the resilience of its systems by simulating real-world attacks, with written approval and a clearly defined scope provided in advance. The engagement requires the testers to report all findings to the client without exploiting vulnerabilities beyond agreed boundaries. Which term best describes this type of authorized security evaluation?
          Question 5
          Jane, a compliance officer at a U.S. healthcare provider, discovers that the organization has failed to implement required administrative, physical, and technical safeguards protecting electronic patient health records, exposing the company to significant regulatory penalties. She initiates a remediation plan referencing the federal law that governs patient data privacy and security requirements in the United States. Which regulation applies to this scenario?
            Question 6
            A penetration tester observes that an enterprise network employs firewalls, intrusion detection systems, and access control lists at multiple network layers so that a successful bypass of one control does not grant an attacker unrestricted access to all resources. The security architect intentionally designed each layer to be independently enforced, requiring an adversary to overcome multiple controls sequentially. Which security concept does this approach represent?
              Question 7
              Select all that apply
              The security incident response team at a global technology firm identifies two distinct threat actor profiles from recent attack investigations: one group operates with explicit government authorization to conduct cyber espionage against foreign targets, while another group uses publicly available exploit kits with minimal original technical capability. The team must accurately categorize both profiles for their threat intelligence report. Which two attacker categories from the list below match these profiles? (Choose two)
                Question 8
                After successfully exploiting a buffer overflow vulnerability on a target web server, Kevin installs a rootkit and configures an encrypted reverse shell that periodically connects back to his command-and-control infrastructure without triggering antivirus alerts. He ensures uninterrupted remote access even after the server is rebooted or its administrator credentials are changed. Which phase of the hacking lifecycle does Kevin's current activity represent?
                  Question 9
                  Select all that apply
                  A security architect designing a defense strategy for a corporate headquarters must select one physical deterrent and one technical preventive control from an approved list for the initial deployment phase. The organization's layered security policy requires that controls from both the physical and technical categories be independently implemented to address threats at different enforcement layers. Which two of the following controls belong to different security categories? (Choose two)
                    Question 10
                    An e-commerce company that processes payment card transactions on behalf of multiple international banks must comply with a global security standard mandating encryption of cardholder data at rest and in transit, network segmentation of the cardholder data environment, and quarterly external vulnerability scanning by an approved vendor. A recent third-party audit identifies multiple gaps in cardholder data environment controls that expose the company to financial penalties and potential loss of card processing privileges. Which compliance framework governs these requirements?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top