SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. FTP Bounce Attack
forwarding
security breach or security incident
-b
security bulletins
2. FIN Scan
-sF
Real application encompassing Trojan
parallel scan & 300 sec timeout & 1.25 sec/probe
network interface card (NIC)
3. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
OpenBSD
Common Internet File System/Server Message Block
human-based social engineering
Active Fingerprinting
4. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
hybrid attack
stream cipher
flood
payload
5. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
open source
routed protocol
Methodology
Cookie
6. Sneaky scan timing
POST
security by obscurity
serialize scans & 15 sec wait
Institute of Electrical and Electronics Engineers (IEEE)
7. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
Asynchronous
packet
patch
Real application encompassing Trojan
8. Shifting responsibility from one party to another
identity theft
Routing Information Protocol (RIP)
-sF
risk transference
9. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.
-sI
A R
Ethernet
-sP
10. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
Active Fingerprinting
Media Access Control (MAC)
personal identification number (PIN)
Wi-Fi
11. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
CIA triangle
routed protocol
Cache
Tunnel
12. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
hacktivism
smart card
Event
Bluejacking
13. Activities to determine the extent to which a security control is implemented correctly - operating as intended - and producing the desired outcome with respect to meeting the security requirements for the system.
social engineering
Audit Data
audit
Assessment
14. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Simple Mail Transfer Protocol (SMTP)
CAM table
Vulnerability Assessment
Cryptographic Key
15. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.
Access Creep
spyware
Confidentiality
Network Basic Input/Output System (NetBIOS)
16. A software or hardware defect that often results in system vulnerabilities.
War Chalking
serialize scans & 15 sec wait
key exchange protocol
Bug
17. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
Covert Channel
parallel scan
flood
Level II assessment
18. ICMP Netmask
Computer-Based Attack
Temporal Key Integrity Protocol (TKIP)
-PM
Asynchronous
19. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
End User Licensing Agreement (EULA)
Information Technology (IT) security architecture and framework
Level III assessment
Daemon
20. White hat
Copyright
router
802.11
Hacks with permission
21. A protocol defining packets that are able to be routed by a router.
routed protocol
Defines legal email marketing
Asymmetric
Redundant Array of Independent Disks (RAID)
22. ICMP Type/Code 8
Echo request
Acceptable Use Policy (AUP)
Virtual Local Area Network (VLAN)
Accountability
23. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Block Cipher
Multipurpose Internet Mail Extensions (MIME)
intrusion detection system (IDS)
routed protocol
24. Port 80/81/8080
HTTP
Internet Assigned Number Authority (IANA)
Buffer
honeynet
25. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
Decryption
phishing
Vulnerability Scanning
802.11
26. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Rijndael
reverse lookup; reverse DNS lookup
security bulletins
POST
27. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Methodology
Unicode
-oA
Man-in-the-middle attack
28. Nmap normal output
Third Party
Application Layer
-oN
payload
29. Hashing algorithm that results in a 128-bit output.
Serial Line Internet Protocol (SLIP)
MD5
hardware keystroke logger
TACACS
30. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.
firewalking
Backdoor
Electronic serial number
Point-to-Point Tunneling Protocol (PPTP)
31. Port 110
POP 3
intrusion detection system (IDS)
hash
Database
32. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
XOR Operation
Presentation layer
Bluesnarfing
phishing
33. A wireless networking mode where all clients connect to the wireless network through a central access point.
Internet Assigned Number Authority (IANA)
parallel scan & 300 sec timeout & 1.25 sec/probe
infrastructure mode
Assessment
34. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
Application Layer
false negative
Service Set Identifier (SSID)
pattern matching
35. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.
Domain Name System (DNS)
Internet Protocol (IP)
symmetric encryption
Exposure Factor
36. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Archive
Destination Unreachable
Baseline
-sA
37. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
Domain Name
Internet Assigned Number Authority (IANA)
Mantrap
Trojan Horse
38. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
-PM
gray hat
Audit Data
Kerberos
39. A backlog of packets stored in buffers and waiting to be forwarded over an interface.
integrity
Local Administrator
queue
Digital Certificate
40. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.
parameter tampering
Simple Network Management Protocol (SNMP)
Anonymizer
-sW
41. The act of dialing all numbers within an organization to discover open modems.
War Dialing
Vulnerability Assessment
phishing
network interface card (NIC)
42. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.
fragmentation
Ethical Hacker
A
Availability
43. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
Telnet
Application Layer
separation of duties
single loss expectancy (SLE)
44. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
DNS
Tumbling
Virtual Private Network (VPN)
Kerberos
45. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
NetBSD
FreeBSD
Bit Flipping
Competitive Intelligence
46. Port Scanning
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
47. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.
non-repudiation
hacktivism
script kiddie
Methodology
48. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
parallel scan
War Chalking
fragmentation
Time exceeded
49. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.
Active Directory (AD)
Corrective Controls
social engineering
risk transference
50. A document describing information security guidelines - policies - procedures - and standards.
symmetric algorithm
Serial Line Internet Protocol (SLIP)
Information Technology (IT) security architecture and framework
Baseline