SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
stateful packet filtering
Event
Brute-Force Password Attack
pattern matching
2. An early network application that provides information on users currently logged on to a machine.
Traceroute
--randomize_hosts -O OS fingerprinting
Wi-Fi Protected Access (WPA)
Finger
3. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
Unicode
out-of-band signaling
ECHO reply
Fiber Distributed Data Interface (FDDI)
4. Port 137/138/139
Wired Equivalent Privacy (WEP)
Crossover Error Rate (CER)
HTTP tunneling
SMB
5. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.
Videocipher II Satellite Encryption System
Vulnerability Scanning
session splicing
qualitative analysis
6. Black hat
Bluetooth
Antivirus (AV) software
Trojan Horse
Hacks without permission
7. Idlescan
-sI
sidejacking
security kernel
Accountability
8. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.
Zero Subnet
security controls
Wrapper
Internet Protocol Security (IPSec) architecture
9. Looking over an authorized user's shoulder in order to steal information (such as authentication information).
payload
shoulder surfing
parameter tampering
Confidentiality
10. Injecting traffic into the network to identify the operating system of a device.
Simple Network Management Protocol (SNMP)
SNMP
Active Fingerprinting
Asynchronous
11. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
rule-based access control
Annualized Loss Expectancy (ALE)
spyware
Simple Network Management Protocol (SNMP)
12. The process of recording activity on a system for monitoring and later review.
remote procedure call (RPC)
Auditing
Malicious code
integrity
13. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
Information Technology (IT) infrastructure
802.11 i
Methodology
Collision Domain
14. The lack of clocking (imposed time ordering) on a bit stream.
Exposure Factor
SAM
Information Technology (IT) asset valuation
Asynchronous
15. Port 88
Kerberos
Collision Domain
Wi-Fi
Timestamping
16. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
-PB
Digital Certificate
Finding a directory listing and gaining access to a parent or root file for access to other files
-sW
17. A group of experts that handles computer security incidents.
patch
security incident response team (SIRT)
Address Resolution Protocol (ARP)
A
18. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
Packet Internet Groper (ping)
NT LAN Manager (NTLM)
Echo Reply
shrink-wrap code attacks
19. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
-PI
private network address
encryption
parameter tampering
20. 18 U.S.C. 1029
Application-Level Attacks
Possession of access devices
Zenmap
key exchange protocol
21. The condition of a resource being ready for use and accessible by authorized users.
Availability
False Acceptance Rate (FAR)
A
Uniform Resource Locator (URL)
22. Port 135
SSH
Active Attack
-sA
RPC-DCOM
23. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
U P F
Information Technology (IT) asset criticality
Data Link layer
proxy server
24. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.
Distributed DoS (DDoS)
Domain Name
Echo Reply
route
25. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
Interior Gateway Protocol (IGP)
Wiretapping
802.11 i
network operations center (NOC)
26. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.
Vulnerability Assessment
spoofing
self encrypting
File Allocation Table (FAT)
27. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
MAC filtering
ad hoc mode
RPC-DCOM
Simple Object Access Protocol (SOAP)
28. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.
Routing Information Protocol (RIP)
inference attack
Event
Bug
29. A person or entity indirectly involved in a relationship between two principles.
honeynet
Distributed DoS (DDoS)
Third Party
Transport Layer Security (TLS)
30. The monetary loss that can be expected for an asset due to risk over a one-year period. ALE is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as ALE = ARO
Annualized Loss Expectancy (ALE)
Discretionary Access Control (DAC)
Hypertext Transfer Protocol (HTTP)
Tunneling
31. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Bluetooth
sheepdip
Trusted Computer System Evaluation Criteria (TCSEC)
Daemon
32. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
-oG
security by obscurity
Application Layer
physical security
33. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
gray box testing
Application-Level Attacks
Adware
network interface card (NIC)
34. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t
Brute-Force Password Attack
Sign in Seal
audit
NetBSD
35. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.
Information Technology (IT) asset criticality
Cache
Level II assessment
halo effect
36. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
Google hacking
rule-based access control
Dumpster Diving
Anonymizer
37. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
-P0
Exploit
R
Application Layer
38. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the
DNS
Crossover Error Rate (CER)
single loss expectancy (SLE)
Zero Subnet
39. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
segment
Cloning
source routing
sidejacking
40. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
intranet
Audit Trail
Web Spider
sheepdip
41. An unknown deficiency in software or some other product that results in a security vulnerability being identified.
security defect
security incident response team (SIRT)
protocol stack
-sF
42. Hex 29
Dumpster Diving
U P F
-PM
polymorphic virus
43. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -
Malware
symmetric encryption
packet
scope creep
44. The transmission of digital signals without precise clocking or synchronization.
Challenge Handshake Authentication Protocol (CHAP)
asynchronous transmission
parallel scan & 300 sec timeout & 1.25 sec/probe
risk avoidance
45. Version Detection Scan
Third Party
-sV
Zenmap
security controls
46. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
War Chalking
-sW
security by obscurity
inference attack
47. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.
Exploit
queue
False Acceptance Rate (FAR)
Simple Object Access Protocol (SOAP)
48. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.
Fast Ethernet
HIDS
Bit Flipping
Black Box Testing
49. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
-sL
Audit Trail
non-repudiation
packet
50. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
NetBus
Wireless Local Area Network (WLAN)
router
reverse social engineering