Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






2. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.






3. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.






4. The ability to trace actions performed on a system to a specific user or system entity.






5. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.






6. Port 22






7. Hex 29






8. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






9. TCP connect() scan






10. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






11. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).






12. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






13. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.






14. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.






15. A storage buffer that transparently stores data so future requests for the same data can be served faster.






16. A data encryption/decryption program often used for e-mail and file storage.






17. TCP Ping






18. Controls to detect anomalies or undesirable events occurring on a system.






19. Black box test






20. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.






21. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






22. Window Scan






23. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p






24. A string that represents the location of a web resource






25. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






26. 18 U.S.C. 1030






27. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






28. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






29. nmap






30. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.






31. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.






32. ICMP Type/Code 3






33. The exploitation of a security vulnerability






34. Safeguards or countermeasures to avoid - counteract - or minimize security risks.






35. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






36. The conveying of official access or legal power to a person or entity.






37. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






38. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






39. An Application layer protocol for managing devices on an IP network.






40. A protocol used to pass control and error messages between nodes on the Internet.






41. Monitoring of telephone or Internet conversations - typically by covert means.






42. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






43. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






44. A Canonical Name record within DNS - used to provide an alias for a domain name.






45. An attack that combines a brute-force attack with a dictionary attack.






46. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






47. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all






48. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






49. A tool that helps a company to compare its actual performance with its potential performance.






50. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests