The Certified Ethical Hacker (C|EH v12) program is one of the most respected certifications in the cybersecurity field. It has been the world’s number one ethical hacking certification for 20 years and is continuously ranked number one in ethical hacking certification by different firms.

1. Top 20 Ethical Hacker
Interview Questions

2. www.infosectrain.com | sales@infosectrain.com 01
An ethical hacker assists an organization in securing data and
valuable information. They usually do this by performing penetration
testing and breaking into the network of the authorized organization
and bringing them to notice all the vulnerabilities and loopholes in
the system. This way the highlighted flaws can be fixed before a
malicious hacker can exploit them.
Due to the growing cyber crimes and hacking events, ethical hackers
are in high demand and fairly compensated in the corporate world.
You’re on the right page if you are planning to build a career in this
field. We have a list of the top 20 questions that are asked to an
ethical hacker in the interview.

3. www.infosectrain.com | sales@infosectrain.com 02
1. Define ethical hacking?
Ethical hacking is when a person is permitted to hack a system with
the product owner’s consent in order to identify and repair flaws in
the system.
2. What are the various types of ethical hacking?
There are several types of hacking, like:
• Computer Hacking
• Password Hacking
• Website Hacking
• Network Hacking
• Email Hacking
3. What exactly is a Brute Force Attack?
Brute force attacking is a method of cracking passwords and gaining
access to the system. The hacker attempts to break the password by
using all conceivable combinations of letters, numbers, special
characters, and small and capital letters. It employs tools such as
‘Hydra.’
4. What are some of the most often used tools among ethical
hackers?
• Meta Sploit
• Wire Shark
• NMAP
• John The Ripper
• Maltego

4. www.infosectrain.com | sales@infosectrain.com 03
5. What sorts of ethical hackers are there?
There are various types of ethical hackers:
• Grey Box hackers or Cyber warrior
• Black Box penetration Testers
• White Box Penetration Testers
• Certified Ethical hacker
6. What is SQL injection, and how does it work?
SQL injection, often known as SQLI, is a typical attack vector in which
malicious SQL code is used to manipulate backend databases and
get access to data that was not intended to be shown. This data
might encompass everything from sensitive corporate data to user
lists to private consumer information.
7. What are the different sorts of social engineering assaults that
use computers? What is the definition of phishing?
Computer-assisted social engineering assaults are on the rise.
• Phishing
• Baiting
• Online scams
Phishing is a method that includes impersonating a legitimate
system by sending fake emails, chats, or websites in order to steal
information from the original website.

5. www.infosectrain.com | sales@infosectrain.com 04
8. What is Network Sniffing and how does it work?
Data traveling over computer network links are monitored by a
network sniffer. The sniffer tool can assist you in locating network
problems by allowing you to capture and view packet-level data on
your network. Sniffers may be used to both steal information from a
network and administer a network legitimately.
9. What is ARP spoofing or ARP poisoning?
ARP (Address Resolution Protocol) is a type of attack in which an
attacker modifies the target computer’s MAC (Media Access Control)
address and assaults an internet LAN by injecting forged ARP request
and reply packets into the target computer’s ARP cache.
10. What is the difference between Pharming and Defacement?
Pharming: In this approach, the attacker hacks DNS (Domain Name
System) servers or the user’s computer, redirecting traffic to a
malicious website.
Defacement: The attacker replaces the organization’s website with a
different one using this approach. It includes the hacker’s name,
pictures, and maybe even messages and music.
11. What is the definition of enumeration?
The extraction of a system’s machine name, user names, network
resources, shares, and services is called Enumeration. Enumeration
techniques are used in an intranet environment.

6. www.infosectrain.com | sales@infosectrain.com 05
12. What are the different types of ethical hacking enumerations?
The following are the many enumerations accessible in ethical
hacking:
13. What exactly is NTP?
NTP (Network Time Protocol) is used to synchronize the clocks of
networked computers. UDP port 123 is utilized as the primary mode of
communication for the server. NTP can keep time to within 10
milliseconds across the internet.
14. What exactly is MIB?
MIB stands for Management Information Base, and it is a type of
virtual database. It offers a formal definition of all network objects
that may be handled with SNMP. The MIB database is hierarchical,
with Object Identifiers (OID) used to address each managed item.
• DNS enumeration
• NTP enumeration
• SNMP enumeration
• Linux/Windows enumeration
• SMB enumeration
15. What are the different kinds of password cracking techniques?
There are several different sorts of password cracking techniques:
• Brute Force Attack
• Hybrid Attack
• Syllable Attack
• Rule-Based Attack

7. www.infosectrain.com | sales@infosectrain.com 06
16. What are the different stages of hacking?
The various stages of hacking are as follows:
• Reconnaissance
• Scanning
• Gaining Access
• Maintaining Access
• Clearing Tracks
17. How can one protect himself from being hacked?
Yes, a computer system or network may be secured against hacking
by following these approaches:
• Updating the operating systems for security updates
• Formatting any device intended to sell
• Securing the Wi-Fi with a strong password
• Using memorable and tough security answers
• Emailing via a trusted source
• Not storing any sensitive information on cloud
18. How will you differentiate between an IP and a Mac address?
IP address: An IP address is assigned to each device. An IP address is
a number assigned to a network connection.
MAC address: A MAC address is a one-of-a-kind serial identifier
issued to each network interface on a device.
The main difference is that a MAC address uniquely identifies a
device that wishes to join a network, whereas an IP address uniquely
specifies a network connection with a device’s interface.

8. www.infosectrain.com | sales@infosectrain.com 07
19. What is CSRF (Cross-Site Request Forgery) and how does it work?
What can you do to avoid this?
Cross-Site Request Forgery, often known as CSRF, is an attack in
which a malicious website sends a request to a web application that
a user has already authenticated against on another website. To
avoid CSRF, attach a random challenge token to each request and
link it to the user’s session. It assures the developer that the request
is coming from a legitimate source. For example, a person is signed
in to their online banking platform, which has a low level of security,
and by clicking a “download” button on an untrustworthy site, it
maliciously makes a money transfer request on their behalf through
their current online banking session. Without your express
authorization, compromised sites can divulge information or conduct
acts as authorized users.
20. What exactly do you mean when you say “keystroke logging”?
Keystroke logging, often known as keylogging or keyboard capture, is
a method of recording keystrokes. It’s a sort of surveillance software
that captures every keystroke on the keyboard. Every keystroke is
recorded, and data is accessed by using the logging application.

9. www.infosectrain.com | sales@infosectrain.com