SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.
quality of service (QoS)
XOR Operation
Acceptable Use Policy (AUP)
Defense in Depth
2. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
Covert Channel
Acknowledgment (ACK)
intrusion detection system (IDS)
security controls
3. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
Information Technology (IT) asset criticality
rootkit
Wi-Fi Protected Access (WPA)
Brute-Force Password Attack
4. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
integrity
false negative
Wired Equivalent Privacy (WEP)
TACACS
5. ICMP Type/Code 11
Finger
Mantrap
Time exceeded
Information Technology (IT) asset criticality
6. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
Last In First Out (LIFO)
route
Data Encryption Standard (DES)
NetBSD
7. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
Cryptography
protocol stack
Internet Protocol Security (IPSec) architecture
Electronic serial number
8. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Cookie
Asymmetric
gray box testing
Availability
9. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
intrusion detection system (IDS)
Competitive Intelligence
segment
Information Technology Security Evaluation Criteria (ITSEC)
10. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
Wireless Local Area Network (WLAN)
ring topology
Covert Channel
Worm
11. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
segment
Sign in Seal
Wrapper
private network address
12. don't ping
Tunneling Virus
hardware keystroke logger
Hypertext Transfer Protocol Secure (HTTPS)
-P0
13. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Eavesdropping
private key
CNAME record
Acknowledgment (ACK)
14. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
Threat
ping sweep
Internet Protocol (IP)
security breach or security incident
15. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
smart card
Dumpster Diving
Wrapper
Methodology
16. Ping Scan
NOP
-sP
Written Authorization
Distributed DoS (DDoS)
17. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
Virtual Local Area Network (VLAN)
Traceroute
port scanning
parallel scan & 75 sec timeout & 0.3 sec/probe
18. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
false rejection rate (FRR)
802.11 i
Multipartite virus
route
19. A tool that helps a company to compare its actual performance with its potential performance.
-oG
gap analysis
risk assessment
symmetric algorithm
20. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.
Electronic Code Book (ECB)
Due Diligence
overt channel
hybrid attack
21. Vulnerability Scanning
Wireless Local Area Network (WLAN)
-sA
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Accountability
22. A list of IP addresses and corresponding MAC addresses stored on a local computer.
Information Technology (IT) infrastructure
forwarding
LDAP
Address Resolution Protocol (ARP) table
23. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur
Minimum acceptable level of risk
router
-sO
Boot Sector Virus
24. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Service Set Identifier (SSID)
false negative
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
shoulder surfing
25. Describes practices in production and development that promote access to the end product's source materials.
CIA triangle
Vulnerability Scanning
open source
Application Layer
26. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.
role-based access control
Extensible Authentication Protocol (EAP)
Detective Controls
inference attack
27. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
footprinting
Timestamping
Adware
RPC-DCOM
28. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
CAM table
open source
MD5
ECHO reply
29. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
Cache
Bluetooth
Trojan Horse
Syslog
30. A protocol that allows a client computer to request services from a server and the server to return the results.
remote procedure call (RPC)
Self Replicating
Trusted Computer System Evaluation Criteria (TCSEC)
risk assessment
31. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
Exploit
-sV
Cache
enumeration
32. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Assessment
security breach or security incident
human-based social engineering
Address Resolution Protocol (ARP)
33. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
public key infrastructure (PKI)
Covert Channel
network interface card (NIC)
Cold Site
34. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Vulnerability Assessment
Post Office Protocol 3 (POP3)
Due Care
Hypertext Transfer Protocol (HTTP)
35. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
SSH
Zone transfer
Interior Gateway Protocol (IGP)
red team
36. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t
impersonation
logic bomb
Tiger Team
Brute-Force Password Attack
37. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
Black Hat
-sV
Biometrics
Asset
38. The default network authentication suite of protocols for Windows NT 4.0
Wiretapping
Time exceeded
Pretty Good Privacy (PGP)
NT LAN Manager (NTLM)
39. Controls to detect anomalies or undesirable events occurring on a system.
rootkit
Detective Controls
Lightweight Directory Access Protocol (LDAP)
Point-to-Point Protocol (PPP)
40. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
private network address
Transport Layer Security (TLS)
Database
Service Set Identifier (SSID)
41. Formal description and evaluation of the vulnerabilities in an information system
Archive
Multipurpose Internet Mail Extensions (MIME)
Domain Name System (DNS) lookup
Vulnerability Assessment
42. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.
Warm Site
Directory Traversal
Confidentiality
Blowfish
43. Port 53
Daisy Chaining
-sP
keylogger
DNS
44. Nmap ml output
intranet
fragmentation
-oX
No previous knowledge of the network
45. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
impersonation
Network Address Translation (NAT)
Denial of Service (DoS)
node
46. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
-b
Digital Certificate
Hypertext Transfer Protocol Secure (HTTPS)
Kerberos
47. White hat
Hacks with permission
Backdoor
replay attack
Decryption
48. A person or entity indirectly involved in a relationship between two principles.
-sR
false rejection rate (FRR)
Denial of Service (DoS)
Third Party
49. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
infrastructure mode
Network Basic Input/Output System (NetBIOS)
rule-based access control
NT LAN Manager (NTLM)
50. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
Anonymizer
Google hacking
Competitive Intelligence
Authentication Header (AH)