Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP SYN Scan






2. 18 U.S.C. 1030






3. Network Scanning






4. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






5. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.






6. Transmitting one protocol encapsulated inside another protocol.






7. A documented process for a procedure designed to be consistent - repeatable - and accountable.






8. 18 U.S.C. 1029






9. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






10. A group of experts that handles computer security incidents.






11. A wireless networking mode where all clients connect to the wireless network through a central access point.






12. A type of malware that covertly collects information about a user.






13. A Canonical Name record within DNS - used to provide an alias for a domain name.






14. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.






15. A virus designed to infect the master boot record.






16. A point of reference used to mark an initial state in order to manage change.






17. FTP Bounce Attack






18. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the






19. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






20. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






21. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






22. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






23. An Application layer protocol for managing devices on an IP network.






24. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






25. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.






26. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a






27. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






28. Black box test






29. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






30. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






31. The conveying of official access or legal power to a person or entity.






32. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.






33. The combination of all IT assets - resources - components - and systems.






34. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.






35. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






36. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






37. A group of people - gathered together by a business entity - working to address a specific problem or goal.






38. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






39. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






40. The act of dialing all numbers within an organization to discover open modems.






41. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






42. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or






43. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






44. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.






45. ex 02






46. A device on a network.






47. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.






48. The steps taken to gather evidence and information on the targets you wish to attack.






49. The transmission of digital signals without precise clocking or synchronization.






50. An adapter that provides the physical connection to send and receive data between the computer and the network media.