Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol defining packets that are able to be routed by a router.






2. ICMP Type/Code 3-13






3. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.






4. A type of denial-of-service attack where a hacker sends thousands of SYN packets to the target with spoofed IP addresses.






5. Black box test






6. A record showing which user has accessed a given resource and what operations the user performed during a given period.






7. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






8. TCP Ping






9. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






10. A business - government agency - or educational institution that provides access to the Internet.






11. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.






12. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.






13. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






14. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






15. A social-engineering attack using computer resources - such as e-mail or IRC.






16. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.






17. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






18. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






19. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






20. The steps taken to gather evidence and information on the targets you wish to attack.






21. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.






22. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






23. ICMP Ping






24. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






25. The exploitation of a security vulnerability






26. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






27. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






28. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






29. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






30. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






31. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






32. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.






33. Two or more LANs connected by a high-speed line across a large geographical area.






34. Black hat






35. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






36. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






37. A computer network confined to a relatively small area - such as a single building or campus.






38. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






39. ACK Scan






40. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






41. In computer security - this is an algorithm that uses separate keys for encryption and decryption.






42. ICMP Type/Code 11






43. Port 135






44. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






45. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






46. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.






47. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio






48. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par






49. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






50. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.