Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An adapter that provides the physical connection to send and receive data between the computer and the network media.






2. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.






3. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely






4. Metamorphic Virus






5. Nmap grepable output






6. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public






7. The process of determining if a network entity (user or service) is legitimate






8. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.






9. nmap all output






10. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






11. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






12. A backlog of packets stored in buffers and waiting to be forwarded over an interface.






13. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






14. An Application layer protocol for managing devices on an IP network.






15. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






16. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.






17. The combination of all IT assets - resources - components - and systems.






18. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






19. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






20. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






21. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






22. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






23. Paranoid scan timing






24. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






25. Injecting traffic into the network to identify the operating system of a device.






26. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.






27. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.






28. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






29. A protocol used to pass control and error messages between nodes on the Internet.






30. A type of encryption where the same key is used to encrypt and decrypt the message.






31. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






32. MAC Flooding






33. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






34. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






35. Recording the time - normally in a log file - when an event happens or when information is created or modified.






36. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.






37. Ping Scan






38. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






39. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu






40. A portion of memory used to temporarily store output or input data.






41. An attack that exploits the common mistake many people make when installing operating systems






42. ICMP Type/Code 11






43. Hashing algorithm that results in a 128-bit output.






44. Port 80/81/8080






45. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.






46. Computer software or hardware that can intercept and log traffic passing over a digital network.






47. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.






48. The process of embedding information into a digital signal in a way that makes it difficult to remove.






49. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.






50. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.