Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






2. A storage buffer that transparently stores data so future requests for the same data can be served faster.






3. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.






4. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






5. A routing protocol developed to be used within a single organization.






6. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






7. Computer software or hardware that can intercept and log traffic passing over a digital network.






8. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






9. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.






10. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






11. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.






12. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






13. Cracking Tools






14. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






15. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






16. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.






17. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






18. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.






19. A computer file system architecture used in Windows - OS/2 - and most memory cards.






20. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.






21. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






22. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






23. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.






24. An attack that exploits the common mistake many people make when installing operating systems






25. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.






26. Describes practices in production and development that promote access to the end product's source materials.






27. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.






28. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.






29. ICMP Type/Code 3






30. Policy stating what users of a system can and cannot do with the organization's assets.






31. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






32. A software or hardware application or device that captures user keystrokes.






33. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.






34. Insane scan timing






35. Injecting traffic into the network to identify the operating system of a device.






36. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






37. The process of determining if a network entity (user or service) is legitimate






38. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






39. In computer security - this is an algorithm that uses separate keys for encryption and decryption.






40. A computer virus that infects and spreads in multiple ways.






41. The combination of all IT assets - resources - components - and systems.






42. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






43. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






44. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.






45. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






46. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.






47. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.






48. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






49. Black hat






50. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests