Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. NSA






2. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






3. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






4. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






5. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p






6. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






7. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






8. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






9. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






10. RPC Scan






11. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.






12. A routing protocol developed to be used within a single organization.






13. A string that represents the location of a web resource






14. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.






15. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






16. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






17. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






18. A file system used by the Mac OS.






19. Directory Transversal






20. A computer virus that infects and spreads in multiple ways.






21. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






22. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






23. A social-engineering attack using computer resources - such as e-mail or IRC.






24. Nmap ml output






25. Hex 14






26. Window Scan






27. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






28. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.






29. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






30. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.






31. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a






32. A virus designed to infect the master boot record.






33. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.






34. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






35. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






36. A free and popular version of the Unix operating system.






37. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






38. Shifting responsibility from one party to another






39. Another term for firewalking






40. ICMP Type/Code 11






41. The combination of all IT assets - resources - components - and systems.






42. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.






43. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or






44. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.






45. A point of reference used to mark an initial state in order to manage change.






46. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.






47. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






48. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.






49. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi






50. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests