CEH v13 Domain 1 Practice Test 001

Question 1

A security professional is explaining the differences between various threat actor categories to a junior analyst. The professional describes a group that is sponsored by a nation-state, operates with significant funding and resources, and focuses on long-term espionage rather than immediate financial gain. Which type of threat actor is being described?

A. Hacktivist B. Script kiddie C. Advanced Persistent Threat (APT) actor D. Insider threat

Question 2

Which of the following best describes the CIA Triad and its relevance to information security?

A. A framework that addresses Confidentiality, Integrity, and Availability as the three core pillars of securing information assets B. A U.S. government intelligence framework used exclusively for classifying national security data C. A hacking methodology that covers Compromise, Intrusion, and Access phases of an attack D. A compliance standard that mandates encryption for all data at rest and in transit

Question 3

Kevin, a professional hacker, is preparing to conduct an authorized penetration test against a financial institution. Before beginning any active testing, Kevin obtains a signed document from the client that defines the scope, rules of engagement, systems in scope, and legal protections for both parties. What is this document called?

A. Non-Disclosure Agreement (NDA) B. Rules of Engagement (RoE) addendum C. Statement of Work (SoW) D. Rules of Engagement (RoE) / Penetration Testing Agreement

Question 4

During a security awareness training session, an instructor outlines the five phases of the ethical hacking methodology in correct sequential order. Which of the following represents the correct sequence?

A. Scanning → Reconnaissance → Gaining Access → Maintaining Access → Covering Tracks B. Reconnaissance → Scanning → Gaining Access → Maintaining Access → Covering Tracks C. Reconnaissance → Gaining Access → Scanning → Escalating Privileges → Covering Tracks D. Scanning → Gaining Access → Reconnaissance → Maintaining Access → Reporting

Question 5

An organization implements a security control that does not prevent an attack from occurring but instead records all activity, generates alerts, and produces forensic evidence after a breach has taken place. Which category of security control does this describe?

A. Preventive control B. Deterrent control C. Detective control D. Corrective control

Question 6

Select all that apply

Clark, a penetration tester, is reviewing the legal and regulatory landscape before conducting a test for a healthcare client in the United States. The client processes protected health information (PHI) and also accepts credit card payments. Which two laws or standards are MOST directly applicable to this client's environment and should be considered during the engagement? (Select two.)

A. GDPR B. HIPAA C. SOX D. PCI DSS E. FISMA

Question 7

Which of the following statements most accurately distinguishes a vulnerability from an exploit in the context of information security?

A. A vulnerability is a tool used by attackers, while an exploit is a weakness in a system B. A vulnerability is a weakness or flaw in a system, while an exploit is the technique or code used to take advantage of that weakness C. A vulnerability and an exploit are interchangeable terms that both refer to attack methods D. A vulnerability is always software-based, while an exploit can be physical or logical

Question 8

Jane is working as an ethical hacker and is conducting a penetration test in which the client has provided her with full knowledge of the internal network architecture, IP schema, source code, and credentials. What type of penetration test is Jane performing?

A. Black-box testing B. Gray-box testing C. White-box testing D. Blind testing

Question 9

An organization wants to implement a proactive security model rather than a purely reactive one. A security architect proposes adopting a framework that shifts the assumption from 'the network is safe' to 'never trust, always verify,' requiring continuous authentication and least-privilege access for all users and devices regardless of network location. Which security model is being described?

A. Defense-in-Depth B. Zero Trust Architecture C. Bell-LaPadula Model D. Separation of Duties

Question 10

Select all that apply

A security manager is implementing information security controls for a mid-sized enterprise. She wants to ensure that controls are categorized properly according to their function. Which TWO of the following are examples of administrative (managerial) controls? (Select two.)

A. Firewall rule sets B. Security awareness training program C. Biometric access control system D. Acceptable Use Policy (AUP) E. Intrusion Detection System (IDS)

ByThe Test Master

Related Post

CEH v13 Domain 3.3 Practice Test 002

CEH v13 Domain 3.2 Practice Test 002

CEH v13 Domain 3.1 Practice Test 002

Leave a Reply Cancel reply

You missed

CEH v13 Domain 3.3 Practice Test 002

CEH v13 Domain 3.2 Practice Test 002

CEH v13 Domain 3.1 Practice Test 002

CEH v13 Domain 2.3 Practice Test 002