Top 20 Certified Ethical Hacker Interview Questions and Answer
                     Top 20 Certified Ethical Hacker Interview
 Questions and Answer
www.infosectrain.com | [email protected]
The technique of discovering vulnerabilities in a software, 
website, or agency’s structure that a hacker might exploit is 
known as ethical hacking. They employ this method to avoid 
cyberattacks and security breaches by legitimately hacking into 
systems and looking for flaws. CEH was designed to include a 
hands-on environment and a logical procedure across each 
ethical hacking area and technique. This is to provide you the 
opportunity to work towards proving the knowledge and skills 
to earn the CEH certificate and perform the tasks of an ethical 
hacker.
www.infosectrain.com | [email protected]
www.infosectrain.com | [email protected]
Certified Ethical Hackers can now be found working with some 
of the greatest and wealthiest industries such as healthcare, 
education, government, manufacturing, and many others. Due 
to the sheer demand, CEH certified Ethical Hacker is a lucrative 
and rewarding career choice currently and this potential is only 
going to increase in the future. Hence, to make the process 
easier for CEH certification enthusiasts and job seekers, here 
are the top 20 Interview questions that a CEH certified Ethical 
Hacker may face:
www.infosectrain.com | [email protected]
Interview Questions
1. Describe hacking?
Hacking is the act of gaining access to a system or network 
without authorization. A hacker is someone who engages in 
this activity. They use computers for malevolent purposes such 
as invasion of privacy, theft of corporate and individual data, 
and more.
2. Explain ethical hacking?
When someone performs penetration testing or intrusion 
testing on behalf of the owner of a software system, program, 
network, or other computing resources, they are considered to 
be ethical hackers because they are looking for loopholes and 
vulnerabilities that a malevolent hacker could use.
www.infosectrain.com | [email protected]
3. What are the different categories of hackers?
There are three categories of hackers, each with a different goal and 
legality of the action.
Black Hat: The black hat hackers are responsible for creating malware. 
They obtain unauthorized access to data or network, causing it to be 
damaged and stealing critical data.
White Hat: These are known as ethical hackers. They are widely used by 
organizations or government bodies to identify weaknesses.
Grey Hat: The grey hat hacker is the combination of both black and white 
hats, they find the weakness of the network or device without the 
permission or knowledge of the owner. Their objective is to bring the 
system’s vulnerabilities to the customer’s attention and seek 
compensation or an enticement from the owner.
Besides these well-known hackers, there are a variety of hackers based on 
what they hack and how they hack:
www.infosectrain.com | [email protected]
Hacktivist: A person who uses technology to spread social, religious, or 
political messages. Website defacement or Denial-of-Service assaults are 
common examples of hacktivism.
Script Kiddie: The person who accesses a computer system using automation 
tools written by others and has little understanding of the fundamental 
concept, known as Script Kiddie.
Elite Hackers: This is a term used among hackers to describe the most 
proficient hackers.
Neophyte: They’re also known as green hat hackers or beginner hackers 
because they have no prior experience with technology or hacking.
Blue Hat: Those who are not affiliated with computer security consulting firms 
seek to do a bug test on a system before its release to identify flaws and plug 
gaps.
Red Hat:  They are a hybrid of both white hat and black hat hackers, and are 
typically engaged by top intelligence services, government entities, and other 
firms that handle sensitive data.
www.infosectrain.com | [email protected]
4. Explain different types of hacking?
Hacking is classified into the following types, based on the category of 
being hacked:
Website hacking: It refers to unlawful access to a web server and its 
connected software, such as databases and interfaces, as well as the 
alteration of data.
Network hacking: It refers to collecting network data using tools such as 
Telnet, ping, and so on, with the goal of serious harm to the network and 
disturbing its functions.
Email hacking: Email hacking means accessing customers’ email accounts 
and utilizing them without permission.
Password hacking: It is a process of recovering secret passwords from 
data stored on multiple platforms.
Computer hacking: Using hacking tactics, refers to gaining illegal access to 
a computer and stealing data such as a computer login and Information.
www.infosectrain.com | [email protected]
5. What kind of tools are used in ethical hacking?
Following are the most common ethical hacking tools:
•John and Ripper
•Metasploit
•Nmap
•Acunetix
•Wireshark
•SQLMap
•OpenVAS
•IronWASP
•Nikto
•Netsparker
www.infosectrain.com | [email protected]
6. Explain various stages of hacking?
Hacking is divided into five stages:
Reconnaissance: This is the primary stage of hacking, also known as the 
information gathering and footprinting phase. In this stage, hackers collect as 
much as information about the target. It includes network, host, DNS records, and 
more.
Scanning: It examines the network using the data collected during reconnaissance.
Achieving access: The stage in which attackers use various tools and tactics to gain 
access to a system or network.
Keeping access open: Once attackers have gained access, they want to keep it for 
further attacks and operations. This can be accomplished through the use of 
malware, spyware, and other malicious software.
Covering tracks: Once the attackers have gained and maintained access, they hide 
their traces to prevent identification. It includes changing/deleting/corrupting the 
value of logs, erasing all evidence of work, uninstalling software, deleting files, and 
other tasks.
www.infosectrain.com | [email protected]
7.What is the distinction between hashing and encryption?
Hashing Encryption
•Hashing is a technique for verifying •Whereas encryption ensures data 
the content’s authenticity privacy and security
•Hashing is a one-way function that •Encryption is a two-way process that 
converts plain text into an encrypts and decrypts information
unchangeable unique sequence
8. What exactly do you understand when you say “keystroke logging”?
Keystroke logging (sometimes called keylogging or keyboard capturing) is a 
technique for recording keystrokes. It’s a form of monitoring software that 
records every input on the keyboard. Every keystroke is recorded, and data is 
accessed by using the logging program.
www.infosectrain.com | [email protected]
9. What exactly do you mean by Trojan and how do you classify them?
A Trojan is a sort of malware that is frequently created by hackers or attackers to obtain 
access to target computers. Users are tricked by some appealing social media 
advertisements and then led to fake links, where Trojans are loaded and run on their 
devices.
Types of Trojan:
Trojan downloader: It is a virus that downloads and installs other viruses.
Ransomware: This type of malware encrypts the data on your device/system.
Trojan-droppers: These are advanced programs that attackers utilize to install malware. 
Because most antivirus products do not detect droppers as dangerous, they are used to 
install malware.
Trojan banker: These cybercriminals collect user account information such as credit card 
numbers and online banking passwords.
Trojan-backdoor: It is the most common sort of Trojan, and it builds a backdoor that 
allows attackers to gain access to the machine, later from a remote location using a 
Remote Access Tool (RAT). This Trojan gives you complete control over your computer.
www.infosectrain.com | [email protected]
10. What exactly do you mean by “exploitation”?
Exploitation is a feature of pre-programmed software or scripts that enable 
attackers to obtain control of the specified system/network and attack its 
vulnerabilities. To detect these vulnerabilities, most hackers utilize scanners 
such as OpenVAS, Nessus, and others.
11. What exactly is enumeration in the context of ethical hacking?
The first phase of ethical hacking is enumeration, which is information 
collection. During this phase, the attacker establishes an active connection 
with the target and attempts to gather as much data as possible to identify 
system vulnerabilities or weaknesses and further take advantage of the 
system. Enumeration gathers information on the following topics:
•Password policies list
•IP tables
•Network share
•Username of different system
•SNMP data
www.infosectrain.com | [email protected]
12. Describe MIB?
The Management Information Base (MIB) is a collection of network components 
that are accessed remotely. It comprises all of the technical specifications of the 
network objects that a network management system is observing. The MIB 
database object serves as a point of reference for a comprehensive set of 
management data on a network system.
13. What is footprinting?
Footprinting is a methodology for gathering as much information about the 
specified infrastructure as possible in order to carry out a successful cyber 
operation. It also determines the user’s defense capabilities. A hacker can gather 
information about a domain name, IP address, namespace, employee information, 
contact information, mails, and employee data during this period. It is divided into 
two parts:
Active footprinting: It collects data by direct contact through the target network.
Passive footprinting: It gathers data from a target network that is located far away 
from the attacker.
www.infosectrain.com | [email protected]
14. What exactly is DNS(Domain Name System) Cache Poisoning?
DNS cache poisoning is a method of diverting internet traffic away from real 
servers and towards misleading ones by exploiting DNS flaws. DNS spoofing is 
another term for it.
15. What exactly is a DDoS assault, and how does it perform?
Distributed Denial of Service(DDoS) is a type of attack, where numerous affected 
systems are frequently infected with a virus and leveraged to target a single 
system, resulting in a DoS (Denial of Service) attack.
It is an attempt to keep a webpage or online service unavailable by flooding it 
with massive amounts of traffic from several sources.
16. What exactly is a phishing attack?
Phishing is a process or an attempt to get sensitive information such as user data, 
credit card numbers, and so on. These attacks usually happen while using 
personal emails or social media sites, as well as online purchases and other 
services.
www.infosectrain.com | [email protected]
17. What are the different types of attacks?
Following are the different types of attacks:
•Vishing
•Phishing
•Tailgating
•Pretexting
•Quid pro quo
•Baiting
•Spear phishing
18. Explain a rogue DHCP server?
It is a DHCP server that is installed on a network or system by an attacker, 
which did not come under the supervision of system/network 
administrators. It could be a modem or router.
Attackers mainly deploy rogue DHCP servers for network attacks such as 
reconnaissance, sniffing, and man-in-the-middle assaults.
www.infosectrain.com | [email protected]
19. Describe ARP poisoning?
It is also known as ARP routing or ARP spoofing. It is a method of attack 
where attackers change the MAC(Media Access Control) address and target 
the ethernet LAN network by modifying the target computer’s ARP cache 
with faked requests and reply packets.
20. What do you mean by fingerprinting?
Fingerprinting is a method to determine which operating system is installed 
on a remote device.
CEH Certification with InfosecTrain
The CEH exam is challenging, and that is its glory. InfosecTrain provides 
premium training for those who wish to advance their career in the IT Field. 
InfosecTrain’s trainers are extremely well-versed in a wide range of fields. 
We’re a world-class training company with a global reputation for excellence 
in training. Enroll in InfosecTrain’s CEH certification training courses to begin 
your preparations.
www.infosectrain.com | [email protected]
About InfosecTrain
• Established in 2016, we are one of the finest 
Security and Technology Training and 
Consulting company
• Wide range of professional training programs, 
certifications & consulting services in the IT 
and Cyber Security domain
• High-quality technical services, certifications 
or customized training programs curated with 
professionals of over 15 years of combined 
experience in the domain
www.infosectrain.com | [email protected]
Our Endorsements
www.infosectrain.com | [email protected]
Why InfosecTrain Global Learning Partners
Certified and Flexible modes Access to the 
Experienced Instructors of Training recorded 
sessions
Post training Tailor Made 
completion Training
www.infosectrain.com | [email protected]
Our Trusted Clients
www.infosectrain.com | [email protected]

Contact us
Get your workforce reskilled 
by our certified and 
experienced instructors!
IND: 1800-843-7890 (Toll Free) / US: +1 657-221-
1127  / UK : +44 7451 208413
[email protected]
www.infosectrain.com