Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol defining packets that are able to be routed by a router.






2. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.






3. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






4. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






5. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






6. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par






7. Insane scan timing






8. A virus designed to infect the master boot record.






9. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with






10. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi






11. A software or hardware application or device that captures user keystrokes.






12. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






13. A string that represents the location of a web resource






14. Vulnerability Scanning






15. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.






16. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.






17. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.






18. An early network application that provides information on users currently logged on to a machine.






19. Port 389






20. A communications path - such as the Internet - authorized for data transmission within a computer system or network.






21. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






22. The process of using easily accessible DNS records to map a target network's internal hosts.






23. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


24. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






25. Phases of an attack






26. UDP Scan






27. ICMP Netmask






28. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.






29. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






30. A communications protocol used for browsing the Internet.






31. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






32. Computer software or hardware that can intercept and log traffic passing over a digital network.






33. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






34. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






35. An adapter that provides the physical connection to send and receive data between the computer and the network media.






36. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






37. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






38. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






39. A list of IP addresses and corresponding MAC addresses stored on a local computer.






40. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






41. A routing protocol developed to be used within a single organization.






42. List Scan






43. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.






44. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






45. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






46. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






47. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.






48. ICMP Type/Code 8






49. A software or hardware defect that often results in system vulnerabilities.






50. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.