SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP SYN Scan
Buffer Overflow
POST
-sS
Uniform Resource Locator (URL)
2. 18 U.S.C. 1030
spyware
Fraud and related activity in connection with computers
parallel scan
SYN attack
3. Network Scanning
Black Hat
A procedure for identifying active hosts on a network.
gateway
payload
4. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
Buffer
route
Virtual Local Area Network (VLAN)
Local Administrator
5. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Simple Mail Transfer Protocol (SMTP)
File Allocation Table (FAT)
enumeration
Smurf attack
6. Transmitting one protocol encapsulated inside another protocol.
Electronic Code Book (ECB)
Copyright
Simple Network Management Protocol (SNMP)
Tunneling
7. A documented process for a procedure designed to be consistent - repeatable - and accountable.
Methodology
quantitative risk assessment
identity theft
public key
8. 18 U.S.C. 1029
Possession of access devices
Extensible Authentication Protocol (EAP)
port redirection
stream cipher
9. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Network Basic Input/Output System (NetBIOS)
-sU
separation of duties
Acknowledgment (ACK)
10. A group of experts that handles computer security incidents.
security incident response team (SIRT)
Lightweight Directory Access Protocol (LDAP)
Bit Flipping
Media Access Control (MAC)
11. A wireless networking mode where all clients connect to the wireless network through a central access point.
Simple Mail Transfer Protocol (SMTP)
infrastructure mode
Threat
Community String
12. A type of malware that covertly collects information about a user.
Digital Certificate
802.11 i
spyware
Uniform Resource Locator (URL)
13. A Canonical Name record within DNS - used to provide an alias for a domain name.
Worm
CNAME record
Serial Line Internet Protocol (SLIP)
Telnet
14. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
Presentation layer
Media Access Control (MAC)
ISO 17799
public key infrastructure (PKI)
15. A virus designed to infect the master boot record.
Database
Rijndael
Master boot record infector
Kerberos
16. A point of reference used to mark an initial state in order to manage change.
Baseline
Videocipher II Satellite Encryption System
fragmentation
open source
17. FTP Bounce Attack
Whois
Dumpster Diving
symmetric algorithm
-b
18. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
Lightweight Directory Access Protocol (LDAP)
Access Point (AP)
Transmission Control Protocol (TCP)
Computer Emergency Response Team (CERT)
19. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Network Basic Input/Output System (NetBIOS)
-sO
Community String
Antivirus (AV) software
20. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
Denial of Service (DoS)
Tumbling
halo effect
Community String
21. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
Dumpster Diving
Transmission Control Protocol (TCP)
smart card
packet
22. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss
Institute of Electrical and Electronics Engineers (IEEE)
Internet service provider (ISP)
Algorithm
EDGAR database
23. An Application layer protocol for managing devices on an IP network.
identity theft
-sW
intranet
Simple Network Management Protocol (SNMP)
24. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.
Authentication Header (AH)
stateful packet filtering
Transport Layer Security (TLS)
Availability
25. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
Tunneling
-p <port ranges>
MAC filtering
Ciphertext
26. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a
Biometrics
net use \[target ip]IPC$ '' /user:''
Malicious code
Certificate Authority (CA)
27. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Bluesnarfing
pattern matching
Wiretapping
Defines legal email marketing
28. Black box test
No previous knowledge of the network
intrusion detection system (IDS)
Destination Unreachable
infrastructure mode
29. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.
A procedure for identifying active hosts on a network.
key exchange protocol
security bulletins
Master boot record infector
30. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
penetration testing
physical security
Post Office Protocol 3 (POP3)
FreeBSD
31. The conveying of official access or legal power to a person or entity.
Authorization
Replacing numbers in a url to access other files
Tiger Team
802.11 i
32. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.
Zombie
-PT
Assessment
Three-Way (TCP) Handshake
33. The combination of all IT assets - resources - components - and systems.
Information Technology (IT) infrastructure
SSH
encapsulation
Level II assessment
34. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
network operations center (NOC)
polymorphic virus
site survey
Biometrics
35. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
encapsulation
iris scanner
role-based access control
36. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a
Demilitarized Zone (DMZ)
key exchange protocol
Bug
Port Address Translation (PAT)
37. A group of people - gathered together by a business entity - working to address a specific problem or goal.
Worm
integrity
signature scanning
Tiger Team
38. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
Computer Emergency Response Team (CERT)
DNS
XOR Operation
Bit Flipping
39. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
sniffer
Point-to-Point Tunneling Protocol (PPTP)
packet
protocol
40. The act of dialing all numbers within an organization to discover open modems.
War Dialing
Vulnerability Scanning
R
Banner Grabbing
41. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
EDGAR database
forwarding
FTP
smart card
42. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
personal identification number (PIN)
Threat
-sR
Asynchronous
43. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
stateful packet filtering
node
Challenge Handshake Authentication Protocol (CHAP)
Access Point (AP)
44. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
Common Internet File System/Server Message Block
Domain Name
spoofing
risk
45. ex 02
Level III assessment
Presentation layer
S
NOP
46. A device on a network.
node
Information Technology (IT) asset valuation
honeypot
-p <port ranges>
47. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
Possession of access devices
Defines legal email marketing
War Chalking
-b
48. The steps taken to gather evidence and information on the targets you wish to attack.
-sR
Network Address Translation (NAT)
No previous knowledge of the network
reconnaissance
49. The transmission of digital signals without precise clocking or synchronization.
parallel scan & 75 sec timeout & 0.3 sec/probe
script kiddie
Threat
asynchronous transmission
50. An adapter that provides the physical connection to send and receive data between the computer and the network media.
Cache
network interface card (NIC)
-oA
Routing Information Protocol (RIP)