SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Xmas Tree scan
-sX
Vulnerability
Wireless Local Area Network (WLAN)
security defect
2. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Due Care
qualitative analysis
Internet Protocol Security (IPSec) architecture
overt channel
3. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
Black Box Testing
Certificate
Multipurpose Internet Mail Extensions (MIME)
Competitive Intelligence
4. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
Mantrap
Telnet
serial scan & 300 sec wait
Network Address Translation (NAT)
5. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
encryption
shrink-wrap code attacks
DNS
Authorization
6. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
initial sequence number (ISN)
Target Of Engagement (TOE)
session splicing
False Acceptance Rate (FAR)
7. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
inference attack
Hypertext Transfer Protocol (HTTP)
War Driving
-sI
8. An informed decision to accept the potential for damage to or loss of an IT asset.
penetration testing
Syslog
risk acceptance
Wide Area Network (WAN)
9. Shifting responsibility from one party to another
Authorization
payload
MD5
risk transference
10. The default network authentication suite of protocols for Windows NT 4.0
Routing Protocol
enumeration
Due Care
NT LAN Manager (NTLM)
11. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Point-to-Point Tunneling Protocol (PPTP)
security kernel
CAM table
12. Normal scan timing
parallel scan
identity theft
File Transfer Protocol (FTP)
red team
13. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
Trapdoor Function
intranet
encapsulation
Echo request
14. A computer system that performs tasks dictated by an attacker from a remote location. Zombies may be active or idle - and owners of the systems generally do not know their systems are compromised.
ISO 17799
Zombie
Confidentiality
MAC filtering
15. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
logic bomb
CAM table
shoulder surfing
Virus Hoax
16. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
serialize scans & 15 sec wait
Secure Sockets Layer (SSL)
out-of-band signaling
SNMP
17. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.
parameter tampering
script kiddie
HIDS
ping sweep
18. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Daisy Chaining
packet filtering
Smurf attack
Traceroute
19. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.
NetBus
Minimum acceptable level of risk
identity theft
source routing
20. A string that represents the location of a web resource
Challenge Handshake Authentication Protocol (CHAP)
Collision
Uniform Resource Locator (URL)
security bulletins
21. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.
Port Address Translation (PAT)
social engineering
Internet Assigned Number Authority (IANA)
infrastructure mode
22. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
Real application encompassing Trojan
NOP
Post Office Protocol 3 (POP3)
Open System Interconnection (OSI) Reference Model
23. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
stream cipher
CAM table
security defect
Backdoor
24. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
No previous knowledge of the network
Service Set Identifier (SSID)
War Chalking
firewall
25. An Application layer protocol for managing devices on an IP network.
personal identification number (PIN)
Authentication - Authorization - and Accounting (AAA)
hardware keystroke logger
Simple Network Management Protocol (SNMP)
26. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.
parallel scan & 75 sec timeout & 0.3 sec/probe
RID Resource identifier
null session
stateful packet filtering
27. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
A
Application Layer
Acknowledgment (ACK)
DNS enumeration
28. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
OpenBSD
MD5
Cold Site
router
29. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
spam
Bluesnarfing
risk acceptance
encryption
30. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.
Virtual Local Area Network (VLAN)
security bulletins
RID Resource identifier
fragmentation
31. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).
DNS
NOP
Detective Controls
port scanning
32. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
Web Spider
Transmission Control Protocol (TCP)
No previous knowledge of the network
polymorphic virus
33. Insane scan timing
OpenBSD
Fiber Distributed Data Interface (FDDI)
Time exceeded
parallel scan & 75 sec timeout & 0.3 sec/probe
34. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
SID
Syslog
Covert Channel
Media Access Control (MAC)
35. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.
Internet Protocol (IP)
Cookie
hashing algorithm
fully qualified domain name (FQDN)
36. The potential for damage to or loss of an IT asset
risk
Time To Live (TTL)
-PB
Authentication Header (AH)
37. Version Detection Scan
S
-sV
-PP
shrink-wrap code attacks
38. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a
Domain Name
Videocipher II Satellite Encryption System
Demilitarized Zone (DMZ)
fragmentation
39. A business - government agency - or educational institution that provides access to the Internet.
Availability
Exposure Factor
Backdoor
Internet service provider (ISP)
40. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
Secure Sockets Layer (SSL)
Accountability
Due Diligence
Countermeasures
41. Port 135
Local Administrator
-oA
RPC-DCOM
SID
42. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
Trusted Computer Base (TCB)
patch
Digital Watermarking
public key
43. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
overt channel
risk avoidance
Cryptographic Key
private key
44. A Windows-based GUI version of nmap.
National Security Agency
White Box Testing
Telnet
Zenmap
45. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Antivirus (AV) software
secure channel
iris scanner
46. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
quantitative risk assessment
-PI
false rejection rate (FRR)
Wi-Fi Protected Access (WPA)
47. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
ECHO reply
parallel scan & 300 sec timeout & 1.25 sec/probe
Fraud and related activity in connection with computers
Trusted Computer System Evaluation Criteria (TCSEC)
48. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).
Archive
U P F
rootkit
Zone transfer
49. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
reverse social engineering
-p <port ranges>
Network Basic Input/Output System (NetBIOS)
Port Address Translation (PAT)
50. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Internet service provider (ISP)
Fast Ethernet
Backdoor
Internal access to the network