SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
false rejection rate (FRR)
GET
EDGAR database
enumeration
2. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.
SID
HTTP tunneling
Hypertext Transfer Protocol Secure (HTTPS)
Kerberos
3. The act of dialing all numbers within an organization to discover open modems.
Daisy Chaining
-sO
War Dialing
firewall
4. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
Hacks with permission
Virtual Local Area Network (VLAN)
reverse social engineering
Internet Protocol (IP)
5. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Level III assessment
Virus Hoax
Transmission Control Protocol (TCP)
Videocipher II Satellite Encryption System
6. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
ring topology
smart card
honeypot
Syslog
7. Version Detection Scan
limitation of liability and remedies
-sV
Level I assessment
Level III assessment
8. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
Traceroute
Access Point (AP)
serialize scans & 0.4 sec wait
Common Internet File System/Server Message Block
9. Window Scan
Request for Comments (RFC)
Accountability
-PP
-sW
10. An Application layer protocol for sending electronic mail between servers.
POP 3
Simple Mail Transfer Protocol (SMTP)
Audit Data
asynchronous transmission
11. ICMP Netmask
Methodology
-PM
CAM table
Directory Traversal
12. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
Ethernet
router
Hypertext Transfer Protocol (HTTP)
protocol
13. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.
Denial of Service (DoS)
Wide Area Network (WAN)
encapsulation
Decryption
14. Recording the time - normally in a log file - when an event happens or when information is created or modified.
-sF
Timestamping
Virtual Local Area Network (VLAN)
Acknowledgment (ACK)
15. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.
NOP
-PS
hot site
Demilitarized Zone (DMZ)
16. A file system used by the Mac OS.
self encrypting
No previous knowledge of the network
Adware
Hierarchical File System (HFS)
17. Hex 29
U P F
Authentication Header (AH)
Point-to-Point Tunneling Protocol (PPTP)
Open System Interconnection (OSI) Reference Model
18. A tool that helps a company to compare its actual performance with its potential performance.
Institute of Electrical and Electronics Engineers (IEEE)
No previous knowledge of the network
gap analysis
CAM table
19. An attack that combines a brute-force attack with a dictionary attack.
Sign in Seal
hybrid attack
Telnet
Open System Interconnection (OSI) Reference Model
20. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
Tunnel
security breach or security incident
symmetric algorithm
MAC filtering
21. Hex 14
symmetric algorithm
NT LAN Manager (NTLM)
A R
Black Box Testing
22. Polymorphic Virus
Unicode
hybrid attack
Zone transfer
self encrypting
23. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.
proxy server
firewall
Adware
Replacing numbers in a url to access other files
24. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.
intranet
rule-based access control
The automated process of proactively identifying vulnerabilities of computing systems present in a network
802.11 i
25. FTP Bounce Attack
packet
Internet service provider (ISP)
queue
-b
26. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.
false rejection rate (FRR)
Wi-Fi
Audit Trail
Black Hat
27. Controls to detect anomalies or undesirable events occurring on a system.
MAC filtering
Detective Controls
pattern matching
War Driving
28. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
serialize scans & 0.4 sec wait
Virtual Private Network (VPN)
Echo Reply
-sO
29. 18 U.S.C. 1030
public key
Lightweight Directory Access Protocol (LDAP)
Wired Equivalent Privacy (WEP)
Fraud and related activity in connection with computers
30. Black hat
Hacks without permission
-sT
War Dialing
Post Office Protocol 3 (POP3)
31. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.
Trojan Horse
Active Attack
Cold Site
Destination Unreachable
32. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.
audit
Detective Controls
session hijacking
reconnaissance
33. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.
Trapdoor Function
serialize scans & 0.4 sec wait
Target Of Engagement (TOE)
parallel scan & 300 sec timeout & 1.25 sec/probe
34. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
signature scanning
Network Address Translation (NAT)
Threat
Directory Traversal
35. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.
ping sweep
hot site
Domain Name
Wide Area Network (WAN)
36. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
Echo Reply
Acknowledgment (ACK)
Audit Trail
Active Directory (AD)
37. A protocol for exchanging packets over a serial line.
Tumbling
Syslog
-sI
Serial Line Internet Protocol (SLIP)
38. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
fragmentation
Unicode
Electronic Code Book (ECB)
Blowfish
39. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
pattern matching
Biometrics
public key
spam
40. A section or subset of the network. Often a router or other routing device provides the end point of the segment.
segment
White Box Testing
serial scan & 300 sec wait
audit
41. An adapter that provides the physical connection to send and receive data between the computer and the network media.
Cryptographic Key
DNS
network interface card (NIC)
false rejection rate (FRR)
42. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
International Organization for Standardization (ISO)
Wireless Local Area Network (WLAN)
CNAME record
Active Directory (AD)
43. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
-PB
War Driving
Acknowledgment (ACK)
Digital Certificate
44. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
Directory Traversal
Boot Sector Virus
Availability
Point-to-Point Protocol (PPP)
45. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
routed protocol
Fast Ethernet
Sign in Seal
The automated process of proactively identifying vulnerabilities of computing systems present in a network
46. A program designed to execute at a specific time to release malicious code onto the computer system or network.
RPC-DCOM
parameter tampering
Time Bomb
Ethical Hacker
47. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
encapsulation
Real application encompassing Trojan
network tap
-PB
48. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
suicide hacker
S
Defense in Depth
-sA
49. A computer process that requests a service from another computer and accepts the server's responses.
Address Resolution Protocol (ARP)
TACACS
Client
Black Hat
50. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
polymorphic virus
Zone transfer
Redundant Array of Independent Disks (RAID)
ring topology