SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A tool that helps a company to compare its actual performance with its potential performance.
Fraud and related activity in connection with computers
gap analysis
fully qualified domain name (FQDN)
Transport Layer Security (TLS)
2. A data encryption/decryption program often used for e-mail and file storage.
session splicing
Countermeasures
reverse social engineering
Pretty Good Privacy (PGP)
3. A protocol defining packets that are able to be routed by a router.
Algorithm
routed protocol
smart card
Internet Control Message Protocol (ICMP)
4. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
Cryptographic Key
LDAP
hot site
Challenge Handshake Authentication Protocol (CHAP)
5. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.
Directory Traversal
Acknowledgment (ACK)
Third Party
physical security
6. Establish Null Session
remote access
net use \[target ip]IPC$ '' /user:''
Network Basic Input/Output System (NetBIOS)
-sL
7. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr
-sR
quantitative risk assessment
Redundant Array of Independent Disks (RAID)
parallel scan
8. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
ring topology
Syslog
gray hat
Smurf attack
9. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.
U P F
SNMP
keylogger
Contingency Plan
10. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
Eavesdropping
Level I assessment
Wired Equivalent Privacy (WEP)
Exploit
11. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
NetBus
Methodology
RxBoot
Routing Information Protocol (RIP)
12. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
International Organization for Standardization (ISO)
private network address
Blowfish
intrusion prevention system (IPS)
13. An Application layer protocol for sending electronic mail between servers.
Banner Grabbing
FTP
Simple Mail Transfer Protocol (SMTP)
Uniform Resource Locator (URL)
14. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.
Bluesnarfing
intranet
Information Technology (IT) infrastructure
A R
15. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
Authentication Header (AH)
Bluetooth
smart card
Request for Comments (RFC)
16. A person or entity indirectly involved in a relationship between two principles.
Virus
Information Technology (IT) security architecture and framework
802.11 i
Third Party
17. A group of people - gathered together by a business entity - working to address a specific problem or goal.
HIDS
Threat
session hijacking
Tiger Team
18. Hex 29
Access Control List (ACL)
public key infrastructure (PKI)
parallel scan
U P F
19. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Fraud and related activity in connection with computers
remote procedure call (RPC)
session splicing
Asymmetric Algorithm
20. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
single loss expectancy (SLE)
Third Party
Interior Gateway Protocol (IGP)
Data Encryption Standard (DES)
21. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
site survey
Buffer
Possession of access devices
serialize scans & 15 sec wait
22. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Eavesdropping
Countermeasures
Tiger Team
Cache
23. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
RxBoot
White Box Testing
Database
parallel scan & 300 sec timeout & 1.25 sec/probe
24. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
red team
Virus Hoax
Rijndael
Audit Trail
25. Window Scan
Back orifice
infrastructure mode
-sW
Zone transfer
26. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.
security kernel
HTTP tunneling
limitation of liability and remedies
network tap
27. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
hacktivism
Uniform Resource Locator (URL)
Internet Control Message Protocol (ICMP)
NT LAN Manager (NTLM)
28. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
stream cipher
Unicode
key exchange protocol
Self Replicating
29. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.
Acknowledgment (ACK)
inference attack
Macro virus
Warm Site
30. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Domain Name
route
Availability
Vulnerability Management
31. Nmap normal output
Eavesdropping
-oN
replay attack
-PB
32. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
Temporal Key Integrity Protocol (TKIP)
Trojan Horse
Echo Reply
proxy server
33. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.
A
Media Access Control (MAC)
Wired Equivalent Privacy (WEP)
intranet
34. The art and science of creating a covert message or image within another message - image - audio - or video file.
Network Basic Input/Output System (NetBIOS)
War Driving
Accountability
steganography
35. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
Backdoor
Redundant Array of Independent Disks (RAID)
Daisy Chaining
Virtual Private Network (VPN)
36. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Back orifice
Internet service provider (ISP)
Trusted Computer Base (TCB)
Client
37. Phases of an attack
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Computer Emergency Response Team (CERT)
Dumpster Diving
Application-Level Attacks
38. Port 80/81/8080
hash
HTTP
Covert Channel
Malicious code
39. Idlescan
War Driving
OpenBSD
-sI
false rejection rate (FRR)
40. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
Syslog
SOA record
queue
Simple Mail Transfer Protocol (SMTP)
41. A backlog of packets stored in buffers and waiting to be forwarded over an interface.
stateful packet filtering
queue
Worm
HTTP
42. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
False Acceptance Rate (FAR)
CAM table
HIDS
shrink-wrap code attacks
43. 18 U.S.C. 1030
Fraud and related activity in connection with computers
Vulnerability Scanning
Traceroute
-sI
44. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
TACACS
Cookie
Virus
GET
45. ICMP Type/Code 11
Denial of Service (DoS)
NT LAN Manager (NTLM)
Time exceeded
symmetric algorithm
46. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
Telnet
Local Administrator
Wrapper
private key
47. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
Client
-b
Domain Name System (DNS) lookup
out-of-band signaling
48. PI and PT Ping
network interface card (NIC)
GET
-PB
Wiretapping
49. UDP Scan
ISO 17799
-sU
patch
service level agreements (SLAs)
50. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Bluetooth
File Allocation Table (FAT)
Internet Assigned Number Authority (IANA)
