CEH - Certified Ethical Hacker Practice Questions: Footprinting and Reconnaissance Domain

Published: June 9, 2025 | 5 min read

Test your CEH - Certified Ethical Hacker knowledge with 5 practice questions from the Footprinting and Reconnaissance domain. Includes detailed explanations and answers.

CEH - Certified Ethical Hacker Practice Questions

Master the Footprinting and Reconnaissance Domain

Test your knowledge in the Footprinting and Reconnaissance domain with these 5 practice questions. Each question is designed to help you prepare for the CEH - Certified Ethical Hacker certification exam with detailed explanations to reinforce your learning.

Question 1

You need to identify potential employee email addresses for a phishing assessment. Which tool or technique should you employ to gather a list of email addresses associated with the target organization?

A) Metasploit

B) TheHarvester

C) Wireshark

D) Hydra

Show Answer & Explanation

Correct Answer: B

Explanation: TheHarvester is a tool specifically designed to gather email addresses and other information from public sources, making it ideal for identifying potential target emails. Metasploit is used for exploitation, Wireshark for packet analysis, and Hydra for password cracking.

Question 2

During a penetration test, you are tasked with gathering information about a target company's domain and network infrastructure. Which tool would be most effective in retrieving DNS records to map out the domain structure?

A) Dig

B) Wireshark

C) Metasploit

D) Nmap

Show Answer & Explanation

Correct Answer: A

Explanation: Dig is a command-line tool used to query DNS records directly, making it ideal for gathering DNS-related information during reconnaissance.

Question 3

During the reconnaissance phase, you need to find the IP address range used by the target organization. Which of the following would provide the most direct information?

A) Using a port scanner

B) Conducting a traceroute

C) Performing a WHOIS lookup

D) Using a vulnerability scanner

Show Answer & Explanation

Correct Answer: C

Explanation: WHOIS lookup can provide IP address range information by querying the registered details of the domain, which often includes IP address blocks.

Question 4

Which of the following is a non-intrusive method for discovering the software version of a web server?

A) Brute Force Attack

B) Banner Grabbing

C) SQL Injection

D) ARP Spoofing

Show Answer & Explanation

Correct Answer: B

Explanation: CORRECT: Banner Grabbing involves sending requests to a server to capture the server's banner, which often contains software version information. OPTION A: Brute Force Attack is intrusive and used for password cracking. OPTION B: Banner Grabbing is non-intrusive and effective for discovering software versions. OPTION C: SQL Injection is an attack method, not used for version discovery. OPTION D: ARP Spoofing is a network attack technique, not used for version discovery.

Question 5

During a reconnaissance phase, an ethical hacker wants to gather information about a company's external network. Which of the following tools would be most effective for DNS enumeration?

A) Wireshark

B) Nmap

C) Fierce

D) Burp Suite

Show Answer & Explanation

Correct Answer: C

Explanation: CORRECT: Fierce is specifically designed for DNS enumeration and can help discover subdomains and other DNS-related information. OPTION A: Wireshark is a network protocol analyzer, not primarily used for DNS enumeration. OPTION B: Nmap is a network scanner, but not the most effective tool for DNS enumeration. OPTION C: Fierce is the correct tool for DNS enumeration. OPTION D: Burp Suite is used for web application testing, not DNS enumeration.

Ready to Accelerate Your CEH - Certified Ethical Hacker Preparation?

Join thousands of professionals who are advancing their careers through expert certification preparation with FlashGenius.

  • ✅ Unlimited practice questions across all CEH - Certified Ethical Hacker domains
  • ✅ Full-length exam simulations with real-time scoring
  • ✅ AI-powered performance tracking and weak area identification
  • ✅ Personalized study plans with adaptive learning
  • ✅ Mobile-friendly platform for studying anywhere, anytime
  • ✅ Expert explanations and study resources
Start Free Practice Now

Already have an account? Sign in here

About CEH - Certified Ethical Hacker Certification

The CEH - Certified Ethical Hacker certification validates your expertise in footprinting and reconnaissance and other critical domains. Our comprehensive practice questions are carefully crafted to mirror the actual exam experience and help you identify knowledge gaps before test day.

📘 Looking for the full study guide?
Check out our comprehensive guide: CEH Mock Exam Mastery: Practice Questions & Insights