Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. An Application layer protocol for managing devices on an IP network.
secure channel
Secure Multipurpose Mail Extension (S/MIME)
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Simple Network Management Protocol (SNMP)

2. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
nslookup
Asset
R
Wi-Fi Protected Access (WPA)

3. The act of checking some sequence of tokens for the presence of the constituents of some pattern.
pattern matching
Replacing numbers in a url to access other files
R
CIA triangle

4. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
Database
Bluetooth
Community String
Certificate Authority (CA)

5. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.
Kerberos
payload
patch
Antivirus (AV) software

6. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
Competitive Intelligence
flood
spyware
net use \[target ip]IPC$ '' /user:''

7. Formal description and evaluation of the vulnerabilities in an information system
signature scanning
Access Point (AP)
Warm Site
Vulnerability Assessment

8. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
piggybacking
Pretty Good Privacy (PGP)
penetration testing
Packet Internet Groper (ping)

9. nmap
Eavesdropping
-p <port ranges>
Unicode
Internal access to the network

10. Using conversation or some other interaction between people to gather useful information.
No previous knowledge of the network
Demilitarized Zone (DMZ)
human-based social engineering
802.11

11. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
packet
Acknowledgment (ACK)
Simple Object Access Protocol (SOAP)
reverse lookup; reverse DNS lookup

12. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
sheepdip
Third Party
Bug
Network Address Translation (NAT)

13. Another term for firewalking
parallel scan & 75 sec timeout & 0.3 sec/probe
port knocking
Simple Object Access Protocol (SOAP)
-P0

14. A type of malware that covertly collects information about a user.
Port Address Translation (PAT)
Self Replicating
spyware
Whois

15. The process of determining if a network entity (user or service) is legitimate
Authentication
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
security breach or security incident
suicide hacker

16. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.
Tumbling
Administratively Prohibited
Domain Name System (DNS) cache poisoning
Event

17. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.
public key
Exposure Factor
A procedure for identifying active hosts on a network.
Finger

18. An HTTP command to transmit text to a web server for processing. The opposite of an HTTP GET.
POST
Internet Protocol (IP)
-PS
payload

19. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
port knocking
Request for Comments (RFC)
Malware
Filter

20. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
Possession of access devices
replay attack
Web Spider
Asynchronous

21. Insane scan timing
Cracker
War Chalking
Active Fingerprinting
parallel scan & 75 sec timeout & 0.3 sec/probe

22. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
User Datagram Protocol (UDP)
Black Box Testing
reconnaissance
role-based access control

23. An early network application that provides information on users currently logged on to a machine.
Presentation layer
Finger
footprinting
network interface card (NIC)

24. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
Tunnel
intranet
hashing algorithm
Active Fingerprinting

25. ICMP Type/Code 0-0
War Chalking
Droppers
Methodology
Echo Reply

26. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
Destination Unreachable
personal identification number (PIN)
Back orifice
Certificate Authority (CA)

27. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
Access Creep
-sX
Ethernet
Post Office Protocol 3 (POP3)

28. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g
node
Digital Signature
User Datagram Protocol (UDP)
scope creep

29. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
Cold Site
S
stream cipher
-p <port ranges>

30. An Application layer protocol for sending electronic mail between servers.
single loss expectancy (SLE)
Simple Mail Transfer Protocol (SMTP)
Unicode
Cold Site

31. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Daisy Chaining
site survey
Data Encryption Standard (DES)
Covert Channel

32. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
Routing Information Protocol (RIP)
Trusted Computer Base (TCB)
Eavesdropping
Backdoor

33. Hex 12
security breach or security incident
Cracker
A S
social engineering

34. Port 80/81/8080
Asset
HTTP
Access Control List (ACL)
U P F

35. Access by information systems (or users) communicating from outside the information system security perimeter.
Assessment
Back orifice
remote access
ring topology

36. Microsoft SID 500
Local Administrator
Virus
security incident response team (SIRT)
Daemon

37. A method of external testing whereby several systems or resources are used together to effect an attack.
hashing algorithm
Boot Sector Virus
parameter tampering
Daisy Chaining

38. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Hacks with permission
Vulnerability Management
R
A

39. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
Boot Sector Virus
Fast Ethernet
parallel scan
Institute of Electrical and Electronics Engineers (IEEE)

40. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Internet service provider (ISP)
Active Directory (AD)
Due Care
Media Access Control (MAC)

41. don't ping
Due Diligence
SYN flood attack
Information Technology (IT) asset criticality
-P0

42. Nmap normal output
Vulnerability
-oN
Auditing
security by obscurity

43. Polymorphic Virus
secure channel
Trapdoor Function
Overwhelm CAM table to convert switch to hub mode
self encrypting

44. A host designed to collect data on suspicious activity.
single loss expectancy (SLE)
honeypot
Multipartite virus
DNS

45. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Bit Flipping
Routing Protocol
-sL
FTP

46. Injecting traffic into the network to identify the operating system of a device.
private key
Active Fingerprinting
Computer Emergency Response Team (CERT)
parallel scan

47. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
footprinting
stateful packet filtering
single loss expectancy (SLE)
Dumpster Diving

48. ICMP Ping
-PI
Kerberos
Multipartite virus
private key

49. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.
Transmission Control Protocol (TCP)
GET
Hacks with permission
Domain Name System (DNS) lookup

50. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss
EDGAR database
Competitive Intelligence
MAC filtering
Application-Level Attacks