SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A social-engineering attack that manipulates the victim into calling the attacker for help.
reverse social engineering
out-of-band signaling
-b
Real application encompassing Trojan
2. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Port Address Translation (PAT)
False Acceptance Rate (FAR)
Crossover Error Rate (CER)
Macro virus
3. Port 137/138/139
red team
Electronic Code Book (ECB)
Information Technology Security Evaluation Criteria (ITSEC)
SMB
4. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
Simple Mail Transfer Protocol (SMTP)
Vulnerability Scanning
packet
spam
5. Hashing algorithm that results in a 128-bit output.
Computer Emergency Response Team (CERT)
MD5
Trojan Horse
Mantrap
6. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.
ping sweep
OpenBSD
security incident response team (SIRT)
quality of service (QoS)
7. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.
payload
fragmentation
Tumbling
iris scanner
8. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
Client
Block Cipher
Cookie
Media Access Control (MAC)
9. A computer process that requests a service from another computer and accepts the server's responses.
separation of duties
Asynchronous
protocol stack
Client
10. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
risk acceptance
NOP
Fiber Distributed Data Interface (FDDI)
R
11. A protocol for exchanging packets over a serial line.
Target Of Engagement (TOE)
Trapdoor Function
Serial Line Internet Protocol (SLIP)
Access Creep
12. An adapter that provides the physical connection to send and receive data between the computer and the network media.
risk transference
Electronic Code Book (ECB)
POST
network interface card (NIC)
13. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Internet Control Message Protocol (ICMP)
Wired Equivalent Privacy (WEP)
Third Party
Block Cipher
14. A type of malware that covertly collects information about a user.
gray hat
spyware
SYN flood attack
Network Address Translation (NAT)
15. Safeguards or countermeasures to avoid - counteract - or minimize security risks.
Wiretapping
security controls
Annualized Loss Expectancy (ALE)
Bluejacking
16. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
Sign in Seal
Competitive Intelligence
intrusion detection system (IDS)
Three-Way (TCP) Handshake
17. TCP Ping
shrink-wrap code attacks
-PT
Level III assessment
port scanning
18. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
hot site
red team
Auditing
19. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.
Database
Cold Site
gateway
INFOSEC Assessment Methodology (IAM)
20. A virus that plants itself in a system's boot sector and infects the master boot record.
Boot Sector Virus
Real application encompassing Trojan
Worm
pattern matching
21. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Eavesdropping
-PT
Zombie
OpenBSD
22. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.
Multipurpose Internet Mail Extensions (MIME)
Secure Multipurpose Mail Extension (S/MIME)
initial sequence number (ISN)
promiscuous mode
23. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Network Basic Input/Output System (NetBIOS)
Due Care
Black Hat
firewall
24. A protocol that allows a client computer to request services from a server and the server to return the results.
DNS
-oN
Cold Site
remote procedure call (RPC)
25. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
Packet Internet Groper (ping)
Vulnerability Scanning
-sO
router
26. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
Computer Emergency Response Team (CERT)
Request for Comments (RFC)
Echo request
network operations center (NOC)
27. Port Scanning
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
28. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
impersonation
Malicious code
Cold Site
Serial Line Internet Protocol (SLIP)
29. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
Banner Grabbing
Asset
intranet
out-of-band signaling
30. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
SOA record
Buffer Overflow
ISO 17799
Access Point (AP)
31. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
Dumpster Diving
Anonymizer
risk assessment
MAC filtering
32. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.
Rijndael
Internet Protocol (IP)
Mantrap
Traceroute
33. A device on a network.
Methodology
node
POST
Buffer
34. A protocol used for sending and receiving log information for nodes on a network.
Brute-Force Password Attack
SSH
security incident response team (SIRT)
Syslog
35. ex 02
S
Authorization
Droppers
script kiddie
36. Establish Null Session
net use \[target ip]IPC$ '' /user:''
SYN flood attack
Community String
Crossover Error Rate (CER)
37. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
protocol
Smurf attack
secure channel
Crossover Error Rate (CER)
38. Port 389
Finger
Bastion host
False Acceptance Rate (FAR)
LDAP
39. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
Black Box Testing
honeynet
reverse lookup; reverse DNS lookup
parameter tampering
40. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.
Directory Traversal
ping sweep
Due Care
script kiddie
41. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
polymorphic virus
Sign in Seal
sheepdip
limitation of liability and remedies
42. nmap all output
network access server
non-repudiation
Database
-oA
43. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
Corrective Controls
Virtual Private Network (VPN)
hybrid attack
Network Basic Input/Output System (NetBIOS)
44. A wireless networking mode where all clients connect to the wireless network through a central access point.
Digital Certificate
infrastructure mode
Point-to-Point Protocol (PPP)
Buffer
45. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
Institute of Electrical and Electronics Engineers (IEEE)
Presentation layer
-PS
rootkit
46. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.
Brute-Force Password Attack
U P F
Exposure Factor
Bit Flipping
47. An unknown deficiency in software or some other product that results in a security vulnerability being identified.
Electronic Code Book (ECB)
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
payload
security defect
48. Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information.
Google hacking
Certificate Authority (CA)
Kerberos
Vulnerability Assessment
49. LM Hash for short passwords (under 7)
404EE
shoulder surfing
EDGAR database
promiscuous mode
50. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
inference attack
Blowfish
INFOSEC Assessment Methodology (IAM)
802.11
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests