CEH v13 Domain 4.2 Practice Test 004

This practice test covers Domain 4 (Network and Perimeter Hacking) Subdomain 2 (Social Engineering) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link

CEH v13 Domain 4.2 Practice Test 004

10 questions • 8 single-answer, 2 multi-select

Question 1

A penetration tester emails the finance department posing as the CFO and urgently demands an immediate wire transfer to a new vendor account before end of day. The message uses a spoofed display name, references a real ongoing acquisition, and applies time pressure to discourage verification. Which targeted attack is the tester simulating?

A. Whaling / BEC B. Tailgating C. Dumpster diving D. Watering hole attack

Question 2

Jane, a red team operator, leaves several USB drives labeled "Q3 Layoffs - Confidential" in the company parking lot and break room. The drives contain a payload that beacons back when an employee plugs one in out of curiosity. Which social engineering technique is Jane using?

A. Baiting B. Vishing C. Pretexting D. Quid pro quo

Question 3

An attacker calls the IT help desk claiming to be a traveling regional manager who is locked out and needs an urgent password reset before a board meeting. He cannot complete the standard callback verification but pressures the agent by name-dropping executives and citing a deadline. Which control most directly mitigates this attempt?

A. Identity verification procedures B. Antivirus signatures C. Network segmentation D. Full disk encryption

Question 4

Select all that apply

During an engagement, Elijah registers a domain that visually resembles the client's payroll portal and sends staff a link warning their direct deposit will be suspended. The cloned page harvests credentials submitted by employees who do not notice the altered URL. Which two techniques are combined in this attack? (Choose two)

A. Phishing B. Typosquatting C. ARP poisoning D. Shoulder surfing E. SQL injection

Question 5

A disgruntled systems administrator who is leaving the company copies sensitive customer databases to a personal cloud account during his final week. He still holds privileged access and operates entirely within his normal duties, making detection difficult. Which threat category best describes this individual?

A. Malicious insider B. Script kiddie C. Hacktivist D. Nation-state actor

Question 6

Clark follows closely behind an employee carrying boxes and slips through a badge-controlled door before it closes, without presenting any credentials. Once inside, he plugs a rogue device into an open network jack in an empty conference room. Which physical social engineering technique did Clark use to gain entry?

A. Tailgating B. Eavesdropping C. Diversion theft D. Reverse social engineering

Question 7

Select all that apply

A security awareness team wants to reduce the success of attacks that exploit human trust rather than technical flaws. They are designing layered defenses against pretexting, phishing, and impersonation across the organization. Which two countermeasures most directly address these human-focused attacks? (Choose two)

A. Security awareness training B. Strict identity verification policies C. Increasing switch port speed D. Disabling IPv6 E. Raising the DHCP lease time

Question 8

An attacker monitors a target's social media and learns she frequently visits a niche industry forum for procurement professionals. He compromises that forum and plants a drive-by exploit so her browser is infected when she next logs in. Which attack strategy is being used?

A. Watering hole attack B. Whaling C. Dumpster diving D. Smishing

Question 9

A criminal collects a victim's full name, date of birth, and Social Security number from a leaked breach dump and discarded mail. He then opens new credit card accounts and files a fraudulent tax return in the victim's name. Which crime has the attacker committed?

A. Identity theft B. Session hijacking C. Credential stuffing D. Privilege escalation

Question 10

An attacker poses as a third-party HVAC technician and calls an employee, first creating a minor fake problem and then offering to fix it if the employee installs a remote tool. The employee, grateful for the help, follows the instructions and grants access. Which social engineering technique combines a fabricated role with the victim seeking assistance?

A. Reverse social engineering B. Tailgating C. Baiting D. Eavesdropping

Related Posts

Leave a Comment Cancel Reply