Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Black box test






2. Hex 14






3. A person or entity indirectly involved in a relationship between two principles.






4. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.






5. A small Trojan program that listens on port 777.






6. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)






7. The potential for damage to or loss of an IT asset






8. The exploitation of a security vulnerability






9. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






10. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.






11. A host designed to collect data on suspicious activity.






12. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.






13. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






14. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






15. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.






16. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






17. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.






18. A list of IP addresses and corresponding MAC addresses stored on a local computer.






19. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






20. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






21. A documented process for a procedure designed to be consistent - repeatable - and accountable.






22. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






23. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






24. Port 31337






25. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






26. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.






27. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.






28. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






29. The process of embedding information into a digital signal in a way that makes it difficult to remove.






30. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






31. The steps taken to gather evidence and information on the targets you wish to attack.






32. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par






33. ICMP Timestamp






34. A virus that plants itself in a system's boot sector and infects the master boot record.






35. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.






36. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.






37. A piece of code intentionally inserted into a software system that will perform a malicious function when specified conditions are met at some future point.






38. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






39. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






40. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.






41. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio






42. A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.






43. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






44. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






45. nmap






46. ICMP Type/Code 3-13






47. Paranoid scan timing






48. Microsoft SID 500






49. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c






50. Sneaky scan timing







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests