CEH · topic practice

Wireless, IoT and Cloud Security practice questions

Practise Certified Ethical Hacker CEH Wireless, IoT and Cloud Security practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Wireless, IoT and Cloud Security

What the exam tests

What to know about Wireless, IoT and Cloud Security

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Watch out for

Common Wireless, IoT and Cloud Security exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaSPaaSSaaS).

Practice set

Wireless, IoT and Cloud Security questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Read the full DNS explanation →

A security analyst discovers that an IoT device in a smart building is periodically sending small DNS queries to an external domain known for command-and-control activity. Which security control should be implemented to detect and block such traffic without disrupting legitimate operations?

Question 2mediummultiple choice
Read the full wireless explanation →

A cloud security engineer notices that an S3 bucket containing sensitive customer data is configured with a bucket policy that allows 'Principal': '*' and 'Action': 's3:GetObject'. The bucket is not publicly accessible via the AWS Management Console, but the engineer is concerned about data exposure. What is the most likely risk?

Question 3hardmultiple choice
Read the full wireless explanation →

During a penetration test of a corporate wireless network, you capture a WPA2 handshake and successfully recover the PSK. Later, you notice that some clients are using WPA3-Personal. Which attack could be used to downgrade a WPA3 client to WPA2 and capture its handshake?

Question 4easymultiple choice
Read the full wireless explanation →

A company deploys IoT sensors in a remote facility with limited bandwidth. The sensors send small data packets every few seconds. Which wireless technology is most appropriate for this application?

Question 5mediummultiple choice
Read the full wireless explanation →

A security analyst detects multiple failed authentication attempts on a cloud-based SSH server from a single IP address. The analyst implements a rule to block that IP. However, the attacks continue from different IPs. Which additional control should be implemented to reduce the attack surface?

Question 6hardmultiple choice
Read the full wireless explanation →

During a wireless penetration test, you discover that the target network uses WPA2-Enterprise with PEAP-MSCHAPv2. You capture the authentication traffic of a legitimate user. Which attack can you perform to recover the user's domain credentials?

Question 7easymultiple choice
Read the full wireless explanation →

A company uses a cloud-based identity provider (IdP) for single sign-on (SSO). Which security control is most effective in preventing account takeover due to credential stuffing?

Question 8mediummultiple choice
Read the full wireless explanation →

An organization deploys a fleet of IoT cameras that communicate with a central server over the internet. The cameras use HTTP to send video streams. What is the most critical security improvement to protect the video data in transit?

Question 9mediummulti select
Read the full wireless explanation →

Which TWO of the following are effective countermeasures against rogue access point attacks on a corporate wireless network?

Question 10hardmulti select
Read the full wireless explanation →

Which THREE of the following are common security risks associated with cloud computing?

Question 11easymulti select
Read the full wireless explanation →

Which TWO of the following are characteristics of a Bluetooth Low Energy (BLE) IoT device that make it suitable for a battery-powered sensor?

Question 12mediummulti select
Read the full wireless explanation →

Which THREE of the following are best practices for securing IoT devices in a home automation network?

Question 13hardmultiple choice
Read the full wireless explanation →

Refer to the exhibit. During a wireless audit, you capture a beacon frame from a corporate access point. What is the most significant security concern based on this information?

Exhibit

Refer to the exhibit.

```
Wireless Capture: Beacon Frame
SSID: CorpNet
Security: WPA2-PSK
BSSID: 00:11:22:33:44:55
Channel: 6
RSN Information:
  Pairwise Ciphers: CCMP
  Group Cipher: TKIP
```
Question 14easymultiple choice
Read the full wireless explanation →

Refer to the exhibit. A security analyst reviews a CloudTrail log entry. What is the primary security concern indicated by this log?

Exhibit

Refer to the exhibit.

```
CloudTrail Log:
{
  "eventVersion": "1.08",
  "userIdentity": {
    "type": "Root",
    "arn": "arn:aws:iam::123456789012:root",
    "accountId": "123456789012"
  },
  "eventTime": "2025-03-15T14:30:00Z",
  "eventSource": "ec2.amazonaws.com",
  "sourceIPAddress": "203.0.113.5",
  "userAgent": "console.amazonaws.com",
  "requestParameters": {
    "instanceType": "t2.micro",
    "imageId": "ami-0abcdef1234567890",
    "keyName": "test-key"
  },
  "responseElements": {
    "instancesSet": {
      "items": [
        {
          "instanceId": "i-0a1b2c3d4e5f67890"
        }
      ]
    }
  },
  "eventType": "AwsApiCall"
}
```
Question 15mediummultiple choice
Open the full VLAN trunking answer →

A security analyst notices unusual traffic from a smart thermostat to an external IP address. The thermostat is on a separate IoT VLAN. Which action should the analyst take to investigate and mitigate the threat?

Question 16hardmultiple choice
Read the full wireless explanation →

During a penetration test, an ethical hacker captures a WPA2 handshake and successfully cracks the PSK. Which additional action must be taken to decrypt previously captured traffic?

Question 17easymultiple choice
Read the full wireless explanation →

A cloud security engineer wants to ensure that only authorized users can access an S3 bucket containing sensitive data. Which AWS service should be used to enforce fine-grained access control?

Question 18mediummulti select
Read the full wireless explanation →

Which TWO of the following are common security risks associated with bring-your-own-device (BYOD) policies in a corporate environment?

Question 19hardmultiple choice
Read the full wireless explanation →

You are the security lead for a multinational corporation that uses a hybrid cloud architecture with AWS and on-premises data centers. The company recently deployed a fleet of IoT sensors in a remote factory to monitor equipment. These sensors communicate via MQTT to an AWS IoT Core endpoint, which forwards data to an S3 bucket and a DynamoDB table. The factory network is isolated but has a site-to-site VPN to the corporate HQ. Over the past week, the S3 bucket has experienced an unusual number of PUT requests from an IP address that resolves to a known malicious host. The DynamoDB table shows write spikes at odd hours. The MQTT broker logs indicate that some sensors are publishing data with invalid client IDs. Meanwhile, the VPN logs show no anomalies. You need to identify the likely attack vector and recommend a course of action. Which of the following is the BEST course of action?

Question 20hardmulti select
Read the full wireless explanation →

A penetration tester is assessing the security of a smart building's IoT infrastructure. The building uses Zigbee sensors for temperature and motion detection, and some devices communicate using MQTT over Wi-Fi. During the assessment, the tester captures traffic and notices that some Zigbee devices are sending unencrypted frames containing sensor IDs and values. Which TWO actions should the tester recommend to mitigate the identified vulnerabilities? (Choose two.)

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Wireless, IoT and Cloud Security sessions

Start a Wireless, IoT and Cloud Security only practice session

Every question in these sessions is drawn from the Wireless, IoT and Cloud Security domain — nothing else.

Related practice questions

Related CEH topic practice pages

Move into related areas when this topic feels solid.

Footprinting, Reconnaissance and Scanning practice questions

Practise CEH questions linked to Footprinting, Reconnaissance and Scanning.

Enumeration and System Hacking practice questions

Practise CEH questions linked to Enumeration and System Hacking.

Malware, Social Engineering and Network Attacks practice questions

Practise CEH questions linked to Malware, Social Engineering and Network Attacks.

Web Application and Injection Attacks practice questions

Practise CEH questions linked to Web Application and Injection Attacks.

Introduction to Ethical Hacking practice questions

Practise CEH questions linked to Introduction to Ethical Hacking.

Scanning Networks and Enumeration practice questions

Practise CEH questions linked to Scanning Networks and Enumeration.

Vulnerability Analysis and System Hacking practice questions

Practise CEH questions linked to Vulnerability Analysis and System Hacking.

Advanced Topics: Wireless, Cloud, IoT, Cryptography practice questions

Practise CEH questions linked to Advanced Topics: Wireless, Cloud, IoT, Cryptography.

Footprinting and Reconnaissance practice questions

Practise CEH questions linked to Footprinting and Reconnaissance.

Network and Web Application Attacks practice questions

Practise CEH questions linked to Network and Web Application Attacks.

Wireless, IoT and Cloud Security practice questions

Practise CEH questions linked to Wireless, IoT and Cloud Security.

Cryptography and Malware Analysis practice questions

Practise CEH questions linked to Cryptography and Malware Analysis.

Frequently asked questions

What does the CEH exam test about Wireless, IoT and Cloud Security?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Wireless, IoT and Cloud Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Wireless, IoT and Cloud Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CEH topics?
Use the topic links above to move to related areas, or go back to the CEH question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CEH exam covers. They are not copied from any real exam or dump site.