Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A portion of memory used to temporarily store output or input data.






2. The level of importance assigned to an IT asset






3. A virus designed to infect the master boot record.






4. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






5. An attack that exploits the common mistake many people make when installing operating systems






6. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






7. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






8. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






9. The monetary value assigned to an IT asset.






10. An early network application that provides information on users currently logged on to a machine.






11. A method of external testing whereby several systems or resources are used together to effect an attack.






12. Ping Scan






13. The process of determining if a network entity (user or service) is legitimate






14. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






15. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.






16. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






17. A type of encryption where the same key is used to encrypt and decrypt the message.






18. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






19. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.






20. Window Scan






21. Using conversation or some other interaction between people to gather useful information.






22. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






23. PI and PT Ping






24. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






25. A group of experts that handles computer security incidents.






26. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.






27. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






28. A wireless networking mode where all clients connect to the wireless network through a central access point.






29. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






30. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






31. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.






32. Xmas Tree scan






33. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






34. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






35. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.






36. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






37. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






38. An Application layer protocol for managing devices on an IP network.






39. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






40. Directing a protocol from one port to another.






41. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


42. The combination of all IT assets - resources - components - and systems.






43. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.






44. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






45. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






46. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.






47. A routing protocol developed to be used within a single organization.






48. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






49. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.






50. A program designed to execute at a specific time to release malicious code onto the computer system or network.