Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.
Secure Multipurpose Mail Extension (S/MIME)
Due Diligence
Domain Name System (DNS)
hardware keystroke logger

2. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Finger
Data Encryption Standard (DES)
Accountability
-sS

3. A computer network confined to a relatively small area - such as a single building or campus.
identity theft
Vulnerability Assessment
-sI
local area network (LAN)

4. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
iris scanner
Mandatory access control (MAC)
Access Creep
security defect

5. Port 88
White Box Testing
Kerberos
hardware keystroke logger
Mantrap

6. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Archive
gap analysis
Bastion host
Countermeasures

7. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.
private network address
signature scanning
risk
Point-to-Point Protocol (PPP)

8. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
Application-Level Attacks
Confidentiality
Banner Grabbing
Digital Certificate

9. Vulnerability Scanning
port knocking
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Web Spider
Zombie

10. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.
SSH
Trusted Computer Base (TCB)
symmetric algorithm
Black Box Testing

11. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
promiscuous mode
No previous knowledge of the network
Bug
Virtual Private Network (VPN)

12. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
Last In First Out (LIFO)
Hierarchical File System (HFS)
Anonymizer
firewall

13. A protocol used to pass control and error messages between nodes on the Internet.
CNAME record
Information Technology (IT) infrastructure
Daemon
Internet Control Message Protocol (ICMP)

14. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.
Self Replicating
forwarding
fully qualified domain name (FQDN)
protocol stack

15. A group of experts that handles computer security incidents.
MAC filtering
security incident response team (SIRT)
spam
-sR

16. IP Protocol Scan
Accountability
-sO
Sign in Seal
scope creep

17. A type of denial-of-service attack where a hacker sends thousands of SYN packets to the target with spoofed IP addresses.
Detective Controls
Virus Hoax
SYN attack
patch

18. ICMP Netmask
-PM
Packet Internet Groper (ping)
Cloning
U P F

19. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
Echo Reply
stateful packet filtering
infrastructure mode
Electronic Code Book (ECB)

20. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Cloning
FTP
Lightweight Directory Access Protocol (LDAP)
Port Address Translation (PAT)

21. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use
null session
script kiddie
piggybacking
Discretionary Access Control (DAC)

22. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Access Control List (ACL)
proxy server
Multipurpose Internet Mail Extensions (MIME)
Trusted Computer System Evaluation Criteria (TCSEC)

23. Metamorphic Virus
Distributed DoS (DDoS)
Self Replicating
parallel scan & 75 sec timeout & 0.3 sec/probe
INFOSEC Assessment Methodology (IAM)

24. Xmas Tree scan
Common Internet File System/Server Message Block
-PP
Hacks without permission
-sX

25. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
Block Cipher
NetBSD
HTTP tunneling
false negative

26. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
spam
HTTP tunneling
parallel scan & 75 sec timeout & 0.3 sec/probe
separation of duties

27. don't ping
A S
Asset
Authentication
-P0

28. Hex 04
Lightweight Directory Access Protocol (LDAP)
R
-oG
Kerberos

29. Injecting traffic into the network to identify the operating system of a device.
Hypertext Transfer Protocol (HTTP)
Address Resolution Protocol (ARP) table
Active Fingerprinting
smart card

30. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
Console Port
Wireless Local Area Network (WLAN)
Port Address Translation (PAT)
NetBSD

31. ICMP Type/Code 8
Hypertext Transfer Protocol Secure (HTTPS)
Echo request
segment
stateful packet filtering

32. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.
Collision Domain
404EE
script kiddie
Electronic Code Book (ECB)

33. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
Asynchronous
personal identification number (PIN)
Smurf attack
-sS

34. nmap
false rejection rate (FRR)
-p <port ranges>
red team
security controls

35. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
Self Replicating
Warm Site
Packet Internet Groper (ping)
Client

36. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
Assessment
Level I assessment
Mantrap
Wi-Fi Protected Access (WPA)

37. A list of IP addresses and corresponding MAC addresses stored on a local computer.
Internet Protocol (IP)
sniffer
spam
Address Resolution Protocol (ARP) table

38. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Cryptographic Key
Active Directory (AD)
Minimum acceptable level of risk
impersonation

39. Hex 10
rootkit
Tini
A
shoulder surfing

40. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio
-P0
honeypot
Internet Protocol Security (IPSec) architecture
Cache

41. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.
Crossover Error Rate (CER)
secure channel
DNS
Backdoor

42. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
SMB
Accountability
RxBoot
audit

43. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
Wireless Local Area Network (WLAN)
route
Vulnerability Management
Wi-Fi Protected Access (WPA)

44. A virus that plants itself in a system's boot sector and infects the master boot record.
protocol stack
Third Party
Boot Sector Virus
802.11 i

45. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
security bulletins
Three-Way (TCP) Handshake
False Acceptance Rate (FAR)
enumeration

46. Sneaky scan timing
serialize scans & 15 sec wait
Interior Gateway Protocol (IGP)
hashing algorithm
Trojan Horse

47. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
False Acceptance Rate (FAR)
infrastructure mode
limitation of liability and remedies
Fast Ethernet

48. 18 U.S.C. 1029
-p <port ranges>
Secure Multipurpose Mail Extension (S/MIME)
Possession of access devices
Boot Sector Virus

49. Monitoring of telephone or Internet conversations - typically by covert means.
Acknowledgment (ACK)
Wiretapping
hash
Multipartite virus

50. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
A S
Zone transfer
private key
ECHO reply