SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
Web Spider
quality of service (QoS)
Annualized Loss Expectancy (ALE)
Zero Subnet
2. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.
heuristic scanning
Decryption
reconnaissance
Tumbling
3. A device on a network.
node
Request for Comments (RFC)
Internet Protocol Security (IPSec) architecture
Back orifice
4. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
shoulder surfing
Institute of Electrical and Electronics Engineers (IEEE)
War Driving
Traceroute
5. An early network application that provides information on users currently logged on to a machine.
Active Directory (AD)
Finger
false rejection rate (FRR)
-PB
6. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
Bastion host
separation of duties
protocol
Redundant Array of Independent Disks (RAID)
7. 18 U.S.C. 1030
Time Bomb
Fraud and related activity in connection with computers
Tunnel
Authentication - Authorization - and Accounting (AAA)
8. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination
A procedure for identifying active hosts on a network.
shoulder surfing
packet filtering
Dumpster Diving
9. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
404EE
Data Link layer
Collision
port redirection
10. Access by information systems (or users) communicating from outside the information system security perimeter.
out-of-band signaling
Echo request
Boot Sector Virus
remote access
11. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
self encrypting
Mantrap
Last In First Out (LIFO)
Anonymizer
12. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur
promiscuous mode
Minimum acceptable level of risk
Web Spider
local area network (LAN)
13. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).
Buffer Overflow
passive attack
National Security Agency
Cold Site
14. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
promiscuous mode
Directory Traversal
-sS
Point-to-Point Protocol (PPP)
15. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.
spam
Black Hat
Trusted Computer Base (TCB)
Kerberos
16. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
encapsulation
Annualized Loss Expectancy (ALE)
Third Party
Cryptography
17. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Copyright
Antivirus (AV) software
footprinting
POST
18. Nmap grepable output
Discretionary Access Control (DAC)
-oG
Bit Flipping
routed protocol
19. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
sheepdip
SOA record
Wi-Fi
false rejection rate (FRR)
20. TCP SYN Scan
Vulnerability Assessment
fragmentation
-sS
A
21. The process of embedding information into a digital signal in a way that makes it difficult to remove.
CNAME record
Asymmetric
Digital Watermarking
Trojan Horse
22. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
null session
Asymmetric Algorithm
Vulnerability
Ethical Hacker
23. Port 161/162
-sU
private network address
SNMP
Hypertext Transfer Protocol Secure (HTTPS)
24. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.
Collision Domain
Echo Reply
Defense in Depth
-sT
25. ICMP Type/Code 3-13
-sU
Hierarchical File System (HFS)
Transmission Control Protocol (TCP)
Administratively Prohibited
26. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
Ethical Hacker
Banner Grabbing
Transmission Control Protocol (TCP)
Internet service provider (ISP)
27. The lack of clocking (imposed time ordering) on a bit stream.
iris scanner
Asynchronous
Adware
parameter tampering
28. The level of importance assigned to an IT asset
Information Technology (IT) asset criticality
Worm
Institute of Electrical and Electronics Engineers (IEEE)
Domain Name System (DNS) lookup
29. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
MAC filtering
Telnet
RID Resource identifier
Backdoor
30. PI and PT Ping
GET
Exposure Factor
Routing Protocol
-PB
31. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
Wireless Local Area Network (WLAN)
Active Directory (AD)
Biometrics
sheepdip
32. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
session hijacking
out-of-band signaling
Droppers
Back orifice
33. A routing protocol developed to be used within a single organization.
symmetric algorithm
FTP
Interior Gateway Protocol (IGP)
Active Attack
34. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
security breach or security incident
Console Port
Hacks with permission
Certificate
35. The Security Accounts Manager file in Windows stores all the password hashes for the system.
Block Cipher
Boot Sector Virus
SAM
HTTP tunneling
36. The process of systematically testing each port on a firewall to map rules and determine accessible ports.
firewalking
Banner Grabbing
session hijacking
Digital Watermarking
37. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
service level agreements (SLAs)
-PS
Audit Data
Defines legal email marketing
38. A business - government agency - or educational institution that provides access to the Internet.
logic bomb
segment
Echo request
Internet service provider (ISP)
39. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.
iris scanner
Exposure Factor
False Acceptance Rate (FAR)
ad hoc mode
40. The art and science of creating a covert message or image within another message - image - audio - or video file.
honeynet
steganography
NetBus
Cookie
41. Sneaky scan timing
hardware keystroke logger
Active Fingerprinting
serialize scans & 15 sec wait
False Acceptance Rate (FAR)
42. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
War Dialing
Data Encryption Standard (DES)
false rejection rate (FRR)
A R
43. A section or subset of the network. Often a router or other routing device provides the end point of the segment.
network tap
impersonation
encapsulation
segment
44. Hex 04
Hypertext Transfer Protocol Secure (HTTPS)
non-repudiation
Exposure Factor
R
45. A social-engineering attack using computer resources - such as e-mail or IRC.
site survey
Computer-Based Attack
red team
Accountability
46. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
protocol stack
Internet Assigned Number Authority (IANA)
File Transfer Protocol (FTP)
Droppers
47. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
Bluejacking
secure channel
MAC filtering
local area network (LAN)
48. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
Bit Flipping
Serial Line Internet Protocol (SLIP)
Wiretapping
stateful packet filtering
49. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
Data Link layer
Access Point (AP)
Ciphertext
802.11
50. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
ECHO reply
footprinting
Network Basic Input/Output System (NetBIOS)
File Transfer Protocol (FTP)