WGU TutoringAbout Us
UF GPA CalculatorUCF GPA CalculatorUC GPA CalculatorASU GPA CalculatorLSAC GPA CalculatorPurdue GPA CalculatorLSU GPA CalculatorRutgers GPA CalculatorOSU GPA CalculatorIU GPA CalculatorUW GPA CalculatorWKU GPA CalculatorTAMU GPA CalculatorUIUC GPA CalculatorUT Austin GPA CalculatorUofSC GPA CalculatorBerkeley GPA CalculatorUNL GPA CalculatorUTK GPA CalculatorUARK GPA CalculatorMizzou GPA CalculatorPenn State GPA CalculatorNYU GPA CalculatorUMich GPA CalculatorFSU GPA CalculatorUCLA GPA CalculatorGeorgia Tech GPA CalculatorUGA GPA CalculatorUNC GPA CalculatorVirginia Tech GPA CalculatorMSU GPA CalculatorUMN GPA CalculatorUofA GPA CalculatorUMD GPA CalculatorCU Boulder GPA CalculatorNC State GPA CalculatorPitt GPA CalculatorUofU GPA CalculatorView All Resources →
Praxis30SHRM4CompTIA12HRCI3GED5HiSET4PMP2Nursing12ASVAB2Real Estate4Cloud3Finance3Safety & Trades6IT Security3View All Practice Questions →
Contact
IT Security Practice Questions

CEH Practice Test Practice Questions

EC-Council Certified Ethical Hacker (CEH v12/v13)Free ceh practice test questions with detailed answer explanations. Sample items cover reconnaissance, scanning, system hacking, web application attacks, and social engineering -- the core domains of the EC-Council Certified Ethical Hacker certification.

125
Total Questions
4 hours
Time Limit
60-85% (cut score varies by form)
Passing Score
$1,199 (with training) / $950 voucher
Registration Fee

Free Sample Questions

Here are 5 free sample questions from our full bank of 420+ CEH Practice Test practice questions. Try them out below — click "Show Answer" to reveal the correct response and explanation.

1

During the reconnaissance phase, an ethical hacker wants to gather information about a target organization without sending any packets to the target's infrastructure. Which technique BEST describes this approach?

AA) Passive reconnaissance using public records, social media, and search engine queries
BB) Active reconnaissance using Nmap SYN scans against the target's public IP range
CC) Banner grabbing against the target's web servers using Netcat
DD) Performing a full TCP connect scan against the target's mail server
2

An ethical hacker runs the command 'nmap -sS -p- 10.0.0.5' against an authorized target. What type of scan is being performed and what is the key characteristic?

AA) UDP scan that completes the three-way handshake on every port
BB) TCP connect scan that logs into application banners on each port
CC) TCP SYN (half-open) scan against all 65,535 ports without completing the handshake
DD) ICMP echo sweep that pings every host in the subnet
3

After gaining initial access to a Windows host, an attacker dumps credential hashes from the SAM database and uses one of them to authenticate to other systems on the network without ever cracking the hash itself. What technique is this?

AA) Kerberoasting
BB) Pass-the-Hash
CC) Golden Ticket attack
DD) Rainbow table cracking
4

A web application reflects user input from the URL parameter directly into the HTML response without encoding. An attacker crafts a link that, when clicked, runs JavaScript in the victim's browser session. Which vulnerability class is this and which OWASP category does it map to?

AA) SQL Injection -- A03 Injection
BB) Insecure Deserialization -- A08 Software and Data Integrity Failures
CC) Reflected Cross-Site Scripting (XSS) -- A03 Injection
DD) Server-Side Request Forgery -- A10 SSRF
5

An attacker calls a company's help desk pretending to be a senior executive locked out of their account, urgently demanding a password reset before an important meeting. Which social engineering principle is being exploited MOST directly?

AA) Reciprocity -- offering a small favor first
BB) Scarcity -- limited-time offers
CC) Social proof -- 'everyone else is doing it'
DD) Authority combined with urgency

Get the Full CEH Practice Test Question Bank — 420+ Practice Questions

You just saw 5 sample questions. We have a complete bank of 420+ CEH Practice Test practice questions with detailed answers and explanations ready for you. Fill out the form below and we'll send you the full question bank — completely free.

We'll send the full question bank to this email.

We won't spam you. Just a quick follow-up if needed.

All fields are required.

About the CEH Practice Test

Format & Structure

Total Questions
125
Time Limit
4 hours
Format
Multiple choice (computer-based)

Scoring & Cost

Passing Score
60-85% (cut score varies by form)
Registration Fee
$1,199 (with training) / $950 voucher

Related Practice Questions

CISSP Practice Questions

Start Practicing

CompTIA Security+ Practice Questions

Start Practicing

CompTIA PenTest+ Practice Questions

Start Practicing

Frequently Asked Questions

What is the CEH certification?

The Certified Ethical Hacker (CEH) is EC-Council's flagship credential for offensive security professionals. It validates that you can think and act like an attacker -- legally and ethically -- across reconnaissance, scanning, enumeration, system hacking, web app attacks, wireless attacks, cloud, mobile, and social engineering. The current versions are CEH v12 and the newer CEH v13, which adds AI-driven attack and defense content.

Who is eligible to sit for the CEH?

There are two paths. If you complete official EC-Council training (instructor-led, iLearn, or an Accredited Training Center course), you can sit the assessment without any prior experience requirement. If you self-study and skip official training, you need to apply for eligibility and demonstrate at least 2 years of verified work experience in information security, plus pay a non-refundable $100 application fee.

What is the CEH passing score?

There is no fixed percentage. EC-Council uses a cut score that varies by form (the specific question set you receive), typically falling somewhere between 60% and 85%. Each version of the assessment is statistically calibrated, so harder forms have a lower cut score and easier forms have a higher one. You'll see your pass/fail result immediately at the testing center.

How much does the CEH cost?

Pricing depends on how you get to it. A standalone CEH voucher runs around $950 to $1,199. Bundled packages that include official courseware, labs, and the assessment voucher can range from roughly $1,899 up to $2,999+ depending on the format (self-paced iLearn, live online, or in-person). The $100 eligibility application fee applies if you skip official training. Prices shift, so always check EC-Council or your training partner for current numbers.

How long is the CEH valid?

CEH certifications are valid for 3 years. To stay certified, you need to earn 120 ECE (EC-Council Continuing Education) credits over that 3-year window and pay an annual membership fee of $80. ECE credits come from things like attending conferences, publishing research, completing related training, or earning other certifications. Let it lapse and you'll have to retake the assessment to recertify.

Can I retake the CEH if I don't pass?

Yes. The first retake has no waiting period beyond rescheduling availability. If you fail a second time, you must wait 14 days. Each subsequent attempt requires the same 14-day wait, and you cannot attempt more than 5 times within a 12-month window. You'll pay the voucher fee again for each retake unless your training package included a retake voucher.

Which training providers are recognized by EC-Council?

EC-Council itself offers iClass (live online), iLearn (self-paced), and MasterClass formats. Beyond that, Accredited Training Centers (ATCs) around the world deliver the official curriculum -- common names include Infosec Institute, Simplilearn, Koenig Solutions, and many regional partners. Verify any provider on the EC-Council ATC directory before paying. Unofficial bootcamps may be cheaper but won't satisfy the training-path eligibility requirement.

What study resources work best for the CEH?

Most successful candidates combine three things. First, the official EC-Council courseware and iLabs (or an equivalent ATC course) for the structured curriculum. Second, hands-on practice with tools the assessment loves to reference -- Nmap, Wireshark, Metasploit, Burp Suite, John the Ripper, Hydra, and Mimikatz -- ideally on platforms like TryHackMe, HackTheBox, or PortSwigger Web Security Academy. Third, a solid practice-question bank to drill recall on protocols, port numbers, tool flags, and frameworks. Our online class tutoring and study skills coaching can help you build a focused study plan around any weak areas you identify.

Get 420+ CEH Practice Test Practice Questions

Don't settle for just 5 sample questions. Request the full question bank and start preparing with confidence.

Get Started