SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Metamorphic Virus
SOA record
Self Replicating
OpenBSD
Collision
2. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
source routing
Time exceeded
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Mandatory access control (MAC)
3. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
gateway
logic bomb
Multipurpose Internet Mail Extensions (MIME)
ISO 17799
4. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Data Encryption Standard (DES)
Serial Line Internet Protocol (SLIP)
HTTP
Self Replicating
5. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
service level agreements (SLAs)
-p <port ranges>
Cache
Request for Comments (RFC)
6. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
-sS
Temporal Key Integrity Protocol (TKIP)
Distributed DoS (DDoS)
Zero Subnet
7. Nmap normal output
Transport Layer Security (TLS)
Vulnerability Assessment
FTP
-oN
8. MAC Flooding
-sO
rootkit
Overwhelm CAM table to convert switch to hub mode
public key
9. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
enumeration
rootkit
Electronic Code Book (ECB)
social engineering
10. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.
Wiretapping
identity theft
RPC-DCOM
human-based social engineering
11. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
out-of-band signaling
-sP
risk assessment
Accountability
12. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Banner Grabbing
Transmission Control Protocol (TCP)
Third Party
Block Cipher
13. List Scan
Hacks without permission
packet filtering
Kerberos
-sL
14. Computer software or hardware that can intercept and log traffic passing over a digital network.
U P F
session hijacking
Data Link layer
sniffer
15. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.
Serial Line Internet Protocol (SLIP)
Packet Internet Groper (ping)
footprinting
Virus Hoax
16. SYN Ping
packet filtering
-PS
serialize scans & 0.4 sec wait
Methodology
17. Safeguards or countermeasures to avoid - counteract - or minimize security risks.
security controls
Point-to-Point Protocol (PPP)
DNS enumeration
intrusion detection system (IDS)
18. A device providing temporary - on-demand - point-to-point network access to users.
Bastion host
honeypot
Block Cipher
network access server
19. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
Active Directory (AD)
null session
CAM table
polymorphic virus
20. A string that represents the location of a web resource
network tap
Uniform Resource Locator (URL)
End User Licensing Agreement (EULA)
File Allocation Table (FAT)
21. Phases of an attack
risk acceptance
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Local Administrator
hot site
22. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
flood
Bluesnarfing
Uniform Resource Locator (URL)
Auditing
23. A social-engineering attack that manipulates the victim into calling the attacker for help.
Minimum acceptable level of risk
ad hoc mode
reverse social engineering
-oN
24. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
physical security
Accountability
inference attack
Institute of Electrical and Electronics Engineers (IEEE)
25. The default network authentication suite of protocols for Windows NT 4.0
Wired Equivalent Privacy (WEP)
NT LAN Manager (NTLM)
Hypertext Transfer Protocol Secure (HTTPS)
Data Encryption Standard (DES)
26. An e-mail protection method using a secret message or image that can be referenced on any official communication with the site; if an e-mail is received without the image or message - the recipient knows it is not legitimate.
802.11
Sign in Seal
Vulnerability Management
Authorization
27. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par
Hacks with permission
role-based access control
shrink-wrap code attacks
Echo request
28. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Hacks with permission
Antivirus (AV) software
Console Port
Collision Domain
29. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Cloning
NOP
honeypot
Malicious code
30. Directing a protocol from one port to another.
passive attack
port redirection
open source
Dumpster Diving
31. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Asymmetric Algorithm
Virus
gray hat
Network Basic Input/Output System (NetBIOS)
32. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.
Secure Multipurpose Mail Extension (S/MIME)
Threat
Trojan Horse
Tumbling
33. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Man-in-the-middle attack
Extensible Authentication Protocol (EAP)
Digital Signature
hot site
34. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Macro virus
Traceroute
Port Address Translation (PAT)
Kerberos
35. ICMP Type/Code 11
-b
SNMP
Time exceeded
Virus
36. Establish Null Session
Finger
net use \[target ip]IPC$ '' /user:''
Written Authorization
-sS
37. An attack that exploits the common mistake many people make when installing operating systems
HTTP tunneling
Transmission Control Protocol (TCP)
operating system attack
Videocipher II Satellite Encryption System
38. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
Administratively Prohibited
A procedure for identifying active hosts on a network.
security by obscurity
Tini
39. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.
-PI
limitation of liability and remedies
Wi-Fi Protected Access (WPA)
quality of service (QoS)
40. ICMP Type/Code 0-0
out-of-band signaling
Common Internet File System/Server Message Block
protocol
Echo Reply
41. An early network application that provides information on users currently logged on to a machine.
Asynchronous
Packet Internet Groper (ping)
Finger
Annualized Loss Expectancy (ALE)
42. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
social engineering
enumeration
hacktivism
Address Resolution Protocol (ARP) table
43. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
scope creep
Decryption
Ciphertext
Fiber Distributed Data Interface (FDDI)
44. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
Address Resolution Protocol (ARP) table
Community String
Network Basic Input/Output System (NetBIOS)
Bluetooth
45. A documented process for a procedure designed to be consistent - repeatable - and accountable.
gray box testing
RxBoot
Malicious code
Methodology
46. Version Detection Scan
-sV
risk acceptance
Cracker
Internal access to the network
47. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
Cookie
Boot Sector Virus
security kernel
enumeration
48. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
parameter tampering
Bastion host
Virus Hoax
role-based access control
49. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
Information Technology (IT) infrastructure
Certificate
Tumbling
Open System Interconnection (OSI) Reference Model
50. Sneaky scan timing
serialize scans & 15 sec wait
public key
Pretty Good Privacy (PGP)
Local Administrator
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests