Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






2. The potential for damage to or loss of an IT asset






3. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






4. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






5. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.






6. A routing protocol developed to be used within a single organization.






7. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.






8. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






9. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.






10. Nmap grepable output






11. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






12. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






13. In computer security - this is an algorithm that uses separate keys for encryption and decryption.






14. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.






15. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.






16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






17. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.






18. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






19. A storage buffer that transparently stores data so future requests for the same data can be served faster.






20. An early network application that provides information on users currently logged on to a machine.






21. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






22. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






23. White hat






24. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.






25. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






26. The process of determining if a network entity (user or service) is legitimate






27. Port 135






28. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.






29. PI and PT Ping






30. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






31. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






32. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






33. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with






34. Hex 04






35. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






36. Polite scan timing






37. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






38. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.






39. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.






40. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.






41. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






42. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. Attacks on the actual programming code of an application.






44. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






45. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.






46. Incremental Substitution






47. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






48. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.






49. An Internet routing protocol used to exchange routing information within an autonomous system.






50. Policy stating what users of a system can and cannot do with the organization's assets.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests