Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A file system used by the Mac OS.






2. A wireless networking mode where all clients connect to the wireless network through a central access point.






3. Attacks on the actual programming code of an application.






4. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.






5. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






6. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






7. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






8. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






9. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.






10. A method of external testing whereby several systems or resources are used together to effect an attack.






11. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






12. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.






13. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.






14. A type of malware that covertly collects information about a user.






15. Any network incident that prompts some kind of log entry or other notification.






16. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






17. The potential for damage to or loss of an IT asset






18. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






19. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.






20. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.






21. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.






22. A business - government agency - or educational institution that provides access to the Internet.






23. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.






24. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






25. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.






26. A social-engineering attack using computer resources - such as e-mail or IRC.






27. Ping Scan






28. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






29. Transmitting one protocol encapsulated inside another protocol.






30. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






31. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






32. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






33. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






34. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






35. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.






36. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






37. Normal scan timing






38. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.






39. Wrapper or Binder






40. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






41. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






42. A host designed to collect data on suspicious activity.






43. Phases of an attack






44. Insane scan timing






45. Ports 20/21






46. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.






47. The act of dialing all numbers within an organization to discover open modems.






48. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






49. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






50. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests