Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






2. TCP connect() scan






3. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa






4. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






5. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






6. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






7. ICMP Ping






8. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.






9. A protocol for exchanging packets over a serial line.






10. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






11. A host designed to collect data on suspicious activity.






12. Evaluation in which testers attempt to penetrate the network.






13. Hex 29






14. An informed decision to accept the potential for damage to or loss of an IT asset.






15. Describes practices in production and development that promote access to the end product's source materials.






16. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






17. Incremental Substitution






18. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.






19. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.






20. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






21. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






22. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.






23. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






24. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






25. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.






26. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






27. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






28. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






30. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






31. A document describing information security guidelines - policies - procedures - and standards.






32. An Application layer protocol for sending electronic mail between servers.






33. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






34. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






35. A virus written in a macro language and usually embedded in document or spreadsheet files.






36. White box test






37. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.






38. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






39. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






40. The conveying of official access or legal power to a person or entity.






41. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.






42. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






43. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.






44. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.






45. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.






46. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






47. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






48. A device providing temporary - on-demand - point-to-point network access to users.






49. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.






50. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.