SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.
Computer-Based Attack
TACACS
Serial Line Internet Protocol (SLIP)
The automated process of proactively identifying vulnerabilities of computing systems present in a network
2. Network Scanning
initial sequence number (ISN)
Kerberos
signature scanning
A procedure for identifying active hosts on a network.
3. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
halo effect
Electronic Code Book (ECB)
personal identification number (PIN)
Lightweight Directory Access Protocol (LDAP)
4. A device providing temporary - on-demand - point-to-point network access to users.
red team
network access server
operating system attack
Authentication - Authorization - and Accounting (AAA)
5. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Asymmetric Algorithm
halo effect
Unicode
gray box testing
6. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.
INFOSEC Assessment Methodology (IAM)
Algorithm
protocol stack
Echo request
7. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.
RPC-DCOM
intranet
segment
-sP
8. Using conversation or some other interaction between people to gather useful information.
Man-in-the-middle attack
Finding a directory listing and gaining access to a parent or root file for access to other files
Detective Controls
human-based social engineering
9. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.
session hijacking
Common Internet File System/Server Message Block
payload
Malicious code
10. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
protocol
port redirection
Open System Interconnection (OSI) Reference Model
ring topology
11. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
sheepdip
hacktivism
packet
Ethernet
12. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.
False Acceptance Rate (FAR)
Internet service provider (ISP)
CAM table
Acknowledgment (ACK)
13. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information
phishing
replay attack
Daemon
stream cipher
14. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
iris scanner
inference attack
Bastion host
SYN flood attack
15. ICMP Ping
-PI
Temporal Key Integrity Protocol (TKIP)
social engineering
hash
16. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.
Corrective Controls
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
SYN flood attack
initial sequence number (ISN)
17. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g
Minimum acceptable level of risk
parallel scan
Digital Signature
parameter tampering
18. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
false rejection rate (FRR)
Web Spider
POST
fully qualified domain name (FQDN)
19. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.
User Datagram Protocol (UDP)
Point-to-Point Tunneling Protocol (PPTP)
quantitative risk assessment
Virus Hoax
20. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.
key exchange protocol
non-repudiation
Community String
-PP
21. FIN Scan
Cryptographic Key
firewalking
Hacks with permission
-sF
22. Incremental Substitution
Replacing numbers in a url to access other files
network operations center (NOC)
service level agreements (SLAs)
security kernel
23. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Access Creep
Information Technology (IT) asset valuation
Routing Information Protocol (RIP)
Vulnerability Management
24. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Address Resolution Protocol (ARP)
segment
Anonymizer
Audit Data
25. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
spoofing
Virus Hoax
operating system attack
802.11
26. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
iris scanner
signature scanning
enumeration
NetBSD
27. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa
queue
Authentication Header (AH)
Electronic Code Book (ECB)
private key
28. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Service Set Identifier (SSID)
Information Technology (IT) infrastructure
-oG
Finding a directory listing and gaining access to a parent or root file for access to other files
29. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Competitive Intelligence
hashing algorithm
Banner Grabbing
30. Name given to expert groups that handle computer security incidents.
limitation of liability and remedies
nslookup
Computer Emergency Response Team (CERT)
Hypertext Transfer Protocol Secure (HTTPS)
31. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
Level I assessment
Network Address Translation (NAT)
-sL
rule-based access control
32. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.
Vulnerability
Packet Internet Groper (ping)
Serial Line Internet Protocol (SLIP)
Extensible Authentication Protocol (EAP)
33. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.
iris scanner
Active Attack
Packet Internet Groper (ping)
audit
34. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
Warm Site
Detective Controls
pattern matching
risk assessment
35. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Internet Assigned Number Authority (IANA)
Administratively Prohibited
Local Administrator
Due Care
36. The art and science of creating a covert message or image within another message - image - audio - or video file.
Ciphertext
reverse social engineering
route
steganography
37. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.
Confidentiality
-sF
Simple Network Management Protocol (SNMP)
-sV
38. A method of external testing whereby several systems or resources are used together to effect an attack.
Vulnerability Management
Lightweight Directory Access Protocol (LDAP)
Daisy Chaining
Auditing
39. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
Certificate
router
Wide Area Network (WAN)
hot site
40. A social-engineering attack using computer resources - such as e-mail or IRC.
heuristic scanning
session splicing
Computer-Based Attack
Authentication
41. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
-sS
reverse lookup; reverse DNS lookup
passive attack
phishing
42. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.
Videocipher II Satellite Encryption System
Active Attack
Tiger Team
Client
43. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
Bluejacking
Filter
Ethernet
Vulnerability Scanning
44. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
personal identification number (PIN)
Availability
Wired Equivalent Privacy (WEP)
SAM
45. Computer software or hardware that can intercept and log traffic passing over a digital network.
-sL
Computer-Based Attack
-sT
sniffer
46. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
Tunneling
Backdoor
Routing Information Protocol (RIP)
Database
47. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
Virtual Private Network (VPN)
MAC filtering
sniffer
identity theft
48. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Uniform Resource Locator (URL)
Daemon
Authorization
Hypertext Transfer Protocol Secure (HTTPS)
49. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
footprinting
hacktivism
spam
Vulnerability
50. A portion of memory used to temporarily store output or input data.
Back orifice
Buffer
encapsulation
private network address
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests