Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsCEHTopicsSocial Engineering and Physical Security
Free · No Signup RequiredEC-Council · CEH

CEH Social Engineering and Physical Security Practice Questions

17+ practice questions focused on Social Engineering and Physical Security — one of the most tested topics on the Certified Ethical Hacker CEH exam. Each question includes a detailed explanation so you learn why the right answer is correct.

Start Social Engineering and Physical Security Practice

Exam Domains

Footprinting, Reconnaissance and ScanningEnumeration and System HackingMalware, Social Engineering and Network AttacksWeb Application and Injection AttacksIntroduction to Ethical HackingScanning Networks and EnumerationVulnerability Analysis and System HackingAll domains →

Study Tools

Practice TestMock ExamFlashcardsAll Topics

Sample Social Engineering and Physical Security Questions

Practice all 17+ →
1.

A penetration tester is assessing an organization's physical security. The tester wants to gain unauthorized access to a secured server room that uses a biometric fingerprint scanner. Which of the following techniques would be MOST effective for bypassing the biometric scanner?

A.Shoulder surfing the authorized user's fingerprint pattern
B.Picking the lock on the server room door
C.Using a gelatin mold of an authorized user's fingerprint
D.Tailgating behind an authorized employee

Explanation: Option C is correct because gelatin molds can replicate the exact ridge and valley patterns of a fingerprint, which many capacitive and optical fingerprint scanners read. This bypasses the biometric authentication without requiring the user's cooperation, making it the most direct method to defeat the scanner itself.

2.

During a social engineering engagement, a tester calls the help desk posing as an employee from the IT department. The tester claims to be working on a critical system update and needs the employee's password to proceed. Which type of social engineering attack is being executed?

A.Quid pro quo
B.Baiting
C.Pretexting
D.Phishing

Explanation: Pretexting involves creating a fabricated scenario (pretext) to manipulate a target into divulging information. In this case, the tester falsely claims to be from the IT department working on a critical system update, which is a classic pretext to gain trust and obtain the employee's password. This differs from other social engineering types because it relies on a constructed identity and false narrative rather than a technical lure or direct exchange.

3.

Which of the following is the BEST defense against tailgating attacks in a secure facility?

A.Hiring security guards
B.Reviewing keycard access logs
C.Installing CCTV cameras
D.Implementing a mantrap at the entrance

Explanation: A mantrap is a physical security access control system consisting of two interlocking doors that create a small vestibule. Only one door can be opened at a time, and authentication (e.g., keycard + biometric) is required to pass through both. This design physically prevents an unauthorized person from following an authorized person into the facility, directly mitigating tailgating attacks by enforcing strict one-person-per-authentication entry.

4.

An employee receives an email that appears to be from the CEO, asking the employee to urgently wire funds to a vendor. The email address is slightly misspelled. What type of social engineering attack is this?

A.Pharming
B.Spear phishing
C.Whaling
D.Vishing

Explanation: This is a whaling attack because it specifically targets a high-profile individual (the CEO) to deceive another employee into performing a financial action. The slight misspelling of the email address is a classic whaling technique, as the attacker impersonates a senior executive to exploit authority and urgency. Unlike generic phishing, whaling focuses on C-level executives or decision-makers.

5.

Which TWO of the following are effective methods to prevent dumpster diving attacks? (Choose two.)

A.Storing all data on encrypted digital media only
B.Shredding sensitive documents before disposal
C.Using locked bins for discarded materials
D.Placing documents in recycling bins

Explanation: Shredding sensitive documents before disposal (Option B) is effective because it physically destroys the information, making it impossible to reconstruct from discarded paper. This directly counters dumpster diving, where attackers retrieve documents to extract confidential data like passwords or network diagrams.

+12 more Social Engineering and Physical Security questions available

Practice all Social Engineering and Physical Security questions

How to master Social Engineering and Physical Security for CEH

1. Baseline your knowledge

Start with 10 questions to gauge your current understanding of Social Engineering and Physical Security. This tells you whether you need a concept refresher or just practice.

2. Review every explanation

For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.

3. Focus on exam traps

Social Engineering and Physical Security questions on the CEH frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.

4. Reach 80% consistently

Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.

Frequently asked questions

How many CEH Social Engineering and Physical Security questions are on the real exam?

The exact number varies per candidate. Social Engineering and Physical Security is tested as part of the Certified Ethical Hacker CEH blueprint. Practicing with targeted Social Engineering and Physical Security questions ensures you can handle any format or difficulty that appears.

Are these CEH Social Engineering and Physical Security practice questions free?

Yes. Courseiva provides free CEH practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.

Is Social Engineering and Physical Security one of the harder CEH topics?

Difficulty is subjective, but Social Engineering and Physical Security is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.

Ready to practice?

Launch a full Social Engineering and Physical Security practice session with instant scoring and detailed explanations.

Start Social Engineering and Physical Security Practice →

Topic Info

Topic

Social Engineering and Physical Security

Exam

CEH

Questions available

17+