Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






2. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






3. An early network application that provides information on users currently logged on to a machine.






4. Any network incident that prompts some kind of log entry or other notification.






5. Black hat






6. An HTTP command to transmit text to a web server for processing. The opposite of an HTTP GET.






7. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption






8. A protocol used for sending and receiving log information for nodes on a network.






9. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.






10. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






11. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.






12. Hashing algorithm that results in a 128-bit output.






13. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






14. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.






15. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






16. A storage buffer that transparently stores data so future requests for the same data can be served faster.






17. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






18. nmap






19. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






20. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






21. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






22. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






23. Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information.






24. A type of malware that covertly collects information about a user.






25. 18 U.S.C. 1030






26. A portion of memory used to temporarily store output or input data.






27. Transmitting one protocol encapsulated inside another protocol.






28. A business - government agency - or educational institution that provides access to the Internet.






29. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






30. Port 22






31. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu






32. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






33. A group of experts that handles computer security incidents.






34. MAC Flooding






35. UDP Scan






36. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






37. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






38. CAN-SPAM






39. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






40. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.






41. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






42. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






43. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






44. A social-engineering attack that manipulates the victim into calling the attacker for help.






45. A person or entity indirectly involved in a relationship between two principles.






46. A Windows-based GUI version of nmap.






47. Using conversation or some other interaction between people to gather useful information.






48. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






49. Formal description and evaluation of the vulnerabilities in an information system






50. RPC Scan







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests