SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
Denial of Service (DoS)
Routing Protocol
User Datagram Protocol (UDP)
Media Access Control (MAC)
2. Any item of value or worth to an organization - whether physical or virtual.
NOP
Authorization
Asset
Malicious code
3. An early network application that provides information on users currently logged on to a machine.
audit
Bug
Brute-Force Password Attack
Finger
4. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Level III assessment
Cloning
false rejection rate (FRR)
Collision Domain
5. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
SOA record
Certificate
Access Creep
Zero Subnet
6. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
Asset
personal identification number (PIN)
Daemon
risk avoidance
7. A string that represents the location of a web resource
Uniform Resource Locator (URL)
scope creep
User Datagram Protocol (UDP)
Trojan Horse
8. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
TACACS
public key infrastructure (PKI)
Google hacking
Common Internet File System/Server Message Block
9. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
Asset
Active Fingerprinting
-sP
Cryptography
10. Hex 12
A S
payload
Domain Name
fragmentation
11. Metamorphic Virus
Self Replicating
-sA
Syslog
Malware
12. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.
Media Access Control (MAC)
NT LAN Manager (NTLM)
Tunnel
serialize scans & 15 sec wait
13. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
-PT
script kiddie
Event
Block Cipher
14. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).
NOP
hot site
Asymmetric Algorithm
Wired Equivalent Privacy (WEP)
15. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.
personal identification number (PIN)
firewall
S
Self Replicating
16. An e-mail protection method using a secret message or image that can be referenced on any official communication with the site; if an e-mail is received without the image or message - the recipient knows it is not legitimate.
Trapdoor Function
logic bomb
Sign in Seal
non-repudiation
17. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
-p <port ranges>
Asymmetric
Trusted Computer System Evaluation Criteria (TCSEC)
Wired Equivalent Privacy (WEP)
18. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Web Spider
Trojan Horse
security defect
Port Address Translation (PAT)
19. PI and PT Ping
Application Layer
Wi-Fi
-PB
halo effect
20. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.
ping sweep
-oN
Availability
Institute of Electrical and Electronics Engineers (IEEE)
21. Looking over an authorized user's shoulder in order to steal information (such as authentication information).
hybrid attack
shoulder surfing
File Transfer Protocol (FTP)
A procedure for identifying active hosts on a network.
22. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.
session splicing
HIDS
identity theft
Transmission Control Protocol (TCP)
23. The process of embedding information into a digital signal in a way that makes it difficult to remove.
NOP
Self Replicating
Digital Watermarking
ECHO reply
24. Policy stating what users of a system can and cannot do with the organization's assets.
Acceptable Use Policy (AUP)
SMB
symmetric encryption
Discretionary Access Control (DAC)
25. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
payload
Hacks without permission
NetBSD
risk assessment
26. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
Multipartite virus
Annualized Loss Expectancy (ALE)
encryption
Request for Comments (RFC)
27. Ping Scan
hash
-sP
polymorphic virus
Backdoor
28. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
Wi-Fi
Tini
Assessment
sidejacking
29. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
False Acceptance Rate (FAR)
operating system attack
Defense in Depth
key exchange protocol
30. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
Ciphertext
Media Access Control (MAC)
Backdoor
Vulnerability Scanning
31. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.
Defines legal email marketing
Bastion host
Point-to-Point Protocol (PPP)
quality of service (QoS)
32. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.
nslookup
private key
Fiber Distributed Data Interface (FDDI)
Point-to-Point Tunneling Protocol (PPTP)
33. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
reverse lookup; reverse DNS lookup
Routing Protocol
network access server
-sS
34. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
RID Resource identifier
Directory Traversal
fully qualified domain name (FQDN)
35. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
Routing Information Protocol (RIP)
nslookup
Asset
sidejacking
36. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.
Certificate Authority (CA)
Replacing numbers in a url to access other files
Trojan Horse
NetBus
37. TCP Ping
-PT
Virtual Private Network (VPN)
security defect
Boot Sector Virus
38. Directory Transversal
Tunneling Virus
footprinting
Finding a directory listing and gaining access to a parent or root file for access to other files
-PB
39. The art and science of creating a covert message or image within another message - image - audio - or video file.
Collision Domain
XOR Operation
footprinting
steganography
40. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Asymmetric Algorithm
fragmentation
piggybacking
Network Basic Input/Output System (NetBIOS)
41. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
spyware
Address Resolution Protocol (ARP) table
security kernel
Annualized Loss Expectancy (ALE)
42. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.
Due Diligence
parameter tampering
Macro virus
proxy server
43. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
halo effect
Finger
social engineering
stateful packet filtering
44. Port 135
RPC-DCOM
Domain Name System (DNS)
A R
Transmission Control Protocol (TCP)
45. A group of experts that handles computer security incidents.
Media Access Control (MAC)
security incident response team (SIRT)
impersonation
A
46. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
private key
Trusted Computer Base (TCB)
Database
Wireless Local Area Network (WLAN)
47. ex 02
role-based access control
Vulnerability Management
S
open source
48. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Rijndael
Address Resolution Protocol (ARP) table
Bluesnarfing
802.11
49. A file system used by the Mac OS.
Data Link layer
Hierarchical File System (HFS)
route
Internet Control Message Protocol (ICMP)
50. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
reverse lookup; reverse DNS lookup
public key
Port Address Translation (PAT)
false rejection rate (FRR)