Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A software or hardware application or device that captures user keystrokes.






2. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.






3. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






4. don't ping






5. Incremental Substitution






6. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.






7. A command used in HTTP and FTP to retrieve a file from a server.






8. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.






9. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U






10. Malware designed to install some sort of virus - backdoor - and so on - on a target system.






11. Formal description and evaluation of the vulnerabilities in an information system






12. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)






13. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






14. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






15. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






16. Access by information systems (or users) communicating from outside the information system security perimeter.






17. Any network incident that prompts some kind of log entry or other notification.






18. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






19. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






20. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






21. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






22. A type of malware that covertly collects information about a user.






23. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.






24. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.






25. A protocol defining packets that are able to be routed by a router.






26. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






27. The combination of all IT assets - resources - components - and systems.






28. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






29. Port 23






30. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






31. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






32. A tool that helps a company to compare its actual performance with its potential performance.






33. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






34. LM Hash for short passwords (under 7)






35. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






36. Shifting responsibility from one party to another






37. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.






38. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






39. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public






40. A group of people - gathered together by a business entity - working to address a specific problem or goal.






41. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






42. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






43. Port 31337






44. A point of reference used to mark an initial state in order to manage change.






45. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






46. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.






47. A virus written in a macro language and usually embedded in document or spreadsheet files.






48. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.






49. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






50. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests