Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
false rejection rate (FRR)
Authorization
Information Technology Security Evaluation Criteria (ITSEC)
Access Creep

2. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
Audit Data
self encrypting
honeynet
Kerberos

3. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
Tunneling
Overwhelm CAM table to convert switch to hub mode
SMB
Post Office Protocol 3 (POP3)

4. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
identity theft
Address Resolution Protocol (ARP) table
Interior Gateway Protocol (IGP)

5. Evaluation in which testers attempt to penetrate the network.
Information Technology (IT) asset criticality
Minimum acceptable level of risk
Virtual Private Network (VPN)
Level III assessment

6. Microsoft SID 500
Tunnel
Hacks with permission
War Dialing
Local Administrator

7. Black box test
No previous knowledge of the network
NOP
risk
Redundant Array of Independent Disks (RAID)

8. Aggressive scan timing
parallel scan & 300 sec timeout & 1.25 sec/probe
Blowfish
Address Resolution Protocol (ARP)
-sF

9. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
Redundant Array of Independent Disks (RAID)
proxy server
CIA triangle
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks

10. The change or growth of a project's scope
scope creep
False Acceptance Rate (FAR)
Network Address Translation (NAT)
Zenmap

11. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Dumpster Diving
White Box Testing
National Security Agency
Certificate Authority (CA)

12. A tool that helps a company to compare its actual performance with its potential performance.
gap analysis
Accountability
ring topology
hot site

13. FTP Bounce Attack
Authentication Header (AH)
Client
halo effect
-b

14. Describes practices in production and development that promote access to the end product's source materials.
Vulnerability Assessment
-sO
open source
Application Layer

15. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
network operations center (NOC)
-PM
Back orifice
DNS enumeration

16. Sneaky scan timing
Password Authentication Protocol (PAP)
Target Of Engagement (TOE)
serialize scans & 15 sec wait
Interior Gateway Protocol (IGP)

17. Computer software or hardware that can intercept and log traffic passing over a digital network.
Competitive Intelligence
risk acceptance
physical security
sniffer

18. A free and popular version of the Unix operating system.
infrastructure mode
Hacks without permission
Malicious code
FreeBSD

19. A social-engineering attack using computer resources - such as e-mail or IRC.
proxy server
RID Resource identifier
honeynet
Computer-Based Attack

20. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
False Acceptance Rate (FAR)
flood
router
parallel scan

21. The ability to trace actions performed on a system to a specific user or system entity.
-PS
Accountability
Level I assessment
Data Encryption Standard (DES)

22. PI and PT Ping
Block Cipher
net use \[target ip]IPC$ '' /user:''
parameter tampering
-PB

23. A command used in HTTP and FTP to retrieve a file from a server.
War Chalking
reconnaissance
Authentication
GET

24. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
Active Directory (AD)
Wired Equivalent Privacy (WEP)
Authentication - Authorization - and Accounting (AAA)
Bastion host

25. NSA
out-of-band signaling
Kerberos
National Security Agency
Authentication Header (AH)

26. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Discretionary Access Control (DAC)
Hierarchical File System (HFS)
Wi-Fi Protected Access (WPA)
site survey

27. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.
Confidentiality
Temporal Key Integrity Protocol (TKIP)
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
integrity

28. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
qualitative analysis
INFOSEC Assessment Methodology (IAM)
Secure Sockets Layer (SSL)
key exchange protocol

29. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
Tunnel
S
iris scanner
gray box testing

30. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
shrink-wrap code attacks
Cryptography
-oG
Web Spider

31. Establish Null Session
Wrapper
MAC filtering
net use \[target ip]IPC$ '' /user:''
physical security

32. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
overt channel
ad hoc mode
risk assessment
steganography

33. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Virus Hoax
security kernel
Tiger Team
-P0

34. Port 110
Buffer Overflow
rule-based access control
National Security Agency
POP 3

35. Black hat
reverse lookup; reverse DNS lookup
Warm Site
Hacks without permission
Wired Equivalent Privacy (WEP)

36. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.
proxy server
honeynet
forwarding
Mantrap

37. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
role-based access control
suicide hacker
Serial Line Internet Protocol (SLIP)
Access Point (AP)

38. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
SYN flood attack
serial scan & 300 sec wait
A R
User Datagram Protocol (UDP)

39. Window Scan
-sW
Simple Network Management Protocol (SNMP)
Information Technology (IT) asset criticality
Worm

40. The software product or system that is the subject of an evaluation.
ring topology
National Security Agency
Target Of Engagement (TOE)
SMB

41. Formal description and evaluation of the vulnerabilities in an information system
Vulnerability Assessment
Mandatory access control (MAC)
separation of duties
-sO

42. UDP Scan
NetBSD
-sU
Syslog
hacktivism

43. A computer process that requests a service from another computer and accepts the server's responses.
single loss expectancy (SLE)
Client
Port Address Translation (PAT)
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks

44. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
keylogger
Archive
Mandatory access control (MAC)
Electronic Code Book (ECB)

45. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
forwarding
Fast Ethernet
network interface card (NIC)
Blowfish

46. A virus designed to infect the master boot record.
Domain Name System (DNS) cache poisoning
Fraud and related activity in connection with computers
Traceroute
Master boot record infector

47. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Target Of Engagement (TOE)
port knocking
Rijndael
Cache

48. The steps taken to gather evidence and information on the targets you wish to attack.
Droppers
protocol
reconnaissance
serialize scans & 15 sec wait

49. Metamorphic Virus
Hierarchical File System (HFS)
Backdoor
Self Replicating
Certificate Authority (CA)

50. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
promiscuous mode
SMB
Denial of Service (DoS)
Zenmap

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CEH: Certified Ethical Hacker

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests