Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsCEHDomainsNetwork and Web Application Attacks
CEHFree — No Signup

Network and Web Application Attacks

Practice CEH Network and Web Application Attacks questions with full explanations on every answer.

19questions

Start practicing

Network and Web Application Attacks — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

CEH Domains

Footprinting, Reconnaissance and ScanningEnumeration and System HackingMalware, Social Engineering and Network AttacksWeb Application and Injection AttacksIntroduction to Ethical HackingScanning Networks and EnumerationVulnerability Analysis and System HackingAdvanced Topics: Wireless, Cloud, IoT, CryptographyFootprinting and ReconnaissanceNetwork and Web Application AttacksWireless, IoT and Cloud SecurityCryptography and Malware AnalysisSocial Engineering and Physical Security

Practice Network and Web Application Attacks questions

10Q20Q30Q50Q

All CEH Network and Web Application Attacks questions (19)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

During a penetration test, you notice that a web application accepts user input and displays it directly in the browser without sanitization. Which attack is most likely to succeed?

2

As a network defender, you notice an unusually high number of incomplete TCP three-way handshakes from a single external IP to multiple internal hosts. What is the most likely attack taking place?

3

A security analyst is configuring a web application firewall (WAF) to protect against SQL injection. Which HTTP parameter location should the analyst focus on to block malicious SQL queries?

4

You are performing a web application security assessment and discover that the application uses a hidden form field named 'price' to store the product price. The price is submitted with the form and used to process payments. Which attack would allow you to purchase an item for a lower price?

5

A network administrator wants to prevent an attacker from using a network sniffer to capture traffic between a client and a web server. Which protocol should be enforced to encrypt all communication?

6

Which TWO of the following are common web application vulnerabilities that allow an attacker to inject malicious code? (Select exactly 2)

7

Which THREE of the following are effective countermeasures against DNS poisoning attacks? (Select exactly 3)

8

Refer to the exhibit. A security analyst captured the HTTP request and response shown. What type of vulnerability is present?

9

You are the lead security engineer for a financial technology company that hosts a critical web application on three load-balanced servers behind a reverse proxy. The application uses a REST API to process transactions. Recently, the company has experienced intermittent service outages during peak hours. Upon reviewing logs, you find that the reverse proxy is returning HTTP 503 errors for legitimate API requests, and the application servers show high CPU usage but normal memory. The network team reports no bandwidth issues. The application team claims no code changes were made. You suspect a specific type of attack is causing the outages. Which action should you take first to confirm the attack type?

10

A penetration tester is analyzing a captured TCP session that includes a successful SQL injection attack. Which TWO of the following indicators would most likely confirm that the attack was successful?

11

Refer to the exhibit. A penetration tester executed the SQL injection payload and received the response shown. What is the most likely outcome of this attack?

12

You are a security analyst for a medium-sized e-commerce company. The company hosts its web application on a single server running Apache on Ubuntu. Recently, the operations team noticed that the server's CPU usage spikes to 100% every few minutes, causing the website to become unresponsive. They have ruled out hardware issues. The web server logs show repeated requests to the same URL with varying parameters, such as /product?id=1, /product?id=2, etc., all originating from a single IP address. Each request returns a 200 OK response, but the server takes several seconds to generate the page. The application uses a relational database backend with an ORM. You suspect an attack is occurring. What is the most likely attack and the best immediate course of action?

13

Drag and drop the steps to recover a forgotten Windows administrator password using a bootable Linux USB into the correct order.

14

Match each encryption algorithm to its type.

15

Refer to the exhibit. A security analyst notices multiple ESTABLISHED connections on port 443 from different external IPs to the same process ID. What type of attack is most likely occurring?

16

Refer to the exhibit. A web server log shows requests from a single IP. Which vulnerability is being exploited?

17

Refer to the exhibit. A user visits a malicious site that returns this HTML. Which attack is being executed?

18

Refer to the exhibit. An analyst runs an Nmap scan and finds these services. Which known vulnerability is most likely to be successfully exploited?

19

Refer to the exhibit. A penetration tester sends a SOAP request and receives multiple user records. Which vulnerability is present?

Other CEH exam domains

Footprinting, Reconnaissance and ScanningEnumeration and System HackingMalware, Social Engineering and Network AttacksWeb Application and Injection AttacksIntroduction to Ethical HackingScanning Networks and EnumerationVulnerability Analysis and System HackingAdvanced Topics: Wireless, Cloud, IoT, CryptographyFootprinting and ReconnaissanceWireless, IoT and Cloud SecurityCryptography and Malware AnalysisSocial Engineering and Physical Security

Frequently asked questions

What does the Network and Web Application Attacks domain cover on the CEH exam?

The Network and Web Application Attacks domain covers the key concepts tested in this area of the CEH exam blueprint published by EC-Council. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all CEH domains — no account required.

How many Network and Web Application Attacks questions are in the CEH question bank?

The Courseiva CEH question bank contains 19 questions in the Network and Web Application Attacks domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Network and Web Application Attacks for CEH?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Network and Web Application Attacks questions for CEH?

Yes — the session launcher on this page draws questions exclusively from the Network and Web Application Attacks domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your CEH domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide

Related Exams

PT0-002CS0-003SY0-701200-201