SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol defining packets that are able to be routed by a router.
serial scan & 300 sec wait
patch
routed protocol
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
2. Nmap normal output
network access server
Hacks without permission
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
-oN
3. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.
Vulnerability Scanning
encryption
Exploit
Traceroute
4. The potential for damage to or loss of an IT asset
No previous knowledge of the network
risk
parallel scan
Zenmap
5. Computer software or hardware that can intercept and log traffic passing over a digital network.
fully qualified domain name (FQDN)
Algorithm
sniffer
site survey
6. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
War Chalking
open source
gray hat
halo effect
7. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
segment
Data Encryption Standard (DES)
firewall
Routing Protocol
8. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption
security breach or security incident
logic bomb
reverse lookup; reverse DNS lookup
Community String
9. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
spam
shoulder surfing
Zenmap
smart card
10. Ports 20/21
FTP
Videocipher II Satellite Encryption System
Interior Gateway Protocol (IGP)
Information Technology (IT) asset criticality
11. Port 53
MAC filtering
encryption
DNS
parallel scan & 75 sec timeout & 0.3 sec/probe
12. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
shrink-wrap code attacks
RxBoot
honeynet
Cracker
13. ICMP Type/Code 3
Baseline
Demilitarized Zone (DMZ)
Destination Unreachable
Certificate Authority (CA)
14. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
SYN attack
Man-in-the-middle attack
Media Access Control (MAC)
Routing Information Protocol (RIP)
15. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)
Vulnerability Scanning
port redirection
hash
Syslog
16. A record showing which user has accessed a given resource and what operations the user performed during a given period.
Administratively Prohibited
Audit Trail
Digital Signature
Data Encryption Standard (DES)
17. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Fast Ethernet
Warm Site
sniffer
serialize scans & 0.4 sec wait
18. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
security kernel
Zombie
Level II assessment
routed protocol
19. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
Wireless Local Area Network (WLAN)
NT LAN Manager (NTLM)
Administratively Prohibited
Authentication
20. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
Virtual Local Area Network (VLAN)
false rejection rate (FRR)
session splicing
-sS
21. The art and science of creating a covert message or image within another message - image - audio - or video file.
SMB
A procedure for identifying active hosts on a network.
red team
steganography
22. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
-sO
Archive
identity theft
Cracker
23. The default network authentication suite of protocols for Windows NT 4.0
SNMP
network tap
Transmission Control Protocol (TCP)
NT LAN Manager (NTLM)
24. Metamorphic Virus
false rejection rate (FRR)
Tunnel
Self Replicating
Community String
25. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Trusted Computer System Evaluation Criteria (TCSEC)
infrastructure mode
Internet service provider (ISP)
Password Authentication Protocol (PAP)
26. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
out-of-band signaling
Open System Interconnection (OSI) Reference Model
rogue access point
ping sweep
27. Cracking Tools
MAC filtering
routed protocol
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Last In First Out (LIFO)
28. NSA
National Security Agency
RID Resource identifier
Back orifice
Malware
29. A virus designed to infect the master boot record.
Master boot record infector
Internet Control Message Protocol (ICMP)
social engineering
Timestamping
30. Transmitting one protocol encapsulated inside another protocol.
spoofing
-PS
Tunneling
SSH
31. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.
CNAME record
session hijacking
-P0
Transmission Control Protocol (TCP)
32. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
Countermeasures
Certificate
Collision Domain
Wrapper
33. A hardware device used to log keystrokes covertly. Hardware keystroke loggers are very dangerous due to the fact that they cannot be detected through regular software/anti-malware scanning.
Cold Site
Media Access Control (MAC)
private network address
hardware keystroke logger
34. nmap
Address Resolution Protocol (ARP) table
Web Spider
-p <port ranges>
Hacks without permission
35. Port 137/138/139
Information Technology Security Evaluation Criteria (ITSEC)
Methodology
SMB
network tap
36. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
Availability
-oA
Kerberos
Time exceeded
37. An e-mail protection method using a secret message or image that can be referenced on any official communication with the site; if an e-mail is received without the image or message - the recipient knows it is not legitimate.
Sign in Seal
-sO
patch
CNAME record
38. 18 U.S.C. 1029
Possession of access devices
Electronic Code Book (ECB)
Common Internet File System/Server Message Block
self encrypting
39. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Zone transfer
key exchange protocol
Lightweight Directory Access Protocol (LDAP)
protocol stack
40. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.
source routing
Acceptable Use Policy (AUP)
Temporal Key Integrity Protocol (TKIP)
ping sweep
41. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
Data Encryption Standard (DES)
Eavesdropping
encryption
social engineering
42. Hex 10
A
404EE
steganography
XOR Operation
43. Nmap ml output
site survey
intrusion detection system (IDS)
Media Access Control (MAC)
-oX
44. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
Wi-Fi
Timestamping
-sX
Wide Area Network (WAN)
45. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
Virus
key exchange protocol
ECHO reply
parallel scan & 300 sec timeout & 1.25 sec/probe
46. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Request for Comments (RFC)
Address Resolution Protocol (ARP) table
site survey
Boot Sector Virus
47. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
Access Point (AP)
Zenmap
Denial of Service (DoS)
Hierarchical File System (HFS)
48. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
Post Office Protocol 3 (POP3)
SID
Pretty Good Privacy (PGP)
footprinting
49. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
Fiber Distributed Data Interface (FDDI)
Administratively Prohibited
routed protocol
service level agreements (SLAs)
50. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
Level I assessment
halo effect
Timestamping
Defines legal email marketing