SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.
private key
-oA
Videocipher II Satellite Encryption System
POST
2. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Application-Level Attacks
network interface card (NIC)
-sS
Cache
3. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
HTTP
Time Bomb
port knocking
hashing algorithm
4. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.
HIDS
Challenge Handshake Authentication Protocol (CHAP)
node
Wiretapping
5. A routing protocol developed to be used within a single organization.
spam
Interior Gateway Protocol (IGP)
single loss expectancy (SLE)
logic bomb
6. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.
Event
firewalking
Audit Data
-oA
7. Computer software or hardware that can intercept and log traffic passing over a digital network.
Vulnerability
Finger
Database
sniffer
8. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
Access Creep
Destination Unreachable
intrusion prevention system (IPS)
Tini
9. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
role-based access control
Institute of Electrical and Electronics Engineers (IEEE)
penetration testing
White Box Testing
10. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
Malicious code
A procedure for identifying active hosts on a network.
RxBoot
Droppers
11. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.
-PI
Lightweight Directory Access Protocol (LDAP)
parallel scan
firewall
12. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.
Internet Protocol (IP)
-sT
Written Authorization
Bluejacking
13. Cracking Tools
End User Licensing Agreement (EULA)
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Institute of Electrical and Electronics Engineers (IEEE)
social engineering
14. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
Secure Sockets Layer (SSL)
Packet Internet Groper (ping)
Zenmap
-sR
15. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the
Confidentiality
Cloning
piggybacking
Crossover Error Rate (CER)
16. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
hot site
net use \[target ip]IPC$ '' /user:''
false negative
The automated process of proactively identifying vulnerabilities of computing systems present in a network
17. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
Point-to-Point Protocol (PPP)
Covert Channel
Target Of Engagement (TOE)
hybrid attack
18. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
network tap
red team
iris scanner
Wired Equivalent Privacy (WEP)
19. A computer file system architecture used in Windows - OS/2 - and most memory cards.
Request for Comments (RFC)
--randomize_hosts -O OS fingerprinting
File Allocation Table (FAT)
role-based access control
20. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.
polymorphic virus
hybrid attack
nslookup
--randomize_hosts -O OS fingerprinting
21. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.
Due Diligence
integrity
hybrid attack
security bulletins
22. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -
Vulnerability
network tap
Malware
router
23. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
penetration testing
Zombie
security bulletins
encapsulation
24. An attack that exploits the common mistake many people make when installing operating systems
NT LAN Manager (NTLM)
operating system attack
parallel scan & 75 sec timeout & 0.3 sec/probe
-sW
25. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
CNAME record
payload
-sX
Directory Traversal
26. Describes practices in production and development that promote access to the end product's source materials.
DNS enumeration
Wireless Local Area Network (WLAN)
Wrapper
open source
27. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Availability
Copyright
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
-sR
28. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Smurf attack
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Internet Assigned Number Authority (IANA)
No previous knowledge of the network
29. ICMP Type/Code 3
Trusted Computer Base (TCB)
Destination Unreachable
security defect
router
30. Policy stating what users of a system can and cannot do with the organization's assets.
Acceptable Use Policy (AUP)
Tunneling Virus
Copyright
Auditing
31. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
-b
key exchange protocol
intrusion prevention system (IPS)
32. A software or hardware application or device that captures user keystrokes.
-PP
keylogger
Time exceeded
serialize scans & 0.4 sec wait
33. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.
remote procedure call (RPC)
TACACS
U P F
parallel scan
34. Insane scan timing
Time exceeded
File Allocation Table (FAT)
parallel scan & 75 sec timeout & 0.3 sec/probe
self encrypting
35. Injecting traffic into the network to identify the operating system of a device.
Kerberos
Wrapper
public key
Active Fingerprinting
36. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Access Creep
security breach or security incident
Annualized Loss Expectancy (ALE)
Trusted Computer Base (TCB)
37. The process of determining if a network entity (user or service) is legitimate
Authentication
rule-based access control
FreeBSD
private network address
38. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.
Buffer
Electronic serial number
Authentication Header (AH)
A R
39. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Asymmetric Algorithm
Detective Controls
Malware
Information Technology (IT) asset valuation
40. A computer virus that infects and spreads in multiple ways.
-sO
Multipartite virus
Droppers
secure channel
41. The combination of all IT assets - resources - components - and systems.
Information Technology (IT) security architecture and framework
Community String
Information Technology (IT) infrastructure
human-based social engineering
42. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
Kerberos
Wiretapping
Detective Controls
-oG
43. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
queue
firewalking
Web Spider
stateful packet filtering
44. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
Bug
Port Address Translation (PAT)
Serial Line Internet Protocol (SLIP)
CIA triangle
45. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
Bluesnarfing
scope creep
Community String
Challenge Handshake Authentication Protocol (CHAP)
46. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.
parallel scan & 75 sec timeout & 0.3 sec/probe
fully qualified domain name (FQDN)
session splicing
U P F
47. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
hacktivism
Address Resolution Protocol (ARP)
War Chalking
Electronic serial number
48. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Domain Name System (DNS) cache poisoning
risk acceptance
Internet service provider (ISP)
Domain Name System (DNS)
49. Black hat
Hacks without permission
-PS
Active Directory (AD)
false rejection rate (FRR)
50. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
sheepdip
honeynet
Methodology
intranet
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests