Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






2. A business - government agency - or educational institution that provides access to the Internet.






3. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






4. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col






5. Another term for firewalking






6. Port 80/81/8080






7. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.






8. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.






9. Access by information systems (or users) communicating from outside the information system security perimeter.






10. A method of external testing whereby several systems or resources are used together to effect an attack.






11. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






12. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






13. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






14. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.






15. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.






16. IP Protocol Scan






17. A virus designed to infect the master boot record.






18. RPC Scan






19. The condition of a resource being ready for use and accessible by authorized users.






20. A string that represents the location of a web resource






21. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio






22. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






23. Hex 14






24. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.






25. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.






26. The exploitation of a security vulnerability






27. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






28. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).






29. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






30. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






31. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






32. Injecting traffic into the network to identify the operating system of a device.






33. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






34. A mode of operation in a wireless LAN in which clients send data directly to one another without utilizing a wireless access point (WAP) - much like a point-to-point wired connection.






35. A program designed to execute at a specific time to release malicious code onto the computer system or network.






36. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






37. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






38. The transmission of digital signals without precise clocking or synchronization.






39. A group of experts that handles computer security incidents.






40. An early network application that provides information on users currently logged on to a machine.






41. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






42. Malware designed to install some sort of virus - backdoor - and so on - on a target system.






43. A protocol used to pass control and error messages between nodes on the Internet.






44. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






45. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t






46. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






47. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






48. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)






49. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






50. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests