Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of systematically testing each port on a firewall to map rules and determine accessible ports.






2. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






3. Directory Transversal






4. A device providing temporary - on-demand - point-to-point network access to users.






5. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.






6. An organized collection of data.






7. A protocol that allows a client computer to request services from a server and the server to return the results.






8. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






9. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






10. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.






11. A routing protocol developed to be used within a single organization.






12. White hat






13. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






14. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






15. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






16. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






17. Vulnerability Scanning






18. A point of reference used to mark an initial state in order to manage change.






19. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.






20. Hex 29






21. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






22. ex 02






23. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.






24. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.






25. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






26. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.






27. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.






28. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






29. The potential for damage to or loss of an IT asset






30. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi






31. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






32. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par






33. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






34. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






35. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.






36. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






37. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






38. Formal description and evaluation of the vulnerabilities in an information system






39. An informed decision to accept the potential for damage to or loss of an IT asset.






40. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).






41. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.






42. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






43. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






44. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






45. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.






46. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






47. Using conversation or some other interaction between people to gather useful information.






48. The steps taken to gather evidence and information on the targets you wish to attack.






49. Metamorphic Virus






50. A computer process that requests a service from another computer and accepts the server's responses.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests