Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






2. Black box test






3. A record showing which user has accessed a given resource and what operations the user performed during a given period.






4. Port 161/162






5. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).






6. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.






7. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.






8. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






9. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






10. Version Detection Scan






11. The condition of a resource being ready for use and accessible by authorized users.






12. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.






13. Port 137/138/139






14. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.






15. don't ping






16. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






17. Network Scanning






18. Polite scan timing






19. A virus written in a macro language and usually embedded in document or spreadsheet files.






20. An Application layer protocol for managing devices on an IP network.






21. A free and popular version of the Unix operating system.






22. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






23. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






24. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






25. Two or more LANs connected by a high-speed line across a large geographical area.






26. A communications path - such as the Internet - authorized for data transmission within a computer system or network.






27. An attack that exploits the common mistake many people make when installing operating systems






28. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






29. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi






30. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.






31. Computer software or hardware that can intercept and log traffic passing over a digital network.






32. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






33. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.






34. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.






35. ICMP Type/Code 0-0






36. A systematic process for the assessment of security vulnerabilities.






37. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






38. Injecting traffic into the network to identify the operating system of a device.






39. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.






40. Hex 14






41. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






42. The steps taken to gather evidence and information on the targets you wish to attack.






43. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






44. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie






45. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






46. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.






47. PI and PT Ping






48. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






49. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all






50. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests