CEH · topic practice

Advanced Topics: Wireless, Cloud, IoT, Cryptography practice questions

Practise Certified Ethical Hacker CEH Advanced Topics: Wireless, Cloud, IoT, Cryptography practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Advanced Topics: Wireless, Cloud, IoT, Cryptography

What the exam tests

What to know about Advanced Topics: Wireless, Cloud, IoT, Cryptography

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Watch out for

Common Advanced Topics: Wireless, Cloud, IoT, Cryptography exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaSPaaSSaaS).

Practice set

Advanced Topics: Wireless, Cloud, IoT, Cryptography questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Read the full wireless explanation →

A security analyst captures a large number of unique initialization vectors (IVs) from a wireless network using airodump-ng. Which attack are they MOST likely preparing to execute?

Question 2mediummultiple choice
Read the full wireless explanation →

During a penetration test, an analyst runs the following command: 'reaver -i wlan0mon -b 00:11:22:33:44:55 -vv'. What is the PRIMARY purpose of this command?

Question 3mediummultiple choice
Read the full wireless explanation →

A cloud security engineer discovers that an S3 bucket named 'acme-backups' is accessible to anyone with the bucket URL. The bucket contains sensitive customer data. Which AWS shared responsibility model component does this misconfiguration primarily violate?

Question 4hardmultiple choice
Read the full wireless explanation →

An IoT device uses the MQTT protocol without any authentication or encryption. An attacker on the same network subscribes to all topics on the MQTT broker. Which of the following is the MOST effective immediate countermeasure?

Question 5easymultiple choice
Read the full wireless explanation →

Which cryptographic algorithm is classified as symmetric and uses a block cipher with a fixed block size of 128 bits, supporting key sizes of 128, 192, and 256 bits?

Question 6mediummultiple choice
Read the full wireless explanation →

A security analyst observes the following log entry on a web server: 'GET /?url=http://169.254.169.254/latest/meta-data/ HTTP/1.1'. This request appears to originate from a compromised web application. Which cloud attack technique is being attempted?

Question 7easymultiple choice
Read the full wireless explanation →

Which of the following tools is specifically designed for assessing the security of AWS environments by checking for misconfigurations in services like S3, IAM, and EC2?

Question 8mediummultiple choice
Read the full wireless explanation →

During a penetration test, a tester captures a WPA2 4-way handshake. Which of the following is the NEXT step to attempt to recover the Wi-Fi passphrase?

Question 9hardmultiple choice
Read the full wireless explanation →

A security analyst discovers that a containerized application running in a cloud environment can access the host's file system by mounting /var/run/docker.sock inside the container. Which type of attack does this configuration enable?

Question 10mediummultiple choice
Read the full wireless explanation →

Which of the following is the PRIMARY reason that MD5 is no longer recommended for use in digital signatures?

Question 11hardmultiple choice
Read the full wireless explanation →

An attacker intercepts a TLS-encrypted session and attempts to force the client and server to use a weaker cipher suite. Which type of attack is being performed?

Question 12mediummultiple choice
Read the full wireless explanation →

A penetration tester uses the tool 'Pacu' during an assessment. Which of the following actions is Pacu designed to perform?

Question 13mediummulti select
Read the full wireless explanation →

Which TWO of the following are common attack vectors against IoT devices? (Select TWO.)

Question 14hardmulti select
Read the full wireless explanation →

Which THREE of the following are effective countermeasures against evil twin attacks in wireless networks? (Select THREE.)

Question 15easymulti select
Read the full wireless explanation →

Which TWO of the following are symmetric encryption algorithms? (Select TWO.)

Question 16easymultiple choice
Read the full wireless explanation →

A security analyst captures network traffic and sees multiple ARP packets with the same source MAC address but different IP addresses. Which attack is MOST likely occurring?

Question 17mediummultiple choice
Read the full wireless explanation →

During a wireless penetration test, a tester captures the 4-way handshake between a client and WPA2-PSK access point. Which tool would the tester MOST likely use to attempt to recover the pre-shared key?

Question 18hardmultiple choice
Read the full wireless explanation →

A cloud security engineer notices that an S3 bucket named 'company-backup' is configured to allow 's3:GetObject' access to 'Principal: *'. Which attack is this misconfiguration MOST likely to enable?

Question 19mediummultiple choice
Read the full wireless explanation →

An IoT device uses the MQTT protocol without TLS. A security tester connects to the broker and subscribes to all topics using '#'. What is the tester MOST likely able to accomplish?

Question 20easymultiple choice
Read the full wireless explanation →

Which of the following cryptographic algorithms is classified as asymmetric?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Advanced Topics: Wireless, Cloud, IoT, Cryptography sessions

Start a Advanced Topics: Wireless, Cloud, IoT, Cryptography only practice session

Every question in these sessions is drawn from the Advanced Topics: Wireless, Cloud, IoT, Cryptography domain — nothing else.

Related practice questions

Related CEH topic practice pages

Move into related areas when this topic feels solid.

Footprinting, Reconnaissance and Scanning practice questions

Practise CEH questions linked to Footprinting, Reconnaissance and Scanning.

Enumeration and System Hacking practice questions

Practise CEH questions linked to Enumeration and System Hacking.

Malware, Social Engineering and Network Attacks practice questions

Practise CEH questions linked to Malware, Social Engineering and Network Attacks.

Web Application and Injection Attacks practice questions

Practise CEH questions linked to Web Application and Injection Attacks.

Introduction to Ethical Hacking practice questions

Practise CEH questions linked to Introduction to Ethical Hacking.

Scanning Networks and Enumeration practice questions

Practise CEH questions linked to Scanning Networks and Enumeration.

Vulnerability Analysis and System Hacking practice questions

Practise CEH questions linked to Vulnerability Analysis and System Hacking.

Advanced Topics: Wireless, Cloud, IoT, Cryptography practice questions

Practise CEH questions linked to Advanced Topics: Wireless, Cloud, IoT, Cryptography.

Footprinting and Reconnaissance practice questions

Practise CEH questions linked to Footprinting and Reconnaissance.

Network and Web Application Attacks practice questions

Practise CEH questions linked to Network and Web Application Attacks.

Wireless, IoT and Cloud Security practice questions

Practise CEH questions linked to Wireless, IoT and Cloud Security.

Cryptography and Malware Analysis practice questions

Practise CEH questions linked to Cryptography and Malware Analysis.

Frequently asked questions

What does the CEH exam test about Advanced Topics: Wireless, Cloud, IoT, Cryptography?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Advanced Topics: Wireless, Cloud, IoT, Cryptography questions in a focused session?
Yes — the session launcher on this page draws every question from the Advanced Topics: Wireless, Cloud, IoT, Cryptography domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CEH topics?
Use the topic links above to move to related areas, or go back to the CEH question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CEH exam covers. They are not copied from any real exam or dump site.