Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A computer network confined to a relatively small area - such as a single building or campus.






2. Hex 12






3. Shifting responsibility from one party to another






4. ACK Scan






5. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






6. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






7. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.






8. An Application layer protocol for managing devices on an IP network.






9. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.






10. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






11. Ports 20/21






12. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






13. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


14. nmap






15. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






16. A protocol defining packets that are able to be routed by a router.






17. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.






18. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






19. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.






20. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.






21. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






22. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.






23. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






24. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






25. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






26. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






27. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.






28. The conveying of official access or legal power to a person or entity.






29. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






30. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.






31. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.






32. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






33. Monitoring of telephone or Internet conversations - typically by covert means.






34. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






35. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






36. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






37. Ping Scan






38. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).






39. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






40. A command used in HTTP and FTP to retrieve a file from a server.






41. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






42. A free and popular version of the Unix operating system.






43. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






44. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






45. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






46. TCP Ping






47. Sneaky scan timing






48. A protocol used for sending and receiving log information for nodes on a network.






49. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






50. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).