Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Idlescan






2. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.






3. The concept of having more than one person required to complete a task






4. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






5. Hex 14






6. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






7. Evaluation in which testers attempt to penetrate the network.






8. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






9. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






10. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.






11. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






12. Injecting traffic into the network to identify the operating system of a device.






13. Port 88






14. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






15. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






16. Polite scan timing






17. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






18. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.






19. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






20. Directing a protocol from one port to another.






21. An informed decision to accept the potential for damage to or loss of an IT asset.






22. TCP connect() scan






23. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.






24. A systematic process for the assessment of security vulnerabilities.






25. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.






26. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.






27. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.






28. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






29. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.






30. A communications path - such as the Internet - authorized for data transmission within a computer system or network.






31. CAN-SPAM






32. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






33. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






34. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






35. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.






36. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.






37. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






38. nmap






39. Vulnerability Scanning






40. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






41. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






42. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.






43. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






44. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U






45. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






46. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






47. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






48. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






49. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






50. Sneaky scan timing







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests