SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The concept of having more than one person required to complete a task
Internet Control Message Protocol (ICMP)
SYN attack
overt channel
separation of duties
2. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
NetBSD
HIDS
Certificate Authority (CA)
Fraud and related activity in connection with computers
3. The conveying of official access or legal power to a person or entity.
Authentication Header (AH)
Acceptable Use Policy (AUP)
Authorization
risk transference
4. The process of determining if a network entity (user or service) is legitimate
rogue access point
Detective Controls
Authentication
source routing
5. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
RxBoot
Internal access to the network
Finger
Redundant Array of Independent Disks (RAID)
6. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Daemon
Zone transfer
symmetric encryption
Boot Sector Virus
7. A type of malware that covertly collects information about a user.
spyware
Last In First Out (LIFO)
802.11 i
sidejacking
8. CAN-SPAM
Defines legal email marketing
rootkit
Last In First Out (LIFO)
fully qualified domain name (FQDN)
9. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
Wired Equivalent Privacy (WEP)
Covert Channel
-sR
social engineering
10. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
fragmentation
Active Attack
Black Box Testing
hacktivism
11. PI and PT Ping
Hypertext Transfer Protocol (HTTP)
risk
-PB
Google hacking
12. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.
Information Technology Security Evaluation Criteria (ITSEC)
Collision Domain
Bluesnarfing
-oA
13. A device providing temporary - on-demand - point-to-point network access to users.
Syslog
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
scope creep
network access server
14. Port 31337
Internal access to the network
packet
Administratively Prohibited
Back orifice
15. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator
rootkit
hot site
-sS
encapsulation
16. A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.
Contingency Plan
Last In First Out (LIFO)
-P0
Trapdoor Function
17. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa
Electronic Code Book (ECB)
Bluesnarfing
Information Technology (IT) security architecture and framework
MD5
18. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
separation of duties
encryption
Due Care
overt channel
19. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi
firewalking
gray hat
Daisy Chaining
Decryption
20. Policy stating what users of a system can and cannot do with the organization's assets.
local area network (LAN)
scope creep
Acceptable Use Policy (AUP)
FTP
21. The potential for damage to or loss of an IT asset
Level I assessment
Daisy Chaining
Fast Ethernet
risk
22. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.
quantitative risk assessment
rule-based access control
Replacing numbers in a url to access other files
false negative
23. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
risk assessment
Blowfish
SMB
Biometrics
24. A tool that helps a company to compare its actual performance with its potential performance.
steganography
RxBoot
Traceroute
gap analysis
25. A command used in HTTP and FTP to retrieve a file from a server.
GET
SAM
-sR
Media Access Control (MAC)
26. A Windows-based GUI version of nmap.
Domain Name System (DNS) lookup
Dumpster Diving
Interior Gateway Protocol (IGP)
Zenmap
27. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
segment
proxy server
Presentation layer
Exposure Factor
28. A host designed to collect data on suspicious activity.
Simple Mail Transfer Protocol (SMTP)
Secure Multipurpose Mail Extension (S/MIME)
Routing Protocol
honeypot
29. Insane scan timing
parallel scan & 75 sec timeout & 0.3 sec/probe
FreeBSD
Trojan Horse
Bastion host
30. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Multipurpose Internet Mail Extensions (MIME)
File Allocation Table (FAT)
-PT
Minimum acceptable level of risk
31. A virus that plants itself in a system's boot sector and infects the master boot record.
routed protocol
Boot Sector Virus
Tunneling Virus
patch
32. A file system used by the Mac OS.
session splicing
Hierarchical File System (HFS)
Community String
SAM
33. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Access Control List (ACL)
Domain Name System (DNS) cache poisoning
SID
Vulnerability Scanning
34. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Fiber Distributed Data Interface (FDDI)
Whois
port knocking
Hypertext Transfer Protocol Secure (HTTPS)
35. MAC Flooding
Domain Name
Overwhelm CAM table to convert switch to hub mode
Master boot record infector
null session
36. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.
private key
Black Hat
Confidentiality
false rejection rate (FRR)
37. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
Eavesdropping
steganography
Database
Wi-Fi
38. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
signature scanning
Trusted Computer System Evaluation Criteria (TCSEC)
-sT
Finding a directory listing and gaining access to a parent or root file for access to other files
39. A social-engineering attack using computer resources - such as e-mail or IRC.
Computer-Based Attack
keylogger
Packet Internet Groper (ping)
-oX
40. FIN Scan
Uniform Resource Locator (URL)
risk avoidance
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
-sF
41. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
Common Internet File System/Server Message Block
File Transfer Protocol (FTP)
false rejection rate (FRR)
-PS
42. Hex 12
router
Zero Subnet
A S
nslookup
43. Vulnerability Scanning
Crossover Error Rate (CER)
The automated process of proactively identifying vulnerabilities of computing systems present in a network
shrink-wrap code attacks
penetration testing
44. ACK Scan
Interior Gateway Protocol (IGP)
risk avoidance
Competitive Intelligence
-sA
45. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
security bulletins
Banner Grabbing
security defect
Presentation layer
46. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
Block Cipher
Hierarchical File System (HFS)
Backdoor
Filter
47. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).
Hierarchical File System (HFS)
key exchange protocol
-sU
Tiger Team
48. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
honeypot
rogue access point
security kernel
Port Address Translation (PAT)
49. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets
intrusion prevention system (IPS)
session splicing
Videocipher II Satellite Encryption System
Routing Information Protocol (RIP)
50. RPC Scan
SAM
Last In First Out (LIFO)
-sR
INFOSEC Assessment Methodology (IAM)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests