SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of using easily accessible DNS records to map a target network's internal hosts.
Replacing numbers in a url to access other files
Simple Object Access Protocol (SOAP)
Internet service provider (ISP)
DNS enumeration
2. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.
Domain Name
HIDS
footprinting
-b
3. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
network tap
A procedure for identifying active hosts on a network.
Active Directory (AD)
Vulnerability Management
4. A protocol for exchanging packets over a serial line.
Serial Line Internet Protocol (SLIP)
POP 3
Wrapper
-PB
5. RPC Scan
Minimum acceptable level of risk
non-repudiation
-sR
Mandatory access control (MAC)
6. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
security controls
Three-Way (TCP) Handshake
gateway
Bit Flipping
7. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
RPC-DCOM
-sO
Adware
Mandatory access control (MAC)
8. Hex 10
Countermeasures
A
Transmission Control Protocol (TCP)
Redundant Array of Independent Disks (RAID)
9. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
Acknowledgment (ACK)
symmetric algorithm
Authentication
private network address
10. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
Challenge Handshake Authentication Protocol (CHAP)
Active Directory (AD)
SAM
port scanning
11. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
router
ISO 17799
Malicious code
Blowfish
12. Port 110
-sO
POP 3
quantitative risk assessment
-PT
13. Using conversation or some other interaction between people to gather useful information.
human-based social engineering
CNAME record
Banner Grabbing
Annualized Loss Expectancy (ALE)
14. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
Man-in-the-middle attack
Warm Site
sidejacking
network operations center (NOC)
15. Ping Scan
-sP
net use \[target ip]IPC$ '' /user:''
S
human-based social engineering
16. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Internet Protocol (IP)
Block Cipher
RID Resource identifier
-sW
17. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.
public key
initial sequence number (ISN)
non-repudiation
Rijndael
18. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.
-PI
Defense in Depth
signature scanning
Request for Comments (RFC)
19. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
Sign in Seal
Countermeasures
Web Spider
-sP
20. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Archive
asynchronous transmission
Finding a directory listing and gaining access to a parent or root file for access to other files
Auditing
21. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
Presentation layer
segment
false rejection rate (FRR)
Trapdoor Function
22. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
phishing
Level I assessment
overt channel
ECHO reply
23. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
802.11 i
proxy server
Wide Area Network (WAN)
24. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
Assessment
Black Box Testing
NOP
Collision Domain
25. Window Scan
-sW
-sS
remote access
qualitative analysis
26. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.
Cryptographic Key
-sU
CAM table
Active Fingerprinting
27. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
security defect
single loss expectancy (SLE)
Service Set Identifier (SSID)
Simple Network Management Protocol (SNMP)
28. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.
Baseline
replay attack
-PM
Third Party
29. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Data Encryption Standard (DES)
Countermeasures
Videocipher II Satellite Encryption System
Application Layer
30. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
identity theft
honeynet
Fast Ethernet
DNS enumeration
31. An organized collection of data.
Database
Echo Reply
Post Office Protocol 3 (POP3)
Acceptable Use Policy (AUP)
32. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
Domain Name System (DNS) cache poisoning
SYN flood attack
Level III assessment
stream cipher
33. ICMP Type/Code 3
Destination Unreachable
Acknowledgment (ACK)
Rijndael
Dumpster Diving
34. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
reconnaissance
NOP
Authentication Header (AH)
Bluejacking
35. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
logic bomb
script kiddie
pattern matching
Authentication - Authorization - and Accounting (AAA)
36. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
NetBSD
Cryptography
Availability
Filter
37. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.
Wi-Fi Protected Access (WPA)
quality of service (QoS)
Level I assessment
Level II assessment
38. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
Wi-Fi Protected Access (WPA)
File Transfer Protocol (FTP)
Domain Name
Algorithm
39. The process of recording activity on a system for monitoring and later review.
Methodology
Auditing
overt channel
Electronic serial number
40. The act of checking some sequence of tokens for the presence of the constituents of some pattern.
parallel scan
pattern matching
ring topology
802.11 i
41. A hardware device used to log keystrokes covertly. Hardware keystroke loggers are very dangerous due to the fact that they cannot be detected through regular software/anti-malware scanning.
hardware keystroke logger
Syslog
INFOSEC Assessment Methodology (IAM)
FTP
42. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets
session splicing
Trusted Computer System Evaluation Criteria (TCSEC)
-PP
Trapdoor Function
43. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption
Algorithm
Bluesnarfing
separation of duties
Application-Level Attacks
44. A method of external testing whereby several systems or resources are used together to effect an attack.
red team
parallel scan & 75 sec timeout & 0.3 sec/probe
Daisy Chaining
public key infrastructure (PKI)
45. nmap
Trusted Computer System Evaluation Criteria (TCSEC)
--randomize_hosts -O OS fingerprinting
Accountability
Zero Subnet
46. A social-engineering attack using computer resources - such as e-mail or IRC.
Macro virus
session hijacking
Hacks without permission
Computer-Based Attack
47. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
hot site
Whois
Cracker
-sA
48. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
INFOSEC Assessment Methodology (IAM)
Routing Protocol
Data Link layer
separation of duties
49. A communications protocol used for browsing the Internet.
Application Layer
Tini
Hypertext Transfer Protocol (HTTP)
Overwhelm CAM table to convert switch to hub mode
50. ICMP Netmask
Information Technology (IT) infrastructure
-PM
Simple Object Access Protocol (SOAP)
Black Box Testing
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests