Log in Start practising free
Certified Ethical Hacker (CEH)

Sniffing, Social Engineering & DoS

34 free practice questions with explanations

Practise all 34 questions free →

PassNova has 34 free Certified Ethical Hacker (CEH) practice questions on Sniffing, Social Engineering & DoS, each with a clear explanation. Practise them in the browser with instant feedback — 100% free, no sign-up, on any device. Updated for 2026.

Sample questions

Sniffing, Social Engineering & DoS: example questions & answers

Here are 6 example questions from this topic. Practise the full set of 34 free in the browser.

  1. On a switched network, which attack floods the switch's CAM table to force it to behave like a hub, allowing the attacker to capture traffic?

    • A DNS spoofing
    • B Smurf attack
    • C MAC flooding
    • D ARP poisoning

    Answer: MAC flooding overwhelms the switch's limited CAM table so it fails open and broadcasts frames out all ports, letting the attacker sniff traffic not intended for them.

  2. In an ARP poisoning attack, what does the attacker send to associate their MAC address with the victim's or gateway's IP address?

    • A TCP RST packets
    • B Forged DNS responses
    • C Gratuitous/spoofed ARP replies
    • D ICMP redirect messages only

    Answer: The attacker sends spoofed ARP replies that map their own MAC address to a target IP (such as the default gateway), redirecting traffic through the attacker for a man-in-the-middle position.

  3. Which tool is the industry-standard packet analyzer used to capture and inspect network traffic in detail?

    • A Wireshark
    • B Nessus
    • C SQLmap
    • D Hashcat

    Answer: Wireshark is the de facto packet-capture and protocol-analysis tool, allowing deep inspection of individual frames and reassembled streams.

  4. A social-engineering email impersonates a bank and directs a specific senior executive to a fake login page. This targeted attack is best described as:

    • A Shoulder surfing
    • B Spear phishing (whaling when aimed at executives)
    • C Tailgating
    • D Dumpster diving

    Answer: Targeting a specific individual is spear phishing; when that individual is a high-value executive it is often called whaling. Both rely on tailored, deceptive messages.

  5. An attacker follows an authorized employee through a secured door without using their own credentials. This physical social-engineering technique is called:

    • A Vishing
    • B Pretexting
    • C Phishing
    • D Tailgating (piggybacking)

    Answer: Tailgating, also known as piggybacking, is the act of slipping through a controlled access point by closely following a legitimate, authorized person.

  6. In a SYN flood denial-of-service attack, what resource on the target is primarily exhausted?

    • A Disk storage capacity
    • B The table of half-open TCP connections (connection backlog)
    • C The DNS cache
    • D The TLS certificate store

    Answer: A SYN flood sends many SYN packets without completing the handshake, filling the server's backlog of half-open connections so it cannot accept legitimate requests.

Start practising Sniffing, Social Engineering & DoS →
More Certified Ethical Hacker (CEH) topics

Practise another topic

Footprinting & Reconnaissance35 questions System Hacking & Malware35 questions Scanning & Enumeration34 questions Wireless, Cryptography & Cloud34 questions Web, Application & SQL Injection Attacks28 questions
← Back to Certified Ethical Hacker (CEH)