SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hardware device used to log keystrokes covertly. Hardware keystroke loggers are very dangerous due to the fact that they cannot be detected through regular software/anti-malware scanning.
Defines legal email marketing
hardware keystroke logger
Cookie
Ciphertext
2. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.
Information Technology (IT) asset criticality
Virus
Institute of Electrical and Electronics Engineers (IEEE)
replay attack
3. A software or hardware defect that often results in system vulnerabilities.
Bug
Methodology
-sX
port knocking
4. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Virus Hoax
qualitative analysis
Block Cipher
promiscuous mode
5. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
Presentation layer
Zenmap
404EE
enumeration
6. The combination of all IT assets - resources - components - and systems.
Information Technology (IT) infrastructure
Macro virus
INFOSEC Assessment Methodology (IAM)
Console Port
7. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
suicide hacker
Redundant Array of Independent Disks (RAID)
-oX
OpenBSD
8. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Interior Gateway Protocol (IGP)
Archive
Wired Equivalent Privacy (WEP)
Asymmetric Algorithm
9. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
Tunneling
public key
Kerberos
SOA record
10. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
404EE
Tunnel
Domain Name
Master boot record infector
11. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Directory Traversal
Rijndael
Active Attack
Mandatory access control (MAC)
12. Xmas Tree scan
Redundant Array of Independent Disks (RAID)
-sX
Electronic Code Book (ECB)
secure channel
13. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
footprinting
Level II assessment
Digital Certificate
Domain Name System (DNS) cache poisoning
14. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.
Eavesdropping
protocol
port redirection
initial sequence number (ISN)
15. Aggressive scan timing
parallel scan & 300 sec timeout & 1.25 sec/probe
TACACS
Virtual Local Area Network (VLAN)
POST
16. Name given to expert groups that handle computer security incidents.
SID
Kerberos
RxBoot
Computer Emergency Response Team (CERT)
17. Window Scan
Packet Internet Groper (ping)
-sW
-sU
Information Technology Security Evaluation Criteria (ITSEC)
18. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Cryptographic Key
Time exceeded
parallel scan & 75 sec timeout & 0.3 sec/probe
Antivirus (AV) software
19. A defined measure of service within a network system
asynchronous transmission
quality of service (QoS)
intranet
-PS
20. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.
Vulnerability
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Electronic Code Book (ECB)
risk transference
21. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.
Corrective Controls
quantitative risk assessment
Active Directory (AD)
Eavesdropping
22. ex 02
Daisy Chaining
identity theft
S
reverse lookup; reverse DNS lookup
23. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.
Lightweight Directory Access Protocol (LDAP)
Asynchronous
reverse lookup; reverse DNS lookup
Videocipher II Satellite Encryption System
24. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)
Wiretapping
network interface card (NIC)
qualitative analysis
-sX
25. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Cracker
Bluesnarfing
Tumbling
single loss expectancy (SLE)
26. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
Access Point (AP)
Interior Gateway Protocol (IGP)
Point-to-Point Protocol (PPP)
Man-in-the-middle attack
27. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.
SOA record
physical security
network tap
logic bomb
28. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Cache
risk
-PI
Dumpster Diving
29. ICMP Type/Code 3-13
Administratively Prohibited
Transport Layer Security (TLS)
Kerberos
-P0
30. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
hacktivism
Presentation layer
Brute-Force Password Attack
International Organization for Standardization (ISO)
31. The lack of clocking (imposed time ordering) on a bit stream.
Crossover Error Rate (CER)
initial sequence number (ISN)
Asynchronous
forwarding
32. Hex 14
Trapdoor Function
MD5
piggybacking
A R
33. A device on a network.
Brute-Force Password Attack
self encrypting
node
Database
34. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
Smurf attack
Adware
Anonymizer
payload
35. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
ECHO reply
Interior Gateway Protocol (IGP)
Post Office Protocol 3 (POP3)
sidejacking
36. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.
CNAME record
queue
OpenBSD
forwarding
37. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information
phishing
piggybacking
false negative
Information Technology Security Evaluation Criteria (ITSEC)
38. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
encryption
gateway
Internal access to the network
Multipurpose Internet Mail Extensions (MIME)
39. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Bluejacking
Eavesdropping
Administratively Prohibited
-PB
40. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
Methodology
Challenge Handshake Authentication Protocol (CHAP)
nslookup
enumeration
41. A wireless networking mode where all clients connect to the wireless network through a central access point.
public key
Secure Multipurpose Mail Extension (S/MIME)
Institute of Electrical and Electronics Engineers (IEEE)
infrastructure mode
42. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.
SID
Wi-Fi Protected Access (WPA)
SYN flood attack
Master boot record infector
43. A program designed to execute at a specific time to release malicious code onto the computer system or network.
Tunneling Virus
Countermeasures
Time Bomb
Simple Object Access Protocol (SOAP)
44. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).
S
protocol stack
Zero Subnet
Zone transfer
45. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
802.11
Destination Unreachable
hashing algorithm
rogue access point
46. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.
Multipartite virus
Domain Name System (DNS) lookup
HTTP tunneling
Countermeasures
47. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.
Exposure Factor
Finger
MAC filtering
DNS
48. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
Audit Data
Mantrap
network operations center (NOC)
Network Address Translation (NAT)
49. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
Transport Layer Security (TLS)
parallel scan & 300 sec timeout & 1.25 sec/probe
Uniform Resource Locator (URL)
Covert Channel
50. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
service level agreements (SLAs)
polymorphic virus
Trusted Computer System Evaluation Criteria (TCSEC)
Malicious code
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests