Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.






2. Network Scanning






3. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






4. A device providing temporary - on-demand - point-to-point network access to users.






5. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






6. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






7. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.






8. Using conversation or some other interaction between people to gather useful information.






9. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.






10. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






11. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






12. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






13. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information






14. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






15. ICMP Ping






16. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






17. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g






18. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






19. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.






20. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






21. FIN Scan






22. Incremental Substitution






23. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.






24. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






25. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.






26. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






27. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa






28. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.






29. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.






30. Name given to expert groups that handle computer security incidents.






31. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






32. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.






33. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






34. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






35. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.






36. The art and science of creating a covert message or image within another message - image - audio - or video file.






37. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.






38. A method of external testing whereby several systems or resources are used together to effect an attack.






39. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.






40. A social-engineering attack using computer resources - such as e-mail or IRC.






41. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.






42. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.






43. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






44. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






45. Computer software or hardware that can intercept and log traffic passing over a digital network.






46. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






47. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely






48. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






49. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.






50. A portion of memory used to temporarily store output or input data.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests