Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hardware device used to log keystrokes covertly. Hardware keystroke loggers are very dangerous due to the fact that they cannot be detected through regular software/anti-malware scanning.






2. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.






3. A software or hardware defect that often results in system vulnerabilities.






4. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.






5. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






6. The combination of all IT assets - resources - components - and systems.






7. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






8. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.






9. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






10. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






11. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).






12. Xmas Tree scan






13. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






14. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






15. Aggressive scan timing






16. Name given to expert groups that handle computer security incidents.






17. Window Scan






18. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.






19. A defined measure of service within a network system






20. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






21. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






22. ex 02






23. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






24. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)






25. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






26. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






27. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.






28. A storage buffer that transparently stores data so future requests for the same data can be served faster.






29. ICMP Type/Code 3-13






30. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.






31. The lack of clocking (imposed time ordering) on a bit stream.






32. Hex 14






33. A device on a network.






34. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






35. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






36. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.






37. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information






38. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






39. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






40. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






41. A wireless networking mode where all clients connect to the wireless network through a central access point.






42. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






43. A program designed to execute at a specific time to release malicious code onto the computer system or network.






44. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).






45. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






46. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.






47. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






48. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






49. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.






50. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests