CEH - Certified Ethical Hacker Practice Questions: Enumeration Domain
Test your CEH - Certified Ethical Hacker knowledge with 5 practice questions from the Enumeration domain. Includes detailed explanations and answers.
CEH - Certified Ethical Hacker Practice Questions
Master the Enumeration Domain
Test your knowledge in the Enumeration domain with these 5 practice questions. Each question is designed to help you prepare for the CEH - Certified Ethical Hacker certification exam with detailed explanations to reinforce your learning.
Question 1
While performing enumeration tasks, you receive the results from an SMB scan. Which of the following could SMB enumeration reveal about the target system?
Show Answer & Explanation
Correct Answer: B
Explanation: SMB enumeration can reveal user accounts, shared resources, and potentially sensitive information stored or shared on the network. It does not directly provide open ports, SSL certificate details, or firewall rules.
Question 2
As part of an enumeration phase, you're tasked with identifying shared folders on a target Windows network. Which command provides this information using SMB?
Show Answer & Explanation
Correct Answer: A
Explanation: The 'smbclient -L //targetIP' command lists shared folders on a specified target using the SMB protocol, which is commonly used in Windows networks.
Question 3
You are conducting a penetration test and need to identify email addresses associated with a domain. Which technique would be most useful for this enumeration task?
Show Answer & Explanation
Correct Answer: C
Explanation: Harvesting from public sources such as social media, company websites, and public forums is effective for collecting email addresses. DNS zone transfers and WHOIS lookups provide other types of domain information, and port scanning is unrelated to email enumeration.
Question 4
You're attempting to enumerate a target system's DNS records to gather more information about the domain. Which tool would be most appropriate for this task?
Show Answer & Explanation
Correct Answer: A
Explanation: Nslookup is a network administration command-line tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
Question 5
In a corporate environment, you need to enumerate the wireless networks within range. Which tool would be most appropriate for this task and why?
Show Answer & Explanation
Correct Answer: C
Explanation: Kismet is designed specifically for wireless network detection and enumeration, capturing SSIDs and other network details. Aircrack-ng is used for cracking WEP/WPA keys, Wireshark analyzes traffic but is not specialized for wireless detection, and Nmap is for general network scanning.
Ready to Accelerate Your CEH - Certified Ethical Hacker Preparation?
Join thousands of professionals who are advancing their careers through expert certification preparation with FlashGenius.
- ✅ Unlimited practice questions across all CEH - Certified Ethical Hacker domains
- ✅ Full-length exam simulations with real-time scoring
- ✅ AI-powered performance tracking and weak area identification
- ✅ Personalized study plans with adaptive learning
- ✅ Mobile-friendly platform for studying anywhere, anytime
- ✅ Expert explanations and study resources
Already have an account? Sign in here
About CEH - Certified Ethical Hacker Certification
The CEH - Certified Ethical Hacker certification validates your expertise in enumeration and other critical domains. Our comprehensive practice questions are carefully crafted to mirror the actual exam experience and help you identify knowledge gaps before test day.
Check out our comprehensive guide: CEH Mock Exam Mastery: Practice Questions & Insights
📚 Explore More CEH Practice Questions by Topic
- Introduction to Ethical Hacking
- Footprinting and Reconnaissance
- Scanning Networks
- Enumeration
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Sniffing
- Social Engineering
- Denial of Service (DoS)
- Session Hijacking
- Evading IDS, Firewalls, and Honeypots
- Hacking Web Servers
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- IoT Hacking
- Cloud Computing
- Cryptography
🔐 Certified Ethical Hacker (CEH) Cheat Sheet
Boost your CEH exam prep with our concise, expert-made CEH Cheat Sheet. Covers tools, attack types, protocols, and key concepts — all in one handy reference.
View CEH Cheat Sheet →Certified Ethical Hacker (CEH) – Enumeration Domain: Frequently Asked Questions
Master the CEH Enumeration domain with concise answers to common questions, real-world examples, and direct links to Enumeration-focused practice on FlashGenius.
What is Enumeration in CEH?
Enumeration is the active extraction of detailed information from discovered services and systems—such as usernames, groups, shares, DNS records, SNMP data, and configuration details. It typically follows scanning and helps ethical hackers map attack surfaces more precisely.
Why is Enumeration important for the CEH exam?
Because it turns “open ports and banners” into actionable intelligence. Enumeration frequently reveals valid accounts, misconfigurations, network shares, and service metadata that can be leveraged for privilege escalation or lateral movement—skills CEH tests with scenario-driven questions.
What types of Enumeration should I know for CEH?
- DNS Enumeration: A/AAAA, MX, TXT, NS records; zone transfers; subdomain discovery.
- NetBIOS / SMB: User lists, shares, sessions (
enum4linux,nbtstat). - SNMP: Walking OIDs, community strings (
snmpwalk,snmp-check). - LDAP / AD: Users, groups, policies (
ldapsearch). - SMTP: User discovery via
VRFY/EXPN. - NTP: Time and peer info; potential info leaks.
Which tools are commonly tested for Enumeration?
Nmap (NSE scripts), enum4linux, nbtscan, rpcclient, snmpwalk, snmp-check, ldapsearch, dig/nslookup, basic telnet/nc for banner grabbing, and built‑ins like net or wmic in Windows contexts.
How is Enumeration different from Scanning?
Scanning discovers live hosts, open ports, and service versions. Enumeration dives deeper to pull structured data (users, groups, shares, policies, records) from those services.
What question styles appear for the Enumeration domain in CEH?
- Tool output interpretation (e.g., reading
enum4linuxor Nmap NSE results). - Command selection (pick the right flag/script to enumerate SNMP or LDAP).
- Scenario-based items (identify the next best enumeration step from a given footprint).
What are common mistakes to avoid in Enumeration?
- Skipping default/weak credentials for SNMP or network devices.
- Ignoring DNS & reverse DNS for quick asset discovery.
- Not enabling Nmap NSE scripts suited to detected services.
- Failing to log commands/outputs—hurts analysis and repeatability.
How much weight does Enumeration carry in CEH?
Enumeration typically represents a meaningful portion of the exam (often seen alongside Scanning and System Hacking). Expect ~10–15% of questions to require enumeration knowledge directly or indirectly.
What’s the best way to study Enumeration for CEH?
- Build a small lab and practice tools (DNS, SMB, SNMP, LDAP).
- Use FlashGenius Domain Practice to drill Enumeration-only questions.
- Reinforce terms with Flashcards and review misses via Smart Review.
- Run Exam Simulations to test speed and accuracy under time pressure.
Where can I practice CEH Enumeration questions?
Start here: FlashGenius CEH Practice Tests – Enumeration Domain. Use Domain Practice for focused drilling and Exam Simulation for full‑length assessments.
Get Exam-Ready Faster
- Domain Practice: Drill Enumeration questions with AI explanations.
- Exam Simulation: Full CEH-style timed tests.
- Flashcards & Smart Review: Cement commands, fix weak spots.