SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
Possession of access devices
private network address
R
Rijndael
2. The potential for damage to or loss of an IT asset
-PB
Discretionary Access Control (DAC)
Algorithm
risk
3. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
Application Layer
Covert Channel
Address Resolution Protocol (ARP)
Asset
4. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
--randomize_hosts -O OS fingerprinting
suicide hacker
SSH
Address Resolution Protocol (ARP)
5. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
public key infrastructure (PKI)
Bluejacking
Vulnerability
Collision
6. A routing protocol developed to be used within a single organization.
serialize scans & 15 sec wait
separation of duties
Network Basic Input/Output System (NetBIOS)
Interior Gateway Protocol (IGP)
7. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
-sT
parallel scan
intrusion detection system (IDS)
Bastion host
8. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
site survey
Common Internet File System/Server Message Block
signature scanning
Certificate
9. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
Wide Area Network (WAN)
-sF
network tap
encapsulation
10. Nmap grepable output
-oG
risk transference
-PT
packet
11. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
Finding a directory listing and gaining access to a parent or root file for access to other files
self encrypting
Multipurpose Internet Mail Extensions (MIME)
network operations center (NOC)
12. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
router
impersonation
Internet Assigned Number Authority (IANA)
risk transference
13. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
-P0
Console Port
Worm
Asymmetric Algorithm
14. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Routing Protocol
Unicode
-sV
session splicing
15. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.
sheepdip
qualitative analysis
Due Diligence
Asset
16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Anonymizer
-PP
serialize scans & 0.4 sec wait
Hypertext Transfer Protocol Secure (HTTPS)
17. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
reverse lookup; reverse DNS lookup
Destination Unreachable
security breach or security incident
honeynet
18. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
risk avoidance
security incident response team (SIRT)
Exploit
logic bomb
19. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Cache
Level III assessment
Macro virus
Asymmetric
20. An early network application that provides information on users currently logged on to a machine.
War Chalking
Finger
War Dialing
gateway
21. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
Routing Protocol
Active Directory (AD)
-PI
Secure Multipurpose Mail Extension (S/MIME)
22. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.
security breach or security incident
White Box Testing
session hijacking
Assessment
23. White hat
Wrapper
POST
Computer-Based Attack
Hacks with permission
24. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.
Audit Data
Network Address Translation (NAT)
footprinting
-sL
25. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Trusted Computer Base (TCB)
Uniform Resource Locator (URL)
port knocking
security controls
26. The process of determining if a network entity (user or service) is legitimate
CAM table
false negative
-b
Authentication
27. Port 135
RPC-DCOM
False Acceptance Rate (FAR)
Last In First Out (LIFO)
Crossover Error Rate (CER)
28. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.
Secure Multipurpose Mail Extension (S/MIME)
Daemon
Domain Name System (DNS)
User Datagram Protocol (UDP)
29. PI and PT Ping
Internet Assigned Number Authority (IANA)
-PB
Transport Layer Security (TLS)
Network Basic Input/Output System (NetBIOS)
30. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
Zone transfer
ping sweep
Discretionary Access Control (DAC)
ring topology
31. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.
SAM
piggybacking
SID
Bluesnarfing
32. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Multipurpose Internet Mail Extensions (MIME)
RPC-DCOM
null session
Secure Sockets Layer (SSL)
33. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
Address Resolution Protocol (ARP)
ISO 17799
Smurf attack
Wireless Local Area Network (WLAN)
34. Hex 04
R
-sV
false rejection rate (FRR)
Vulnerability Scanning
35. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a
honeypot
symmetric encryption
-sX
Demilitarized Zone (DMZ)
36. Polite scan timing
intrusion detection system (IDS)
heuristic scanning
Transmission Control Protocol (TCP)
serialize scans & 0.4 sec wait
37. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.
A S
Asymmetric
INFOSEC Assessment Methodology (IAM)
NetBus
38. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.
Domain Name System (DNS)
Active Attack
Malware
POST
39. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.
iris scanner
POST
No previous knowledge of the network
Written Authorization
40. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
Hierarchical File System (HFS)
reverse lookup; reverse DNS lookup
User Datagram Protocol (UDP)
network interface card (NIC)
41. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.
Biometrics
Address Resolution Protocol (ARP) table
spyware
security bulletins
42. Port Scanning
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. Attacks on the actual programming code of an application.
-sX
Application-Level Attacks
Trojan Horse
Client
44. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption
smart card
Fast Ethernet
Algorithm
Due Diligence
45. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.
Time exceeded
Request for Comments (RFC)
null session
spyware
46. Incremental Substitution
Distributed DoS (DDoS)
Replacing numbers in a url to access other files
Videocipher II Satellite Encryption System
Electronic Code Book (ECB)
47. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
Authentication - Authorization - and Accounting (AAA)
session hijacking
Dumpster Diving
Service Set Identifier (SSID)
48. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.
penetration testing
Algorithm
protocol stack
secure channel
49. An Internet routing protocol used to exchange routing information within an autonomous system.
Interior Gateway Protocol (IGP)
Cookie
Simple Object Access Protocol (SOAP)
Wi-Fi Protected Access (WPA)
50. Policy stating what users of a system can and cannot do with the organization's assets.
qualitative analysis
red team
false rejection rate (FRR)
Acceptable Use Policy (AUP)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests