Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






2. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






3. Cracking Tools






4. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






5. ex 02






6. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.






7. A systematic process for the assessment of security vulnerabilities.






8. An attack that exploits the common mistake many people make when installing operating systems






9. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






10. Another term for firewalking






11. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






12. The lack of clocking (imposed time ordering) on a bit stream.






13. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






14. A backlog of packets stored in buffers and waiting to be forwarded over an interface.






15. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.






16. An organized collection of data.






17. Window Scan






18. A wireless networking mode where all clients connect to the wireless network through a central access point.






19. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.






20. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.






21. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets






22. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






23. Transmitting one protocol encapsulated inside another protocol.






24. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






25. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






26. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






27. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






28. The concept of having more than one person required to complete a task






29. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






30. A documented process for a procedure designed to be consistent - repeatable - and accountable.






31. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.






32. Incremental Substitution






33. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






34. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c






35. Port 53






36. List Scan






37. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






38. A file system used by the Mac OS.






39. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.






40. A document describing information security guidelines - policies - procedures - and standards.






41. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.






42. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.






43. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.






44. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






45. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






46. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






47. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






48. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.






49. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






50. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests