Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






2. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






3. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the






4. The act of checking some sequence of tokens for the presence of the constituents of some pattern.






5. Normal scan timing






6. An adapter that provides the physical connection to send and receive data between the computer and the network media.






7. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






8. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






9. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






10. 18 U.S.C. 1029






11. Shifting responsibility from one party to another






12. A Windows-based GUI version of nmap.






13. The process of using easily accessible DNS records to map a target network's internal hosts.






14. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






15. Nmap grepable output






16. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






17. The level of importance assigned to an IT asset






18. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






19. Nmap normal output






20. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.






21. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






22. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






23. An e-mail protection method using a secret message or image that can be referenced on any official communication with the site; if an e-mail is received without the image or message - the recipient knows it is not legitimate.






24. A documented process for a procedure designed to be consistent - repeatable - and accountable.






25. An Application layer protocol for managing devices on an IP network.






26. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






27. A virus designed to infect the master boot record.






28. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






29. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption






30. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






31. The act of dialing all numbers within an organization to discover open modems.






32. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.






33. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.






34. A defined measure of service within a network system






35. An HTTP command to transmit text to a web server for processing. The opposite of an HTTP GET.






36. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.






37. Recording the time - normally in a log file - when an event happens or when information is created or modified.






38. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.






39. ICMP Type/Code 11






40. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






41. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






42. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






43. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.






44. Network Scanning






45. A systematic process for the assessment of security vulnerabilities.






46. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.






47. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.






48. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






49. Hex 04






50. The transmission of digital signals without precise clocking or synchronization.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests