Today’s Set
10 questions
Rotates at 10:00 AM local time
Certified Ethical Hacker
CEH Practice Test
Start today's 10-question CEH set with source-backed explanations, local progress, and a fresh rotation every morning.
CEH
Certified Ethical Hacker
Why this page works
- Daily exam-aligned questions
- Source links on every explanation
- Local progress saved automatically
- Email sync path ready for later
- Apps provide deeper drills when available
One-time unlock
Unlock the full CEH bank
Get 120 verified questions, every choice explained, Exam Mode, Practice Mode, random tests, readiness tracking, previous scores, and no ads.
Secure checkout by Stripe. Instant unlock on this page. No subscription.
Already Pro? Open dashboard
Enter your checkout email only when you are ready to unlock.
Today's 10 CEH questions
Use this CEH practice test to review Certified Ethical Hacker. Questions rotate daily and each explanation links to the source used to validate the answer.
Progress
0/10
Answered on this page
Accuracy
0%
Loading countdown…
120 verified questions are in the live bank. Today’s focused 10-question set includes source-backed explanations.
Question 1 of 10
Objective CEH-04
Web Application Security
A web application lets ordinary users reach administrative records simply by changing identifiers in a request. Which OWASP Top 10 category is this most closely associated with?
This is most closely associated with Broken Access Control because users are reaching data or functions they should not be able to access. OWASP identifies access control failures as one of the most critical web application risk categories.
Concept tested: Web Application Security (CEH-04)
Question 2 of 10
Objective CEH-03
Vulnerability Analysis
An ethical hacker is analyzing a target's web server. The vulnerability scanner identifies that the web server is exposing detailed error pages (stack traces) when receiving malformed HTTP requests. Which type of vulnerability classification does this represent?
Exposing detailed error pages or stack traces when a malformed request is sent constitutes an Information Disclosure vulnerability. These details can reveal internal directory structures, software versions, database structures, and programming language details, providing an attacker with valuable reconnaissance data for future targeted exploitation.
Concept tested: Vulnerability Analysis (CEH-03)
Question 3 of 10
Objective CEH-06
Remediation and Patch Management
Why is patching still a central remediation theme in ethical hacking reports?
Patching remains central because many validated findings trace back to outdated or vulnerable software and firmware that must be corrected or mitigated. NIST SP 800-40 Rev. 3 is built around that ongoing patch-management responsibility.
Concept tested: Remediation and Patch Management (CEH-06)
Question 4 of 10
Objective CEH-07
Program Scope and Defensive Outcomes
A Chief Information Security Officer (CISO) is evaluating how to measure the effectiveness of their ethical hacking program over a two-year period. Which metric provides the strongest evidence of a long-term improvement in the company's defensive posture?
The Mean Time to Remediate (MTTR) tracks how quickly an organization validates and patches discovered vulnerabilities. A decreasing MTTR for critical issues indicates that the security, operations, and development teams are coordinating effectively to close windows of exposure, which represents a real improvement in defensive resilience.
Concept tested: Program Scope and Defensive Outcomes (CEH-07)
Question 5 of 10
Objective CEH-01
Ethics and Scope
During a test, an assessor realizes a forgotten third-party application is reachable from the target environment but was never named in scope. What is the safest next step?
The safest step is to pause and get explicit clarification before touching the third-party asset. Staying inside authorized boundaries is a core ethical-hacking requirement, especially when ownership or contractual control is uncertain.
Concept tested: Ethics and Scope (CEH-01)
Question 6 of 10
Objective CEH-05
Reporting and Evidence
An ethical hacker is formatting a technical finding in a report. In addition to naming the affected host and port, which section is most critical to enable the systems administrator to successfully remediate the vulnerability?
A high-quality report must be actionable. The most critical section for a systems administrator is the detailed remediation guidance, which should contain clear, structured instructions on how to patch the software, disable insecure settings, or apply recommended vendor workarounds.
Concept tested: Reporting and Evidence (CEH-05)
Question 7 of 10
Objective CEH-02
Reconnaissance and Scanning
A tester jumps straight into exploit attempts without first identifying live hosts, ports, or exposed services. What foundational step was skipped?
Network scanning and discovery were skipped. EC-Council's scanning module specifically covers host discovery, port scanning, service discovery, and OS identification before deeper attack activity.
Concept tested: Reconnaissance and Scanning (CEH-02)
Question 8 of 10
Objective CEH-04
Web Application Security
During assessing and reducing security risk, a security analyst must distinguish Security Misconfiguration from nearby CEH distractors in Web Application Security. Which answer matches the cited guidance?
Security Misconfiguration is correct because That most strongly suggests Security Misconfiguration because the weakness comes from unsafe deployment or operational settings rather than from business logic or crypto itself. The cited source, OWASP Top Ten Web Application Security Risks, supports this answer for the Web Application Security scenario rather than the adjacent distractors.
Concept tested: Web Application Security (CEH-04)
Question 9 of 10
Objective CEH-03
Vulnerability Analysis
During assessing and reducing security risk, a security analyst must distinguish CISA's Known Exploited Vulnerabilities Catalog from nearby CEH distractors in Vulnerability Analysis. Which answer matches the cited guidance?
CISA's Known Exploited Vulnerabilities Catalog is correct because CISA's Known Exploited Vulnerabilities Catalog is especially useful because it tracks vulnerabilities known to be exploited in the wild. The cited source, Known Exploited Vulnerabilities Catalog | CISA, supports this answer for the Vulnerability Analysis scenario rather than the adjacent distractors.
Concept tested: Vulnerability Analysis (CEH-03)
Question 10 of 10
Objective CEH-06
Remediation and Patch Management
When prioritizing patches for an enterprise network, a security team uses the CISA Known Exploited Vulnerabilities (KEV) catalog. What is the fundamental reasoning behind prioritizing KEV-listed items over vulnerabilities with high CVSS scores that are not in the catalog?
CISA's Known Exploited Vulnerabilities (KEV) catalog tracks vulnerabilities that have been verified as actively exploited in the wild. While a vulnerability might have a theoretical CVSS score of 10, if there is no active exploit or threat actor using it, the immediate likelihood of threat is lower than a CVSS 8.0 vulnerability that is actively being weaponized. Prioritizing KEV items helps teams address real-world, high-probability attacks first.
Concept tested: Remediation and Patch Management (CEH-06)
Daily set complete
You finished today’s free 10.
Unlock the full 120-question bank to keep practicing now.
Full bank
Random tests
Exam Mode
Readiness tracking
Locked preview
You are viewing today’s free 10. Unlock 110 more questions.
Question 1
Ethics and Scope
Ethics and Scope (CEH-01)
Question 2
Ethics and Scope
Ethics and Scope (CEH-01)
Question 3
Ethics and Scope
Ethics and Scope (CEH-01)
Go Pro
Unlock 120 CEH questions. No ads.
Get the full bank, Exam Mode, Practice Mode, question sets, random tests, readiness tracking, saved box scores, and review tools for this exam.
120 full-bank questions
Every choice explained
Exam Mode and Practice Mode
Question sets and random tests
Readiness score and trends
Previous test box scores
You've answered 0/10 questions in today's set.
Locked: 110 more questions in the full bank.
Locked: exam simulation mode, practice mode, readiness tracking, and saved review history.
Checkout stays on this page, so you can keep practicing, unlock the full bank, and start Exam Mode or Practice Mode when you are ready.
No ads
This exam
$4.99 one-time
Unlock all 120 CEH questions, explanations, review tools, and exam-style practice.
Already purchased? Restore Pro access
Checkout stays on this page. Enter your email once so your unlock attaches to the right account.
Secure checkout powered by Stripe.
Source-backed questions. Not brain dumps. Checkout stays on this page and unlocks the same Pro builder on this practice page.
Pro practice
Build a CEH session
Choose the question count, question set, session mode, and timer for your full-bank practice.
Pass plan
Tell dotCreds what you are aiming for.
Set a target once. We will keep the next study action visible before every Pro session.
Do this next: start Practice Mode with 20 questions to build your baseline.
Exam readiness
0%
Start Exam Mode or Practice Mode to build your readiness trend on this browser.
Last 7 days: 0 questions answered
Based on 7-day accuracy, question volume, and bank coverage on this browser.
Previous tests
Box scores, domain breakdowns, and full answer explanations for Pro exam attempts on this browser.
7-day score keeper
Answer questions today and this will become a rolling 7-day scorecard.
Optional progress sync
Keep today’s practice moving
Guest progress saves automatically on this device. Add an email later when you want a magic link that keeps your daily CEH practice in sync across browsers.
Guest progress saves on this device automatically
Official exam resources
Use these official EC-Council resources alongside the daily practice set. They cover the provider's own exam page, study guide, or prep material.
Need adjacent EC-Council practice pages too? EC-Council practice hub.
Where to go after the daily web set
How are CEH questions generated?
dotCreds builds CEH practice questions from public exam objectives and EC-Council exam and documentation references. The questions are written for realistic study practice, not copied from exam dumps.
How are explanations sourced?
Each question includes an explanation and, when available, a source link back to the provider documentation or reference used to validate the answer. That keeps the practice tied to study material you can actually review.
What score do I get?
The page tracks today's answered count and accuracy for the 10-question daily set, then saves a 7-day score history on this device so you can see your recent practice trend.
Why use this site?
The site is the fastest way to start CEH practice without installing anything. It is built for daily recall, quick weak-topic discovery, and source-backed explanations you can review immediately.
Why use the app when available?
The web page is the quick daily practice layer. If a dotCreds app is available for CEH, the app is better for larger banks, focused weak-domain drills, longer review sessions, and mobile study routines.