Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.






2. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






3. The transmission of digital signals without precise clocking or synchronization.






4. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.






5. Ports 20/21






6. 18 U.S.C. 1029






7. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






8. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.






9. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






10. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






11. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






12. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






13. An informed decision to accept the potential for damage to or loss of an IT asset.






14. A tool that helps a company to compare its actual performance with its potential performance.






15. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






16. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






17. TCP Ping






18. A mode of operation in a wireless LAN in which clients send data directly to one another without utilizing a wireless access point (WAP) - much like a point-to-point wired connection.






19. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






20. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






21. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






22. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.






23. PI and PT Ping






24. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






25. A file system used by the Mac OS.






26. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






27. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






28. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






29. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






30. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.






31. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a






32. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






33. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






34. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






35. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






36. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






37. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa






38. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






39. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.






40. Malware designed to install some sort of virus - backdoor - and so on - on a target system.






41. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






42. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






43. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.






44. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






45. A virus written in a macro language and usually embedded in document or spreadsheet files.






46. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






47. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






48. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






49. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






50. An attack that exploits the common mistake many people make when installing operating systems







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests