13+ practice questions focused on Introduction to Ethical Hacking — one of the most tested topics on the Certified Ethical Hacker CEH exam. Each question includes a detailed explanation so you learn why the right answer is correct.
Start Introduction to Ethical Hacking PracticeA security analyst suspects that an attacker is scanning their network. They notice a large number of TCP SYN packets being sent to various ports on a single host, but no SYN-ACK responses are returned. Which type of scan is most likely being used?
Explanation: C is correct because a SYN scan (also known as a half-open scan) sends TCP SYN packets to target ports and does not complete the three-way handshake. If no SYN-ACK is returned, it indicates the port is filtered or the host is not responding, which matches the scenario where the attacker receives no SYN-ACK responses. This scan is stealthier than a full TCP connect scan because it never establishes a full connection.
During a penetration test, an ethical hacker needs to evade an IDS that detects port scans based on the number of packets per second. Which technique would be most effective to avoid detection?
Explanation: Option C is correct because slowing down the scan rate reduces the number of packets sent per second below the IDS threshold, allowing the scan to blend in with normal traffic. IDS systems like Snort use packet-per-second (pps) counters to detect port scans; by spacing out packets over a longer period, the scan avoids triggering these rate-based alerts.
A company wants to test the security of its web application by simulating attacks from an external perspective. They have no prior knowledge of the internal network or application architecture. Which type of test should they perform?
Explanation: A black-box test is the correct choice because the company has no prior knowledge of the internal network or application architecture. This simulates an external attacker with zero insider information, testing the application from an outsider's perspective without access to source code, network diagrams, or credentials. The test relies solely on publicly available information and direct interaction with the application's interfaces.
Which TWO of the following are recognized phases of the Ethical Hacking process? (Select TWO.)
Explanation: Maintaining Access is a recognized phase in the Ethical Hacking process, as defined by the EC-Council's CEH methodology. After gaining initial access, the ethical hacker must establish persistent access to the target system, often by installing backdoors, rootkits, or creating user accounts. This phase ensures the hacker can return to the system without repeating the exploitation steps, which is critical for simulating a real attacker's long-term presence.
Refer to the exhibit. An ethical hacker runs the shown Nmap scan against a target. Which port state indicates that the port is reachable but no service is listening?
Explanation: Option B is correct because a 'closed' port in Nmap indicates that the target host responded with a TCP RST (Reset) packet, meaning the port is reachable and the host is alive, but no application is listening on that port. This state confirms the port is accessible (not filtered by a firewall) yet no service is bound to it.
+8 more Introduction to Ethical Hacking questions available
Practice all Introduction to Ethical Hacking questions1. Baseline your knowledge
Start with 10 questions to gauge your current understanding of Introduction to Ethical Hacking. This tells you whether you need a concept refresher or just practice.
2. Review every explanation
For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.
3. Focus on exam traps
Introduction to Ethical Hacking questions on the CEH frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.
4. Reach 80% consistently
Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.
The exact number varies per candidate. Introduction to Ethical Hacking is tested as part of the Certified Ethical Hacker CEH blueprint. Practicing with targeted Introduction to Ethical Hacking questions ensures you can handle any format or difficulty that appears.
Yes. Courseiva provides free CEH practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.
Difficulty is subjective, but Introduction to Ethical Hacking is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.
Launch a full Introduction to Ethical Hacking practice session with instant scoring and detailed explanations.
Start Introduction to Ethical Hacking Practice →