Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Nmap normal output






2. UDP Scan






3. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






4. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






5. White hat






6. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






7. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






8. Xmas Tree scan






9. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






10. A computer virus that infects and spreads in multiple ways.






11. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.






12. A protocol used for sending and receiving log information for nodes on a network.






13. The monetary loss that can be expected for an asset due to risk over a one-year period. ALE is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as ALE = ARO






14. A method of external testing whereby several systems or resources are used together to effect an attack.






15. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






16. A documented process for a procedure designed to be consistent - repeatable - and accountable.






17. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






18. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.






19. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






20. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.






21. ICMP Timestamp






22. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.






23. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






24. Any network incident that prompts some kind of log entry or other notification.






25. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






26. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






27. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)






28. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio






30. 18 U.S.C. 1029






31. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.






32. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






33. CAN-SPAM






34. Port 389






35. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






36. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






37. A person or entity indirectly involved in a relationship between two principles.






38. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






39. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






40. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






41. Computer software or hardware that can intercept and log traffic passing over a digital network.






42. NSA






43. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






44. Port 110






45. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






46. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






47. A communications protocol used for browsing the Internet.






48. MAC Flooding






49. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






50. RPC Scan