Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. IP Protocol Scan






2. The default network authentication suite of protocols for Windows NT 4.0






3. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






4. Sending packets or requests to another system to gain information to be used to identify weaknesses and protect the system from attacks.






5. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






6. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






7. The conveying of official access or legal power to a person or entity.






8. Hex 10






9. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






10. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






11. A type of encryption where the same key is used to encrypt and decrypt the message.






12. The software product or system that is the subject of an evaluation.






13. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.






14. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.






15. Policy stating what users of a system can and cannot do with the organization's assets.






16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






17. A document describing information security guidelines - policies - procedures - and standards.






18. A hardware device used to log keystrokes covertly. Hardware keystroke loggers are very dangerous due to the fact that they cannot be detected through regular software/anti-malware scanning.






19. FTP Bounce Attack






20. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






21. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






22. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)






23. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






24. The level of importance assigned to an IT asset






25. A Canonical Name record within DNS - used to provide an alias for a domain name.






26. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets






27. A record showing which user has accessed a given resource and what operations the user performed during a given period.






28. A command used in HTTP and FTP to retrieve a file from a server.






29. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






30. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.






31. A storage buffer that transparently stores data so future requests for the same data can be served faster.






32. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.






33. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.






34. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






35. An Application layer protocol for managing devices on an IP network.






36. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






37. A point of reference used to mark an initial state in order to manage change.






38. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.






39. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






40. A protocol for exchanging packets over a serial line.






41. LM Hash for short passwords (under 7)






42. Attacks on the actual programming code of an application.






43. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






44. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






45. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






46. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






47. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.






48. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






49. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






50. Port 161/162







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests