Ceh 312 50v9 Certified Ethical Hacker Exam V9 Practice Test - Set 1
Test your knowledge with this Ceh 312 50v9 Certified Ethical Hacker Exam V9 mock exam. Get real-world IT questions and prepare for certification success.
312-50v9: Certified Ethical Hacker v9 (CEH v9) - Exam Information
Exam Information
Exam Code
Ceh 312 50v9 Certified Ethical Hacker Exam V9
Exam Title
312-50v9: Certified Ethical Hacker v9 (CEH v9)
Vendor
CEH
Difficulty
Advanced
Duration
4 Hours
Question Format
Multiple Choice
Last Updated
March 10, 2025
An earlier version of CEH focusing on core ethical hacking concepts and techniques.
3. What is the primary goal of ethical hacking in CEH v9?
To secure IT systems by identifying vulnerabilities
To exploit vulnerabilities for personal gain
To disable security features
To create new hacking tools
✅ Correct Answer: To secure IT systems by identifying vulnerabilities
4. Which tool is commonly used for network scanning in CEH v9?
Nmap
Wireshark
Metasploit
John the Ripper
✅ Correct Answer: Nmap
5. What is the purpose of a vulnerability scanner in CEH v9?
To identify security weaknesses in a system
To exploit vulnerabilities
To intercept network traffic
To crack passwords
✅ Correct Answer: To identify security weaknesses in a system
6. Which attack involves intercepting communication between two parties?
Man-in-the-Middle (MITM)
Phishing
SQL Injection
Denial of Service (DoS)
✅ Correct Answer: Man-in-the-Middle (MITM)
7. What is the primary purpose of a firewall in CEH v9?
To block unauthorized access to a network
To encrypt sensitive data
To crack passwords
To intercept network traffic
✅ Correct Answer: To block unauthorized access to a network
8. Which protocol is commonly exploited in DNS spoofing attacks?
DNS
HTTP
HTTPS
FTP
✅ Correct Answer: DNS
9. What is the primary goal of a Denial of Service (DoS) attack?
To overwhelm a system and make it unavailable
To steal sensitive data
To intercept network traffic
To crack passwords
✅ Correct Answer: To overwhelm a system and make it unavailable
10. Which tool is used for password cracking in CEH v9?
John the Ripper
Nmap
Wireshark
Metasploit
✅ Correct Answer: John the Ripper
11. What is the purpose of a honeypot in CEH v9?
To detect and analyze attacks
To block unauthorized access
To encrypt sensitive data
To crack passwords
✅ Correct Answer: To detect and analyze attacks
12. Which attack involves injecting malicious SQL queries into an application?
SQL Injection
Phishing
MITM
DoS
✅ Correct Answer: SQL Injection
13. What is the purpose of a rootkit in CEH v9?
To gain unauthorized access and hide malicious activity
To encrypt sensitive data
To intercept network traffic
To crack passwords
✅ Correct Answer: To gain unauthorized access and hide malicious activity
14. Which tool is used for packet sniffing in CEH v9?
Wireshark
Nmap
Metasploit
John the Ripper
✅ Correct Answer: Wireshark
15. What is the purpose of a buffer overflow attack?
To execute arbitrary code by overwriting memory
To intercept network traffic
To crack passwords
To encrypt sensitive data
✅ Correct Answer: To execute arbitrary code by overwriting memory
16. Which attack involves tricking users into revealing sensitive information?
Phishing
SQL Injection
MITM
DoS
✅ Correct Answer: Phishing
17. What is the purpose of a vulnerability assessment in CEH v9?
To identify and prioritize security weaknesses
To exploit vulnerabilities
To intercept network traffic
To crack passwords
✅ Correct Answer: To identify and prioritize security weaknesses
18. Which tool is used for exploiting vulnerabilities in CEH v9?
Metasploit
Nmap
Wireshark
John the Ripper
✅ Correct Answer: Metasploit
19. What is the purpose of a reverse shell in CEH v9?
To gain remote control of a target system
To intercept network traffic
To crack passwords
To encrypt sensitive data
✅ Correct Answer: To gain remote control of a target system
20. Which attack involves overwhelming a system with traffic?
Denial of Service (DoS)
Phishing
SQL Injection
MITM
✅ Correct Answer: Denial of Service (DoS)
21. Which type of scan sends TCP packets with all flags cleared?
NULL scan
SYN scan
XMAS scan
ACK scan
✅ Correct Answer: NULL scan
22. What does the "-sV" flag do in Nmap?
Service version detection
OS fingerprinting
Script scanning
Ping sweep
✅ Correct Answer: Service version detection
23. Which protocol does the "ping" command use?
ICMP
TCP
UDP
ARP
✅ Correct Answer: ICMP
24. What is the primary purpose of Netcat?
Network debugging and data transfer
Password cracking
Vulnerability scanning
Traffic encryption
✅ Correct Answer: Network debugging and data transfer
25. Which tool is specifically designed for brute-forcing directories on web servers?
DirBuster
Metasploit
Nessus
Wireshark
✅ Correct Answer: DirBuster
26. What does a FIN scan determine?
Firewall configuration
OS version
Service versions
User accounts
✅ Correct Answer: Firewall configuration
27. Which registry hive contains SAM database information?
HKEY_LOCAL_MACHINE
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
HKEY_USERS
✅ Correct Answer: HKEY_LOCAL_MACHINE
28. What is the purpose of the "sticky bit" in Linux?
Maintain file permissions after execution
Encrypt file contents
Hide files from listing
Prevent file deletion
✅ Correct Answer: Maintain file permissions after execution
29. Which tool can extract password hashes from Windows memory?
Mimikatz
John the Ripper
Hashcat
Cain & Abel
✅ Correct Answer: Mimikatz
30. What does a rainbow table contain?
Precomputed password hashes
Network vulnerabilities
Exploit code
Malware signatures
✅ Correct Answer: Precomputed password hashes
31. Which privilege escalation technique abuses SUID binaries?
SUID bit exploitation
DLL hijacking
ARP poisoning
SQL injection
✅ Correct Answer: SUID bit exploitation
32. What is the primary characteristic of a worm?
Self-replication without user intervention
Requires a host file
Displays ads
Encrypts files for ransom
✅ Correct Answer: Self-replication without user intervention
33. Which malware type hides its presence on a system?
Rootkit
Trojan
Virus
Spyware
✅ Correct Answer: Rootkit
34. What does a logic bomb require to execute?
Specific trigger condition
Network connection
User interaction
Physical access
✅ Correct Answer: Specific trigger condition
35. Which tool is used for analyzing malware in a sandbox?
Cuckoo Sandbox
Nmap
Wireshark
Metasploit
✅ Correct Answer: Cuckoo Sandbox
36. What is ARP spoofing primarily used for?
Man-in-the-middle attacks
Denial of service
Password cracking
Port scanning
✅ Correct Answer: Man-in-the-middle attacks
37. Which tool can perform MAC flooding attacks?
macof
Nmap
Wireshark
John the Ripper
✅ Correct Answer: macof
38. What does DHCP starvation attack accomplish?
Exhausts DHCP server IP pool
Cracks DHCP passwords
Encrypts DHCP traffic
Spoofs MAC addresses
✅ Correct Answer: Exhausts DHCP server IP pool
39. Which protocol is vulnerable to sniffing attacks?
Telnet
SSH
HTTPS
SFTP
✅ Correct Answer: Telnet
40. What is the primary defense against sniffing attacks?
Encryption
Firewalls
Antivirus
IDS
✅ Correct Answer: Encryption
41. Which social engineering technique involves creating a fake scenario?
Pretexting
Phishing
Vishing
Baiting
✅ Correct Answer: Pretexting
42. What is tailgating in physical security?
Following someone through secured access
Sending malicious emails
Network eavesdropping
Password cracking
✅ Correct Answer: Following someone through secured access
43. Which tool is part of the Social Engineering Toolkit (SET)?
Spear-phishing attack vector
Nmap
Wireshark
Metasploit
✅ Correct Answer: Spear-phishing attack vector
44. What is the difference between phishing and spear-phishing?
Target specificity
Attack vector
Encryption used
Malware payload
✅ Correct Answer: Target specificity
45. Which attack uses phone calls for social engineering?
Vishing
Smishing
Pharming
Shoulder surfing
✅ Correct Answer: Vishing
46. What is the primary difference between DoS and DDoS?
Number of attack sources
Attack duration
Target systems
Exploited vulnerabilities
✅ Correct Answer: Number of attack sources
47. Which tool can perform HTTP flood attacks?
LOIC
Nmap
Wireshark
Metasploit
✅ Correct Answer: LOIC
48. What does a SYN flood attack exploit?
TCP three-way handshake
HTTP headers
DNS resolution
ARP protocol
✅ Correct Answer: TCP three-way handshake
49. Which attack overwhelms a target with ICMP packets?
Ping flood
SYN flood
HTTP flood
UDP flood
✅ Correct Answer: Ping flood
50. What is the primary defense against DDoS attacks?
Traffic filtering
Strong passwords
Encryption
Antivirus
✅ Correct Answer: Traffic filtering
51. What is session fixation?
Setting session ID before authentication
Stealing cookies
Brute-forcing credentials
Exploiting buffer overflows
✅ Correct Answer: Setting session ID before authentication
52. Which tool can perform MITM attacks?
Ettercap
Hydra
John the Ripper
Sqlmap
✅ Correct Answer: Ettercap
53. What is the primary defense against session hijacking?
HTTPS and secure cookies
Firewalls
Antivirus
Encryption
✅ Correct Answer: HTTPS and secure cookies
54. Which attack steals session tokens through XSS?
Session hijacking
SQL injection
CSRF
Phishing
✅ Correct Answer: Session hijacking
55. What does CSRF exploit?
Authenticated user sessions
Network protocols
OS vulnerabilities
Physical access
✅ Correct Answer: Authenticated user sessions
56. Which tool is specifically designed for SQL injection testing?
Sqlmap
Metasploit
Nmap
Wireshark
✅ Correct Answer: Sqlmap
57. What is the primary defense against XSS?
Input validation and output encoding
Firewalls
Antivirus
Encryption
✅ Correct Answer: Input validation and output encoding
58. Which attack manipulates file paths to access unauthorized directories?
Directory traversal
CSRF
Phishing
DDoS
✅ Correct Answer: Directory traversal
59. What is the purpose of Burp Suite?
Web application testing
Network scanning
Password cracking
Malware analysis
✅ Correct Answer: Web application testing
60. Which HTTP header prevents clickjacking?
X-Frame-Options
Content-Security-Policy
Strict-Transport-Security
X-XSS-Protection
✅ Correct Answer: X-Frame-Options
61. Which WiFi encryption is most vulnerable to attacks?
WEP
WPA
WPA2
WPA3
✅ Correct Answer: WEP
62. What does an evil twin attack create?
Rogue access point
Duplicate packets
Fake certificates
Spoofed MAC addresses
✅ Correct Answer: Rogue access point
63. Which tool cracks WPA handshakes?
Aircrack-ng
Wireshark
Nmap
Metasploit
✅ Correct Answer: Aircrack-ng
64. What is wardriving?
Locating wireless networks
Cracking passwords
Sniffing traffic
Launching DDoS
✅ Correct Answer: Locating wireless networks
65. Which attack targets WPS?
PIN brute-forcing
Packet injection
MAC spoofing
ARP poisoning
✅ Correct Answer: PIN brute-forcing
66. What does the "chmod 777" command do in Linux?
Gives full permissions to all users
Encrypts files
Hides files
Deletes files
✅ Correct Answer: Gives full permissions to all users
67. Which Windows command displays active connections?
netstat
ipconfig
tracert
nslookup
✅ Correct Answer: netstat
68. What is the purpose of the "grep" command?
Search text patterns
Edit files
Manage processes
Monitor network
✅ Correct Answer: Search text patterns
69. Which tool is used for Windows password recovery?
Ophcrack
Nmap
Wireshark
Metasploit
✅ Correct Answer: Ophcrack
70. What does the "traceroute" command show?
Network path to destination
Open ports
Running services
User accounts
✅ Correct Answer: Network path to destination
71. Which protocol does the "tracert" command use?
ICMP
TCP
UDP
ARP
✅ Correct Answer: ICMP
72. What is the purpose of the "find" command in Linux?
Locate files
Search text
Manage users
Monitor processes
✅ Correct Answer: Locate files
73. Which Windows utility shows scheduled tasks?
Task Scheduler
Event Viewer
Device Manager
Registry Editor
✅ Correct Answer: Task Scheduler
74. What does the "ifconfig" command display?
Network interface configuration
Routing tables
Active connections
DNS settings
✅ Correct Answer: Network interface configuration
75. Which tool is used for Windows registry editing?
regedit
cmd
msconfig
gpedit
✅ Correct Answer: regedit
76. What is the purpose of the "route" command?
View/modify routing tables
Test connectivity
Monitor traffic
Manage services
✅ Correct Answer: View/modify routing tables
77. Which command shows ARP cache in Windows?
arp -a
ipconfig /all
netstat -ano
tracert
✅ Correct Answer: arp -a
78. What does the "net user" command do in Windows?
Manage user accounts
Configure network settings
Display system info
Test network speed
✅ Correct Answer: Manage user accounts
79. Which Linux command changes file permissions?
chmod
chown
ps
grep
✅ Correct Answer: chmod
80. What is the purpose of the "ps" command in Linux?
Display running processes
Search files
Edit text
Manage users
✅ Correct Answer: Display running processes
81. Which tool is used for Windows event log analysis?
Event Viewer
Task Manager
Registry Editor
Command Prompt
✅ Correct Answer: Event Viewer
82. What does the "whoami" command display?
Current username
System info
Network config
Running services
✅ Correct Answer: Current username
83. Which command shows listening ports in Linux?
netstat -tulpn
ifconfig
route
traceroute
✅ Correct Answer: netstat -tulpn
84. What is the purpose of the "crontab" command?
Schedule tasks
Edit files
Manage users
Monitor network
✅ Correct Answer: Schedule tasks
85. Which Windows command displays system information?
systeminfo
ipconfig
netstat
tracert
✅ Correct Answer: systeminfo
86. What does the "kill" command do in Linux?
Terminate processes
Delete files
Stop services
Block users
✅ Correct Answer: Terminate processes
87. Which tool is used for Windows service management?
services.msc
regedit
cmd
taskmgr
✅ Correct Answer: services.msc
88. What is the purpose of the "uname" command?
Display system info
Manage users
Edit files
Test network
✅ Correct Answer: Display system info
89. Which command shows disk usage in Linux?
df
du
free
top
✅ Correct Answer: df
90. What does the "iptables" command configure?
Firewall rules
Network interfaces
Routing tables
DNS settings
✅ Correct Answer: Firewall rules
91. Which tool is used for Windows disk management?
diskmgmt.msc
regedit
cmd
msconfig
✅ Correct Answer: diskmgmt.msc
92. What is the purpose of the "lsof" command?
List open files
Search text
Manage processes
Monitor network
✅ Correct Answer: List open files
93. Which Windows command displays group policy settings?
gpresult
netstat
ipconfig
systeminfo
✅ Correct Answer: gpresult
94. What does the "mount" command do in Linux?
Attach filesystems
Format disks
Partition drives
Check disk health
✅ Correct Answer: Attach filesystems
95. Which tool is used for Windows performance monitoring?
perfmon
taskmgr
regedit
cmd
✅ Correct Answer: perfmon
96. What is the purpose of the "ssh-keygen" command?
Create SSH keys
Test SSH connection
Monitor SSH traffic
Encrypt files
✅ Correct Answer: Create SSH keys
97. Which command shows memory usage in Linux?
free
top
vmstat
df
✅ Correct Answer: free
98. What does the "sc" command manage in Windows?
Services
Scheduled tasks
Network config
User accounts
✅ Correct Answer: Services
99. Which tool is used for Windows registry backup?
regedit
cmd
msconfig
gpedit
✅ Correct Answer: regedit
100. What is the purpose of the "dig" command?
DNS lookup
Ping hosts
Trace routes
Scan ports
✅ Correct Answer: DNS lookup
101. Which command shows environment variables in Linux?
printenv
env
set
export
✅ Correct Answer: printenv
102. What does the "tasklist" command display in Windows?
Running processes
Scheduled tasks
User accounts
Network connections
✅ Correct Answer: Running processes
103. Which tool is used for Windows startup program management?
msconfig
regedit
cmd
gpedit
✅ Correct Answer: msconfig
104. What is the purpose of the "wget" command?
Download files
Search web
Monitor network
Test connectivity
✅ Correct Answer: Download files
105. Which command shows logged-in users in Linux?
who
w
last
users
✅ Correct Answer: who
106. What does the "netstat -ano" command show in Windows?
All connections with process IDs
ARP cache
Routing table
Interface config
✅ Correct Answer: All connections with process IDs
107. Which tool is used for Windows group policy editing?
gpedit.msc
regedit
cmd
msconfig
✅ Correct Answer: gpedit.msc
108. What is the purpose of the "curl" command?
Transfer data with URLs
Search files
Monitor processes
Manage users
✅ Correct Answer: Transfer data with URLs
109. Which command shows command history in Linux?
history
last
who
w
✅ Correct Answer: history
110. What does the "ipconfig /flushdns" command do?
Clear DNS cache
Renew IP address
Display config
Test connectivity
✅ Correct Answer: Clear DNS cache
111. Which tool is used for Windows task management?
taskmgr
regedit
cmd
msconfig
✅ Correct Answer: taskmgr
112. What is the purpose of the "alias" command?
Create command shortcuts
List files
Search text
Manage users
✅ Correct Answer: Create command shortcuts
113. Which command shows system uptime in Linux?
uptime
top
free
vmstat
✅ Correct Answer: uptime
114. What does the "nslookup" command do?
Query DNS servers
Ping hosts
Trace routes
Scan ports
✅ Correct Answer: Query DNS servers
115. Which tool is used for Windows driver management?
devmgmt.msc
regedit
cmd
msconfig
✅ Correct Answer: devmgmt.msc
116. What is the purpose of the "tar" command?
Archive files
Compress files
Encrypt files
Transfer files
✅ Correct Answer: Archive files
117. Which command shows kernel messages in Linux?
dmesg
syslog
journalctl
kernlog
✅ Correct Answer: dmesg
118. What does the "chkdsk" command do in Windows?
Check disk for errors
Defragment disk
Format disk
Partition disk
✅ Correct Answer: Check disk for errors
119. Which tool is used for Windows firewall configuration?
wf.msc
regedit
cmd
msconfig
✅ Correct Answer: wf.msc
120. What is the purpose of the "rsync" command?
Synchronize files
Encrypt files
Compress files
Mount filesystems
✅ Correct Answer: Synchronize files
The Ceh 312 50v9 Certified Ethical Hacker Exam V9 certification is a globally recognized credential for IT professionals.
This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.
Want more practice? Check out our other mock exams: