SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.
Virus Hoax
Electronic serial number
Google hacking
encapsulation
2. Port 22
flood
SSH
Tunneling Virus
War Chalking
3. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
-sU
Worm
Smurf attack
No previous knowledge of the network
4. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
nslookup
protocol
routed protocol
Tunneling Virus
5. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Bluesnarfing
Third Party
Exposure Factor
scope creep
6. Hashing algorithm that results in a 128-bit output.
Kerberos
Back orifice
MD5
Block Cipher
7. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
Defense in Depth
ECHO reply
File Transfer Protocol (FTP)
CNAME record
8. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
overt channel
Cryptography
Detective Controls
War Driving
9. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
Auditing
ECHO reply
Corrective Controls
Adware
10. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
signature scanning
Whois
Acknowledgment (ACK)
White Box Testing
11. The potential for damage to or loss of an IT asset
-sW
risk
Replacing numbers in a url to access other files
Network Address Translation (NAT)
12. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.
patch
Network Address Translation (NAT)
TACACS
Syslog
13. Hex 12
Adware
Mantrap
Access Point (AP)
A S
14. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
-P0
Ethical Hacker
Electronic serial number
stateful packet filtering
15. Port 389
asynchronous transmission
CIA triangle
Videocipher II Satellite Encryption System
LDAP
16. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.
Competitive Intelligence
symmetric encryption
iris scanner
Due Diligence
17. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
Threat
Port Address Translation (PAT)
ISO 17799
Temporal Key Integrity Protocol (TKIP)
18. A computer virus that infects and spreads in multiple ways.
Computer Emergency Response Team (CERT)
Filter
shrink-wrap code attacks
Multipartite virus
19. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
ring topology
Cache
Due Care
Malware
20. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Block Cipher
Common Internet File System/Server Message Block
Time Bomb
War Dialing
21. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.
Level III assessment
Collision
Vulnerability Assessment
Internet Protocol (IP)
22. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Confidentiality
Application Layer
Whois
Banner Grabbing
23. A device providing temporary - on-demand - point-to-point network access to users.
Wireless Local Area Network (WLAN)
Request for Comments (RFC)
network access server
-b
24. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.
intrusion detection system (IDS)
Ethical Hacker
Overwhelm CAM table to convert switch to hub mode
security breach or security incident
25. TCP SYN Scan
-sS
-oN
Temporal Key Integrity Protocol (TKIP)
Wide Area Network (WAN)
26. A string that represents the location of a web resource
Auditing
Uniform Resource Locator (URL)
Access Creep
Directory Traversal
27. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
Address Resolution Protocol (ARP)
public key infrastructure (PKI)
enumeration
polymorphic virus
28. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
RID Resource identifier
Due Care
signature scanning
Information Technology (IT) asset valuation
29. A group of experts that handles computer security incidents.
Last In First Out (LIFO)
Defense in Depth
Destination Unreachable
security incident response team (SIRT)
30. An attack that is direct in nature - usually where the attacker injects something into - or otherwise alters - the network or system target.
Domain Name System (DNS)
Internet Protocol (IP)
parallel scan
Active Attack
31. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.
Virus
Trojan Horse
out-of-band signaling
network operations center (NOC)
32. An early network application that provides information on users currently logged on to a machine.
-sU
suicide hacker
Cache
Finger
33. Black hat
Syslog
Dumpster Diving
risk acceptance
Hacks without permission
34. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.
suicide hacker
Assessment
Countermeasures
security bulletins
35. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).
net use \[target ip]IPC$ '' /user:''
Asymmetric
key exchange protocol
Multipartite virus
36. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Level I assessment
Application Layer
site survey
-oG
37. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
Macro virus
Digital Certificate
hybrid attack
limitation of liability and remedies
38. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
security incident response team (SIRT)
Mantrap
risk acceptance
-sA
39. Microsoft SID 500
Access Creep
queue
Local Administrator
personal identification number (PIN)
40. Malware designed to install some sort of virus - backdoor - and so on - on a target system.
stateful packet filtering
Droppers
Open System Interconnection (OSI) Reference Model
Possession of access devices
41. ICMP Type/Code 0-0
NetBus
parallel scan
Echo Reply
Videocipher II Satellite Encryption System
42. Ports 20/21
FTP
--randomize_hosts -O OS fingerprinting
gray box testing
Password Authentication Protocol (PAP)
43. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.
Minimum acceptable level of risk
Three-Way (TCP) Handshake
Demilitarized Zone (DMZ)
Point-to-Point Tunneling Protocol (PPTP)
44. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.
Acknowledgment (ACK)
White Box Testing
remote procedure call (RPC)
piggybacking
45. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
operating system attack
CAM table
Threat
Application Layer
46. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Port Address Translation (PAT)
security incident response team (SIRT)
Electronic Code Book (ECB)
Mandatory access control (MAC)
47. Nmap grepable output
-b
Application Layer
-oG
Wi-Fi Protected Access (WPA)
48. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
phishing
personal identification number (PIN)
--randomize_hosts -O OS fingerprinting
Active Fingerprinting
49. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
port knocking
Bastion host
integrity
Tunneling
50. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
service level agreements (SLAs)
Routing Information Protocol (RIP)
Pretty Good Privacy (PGP)
XOR Operation
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests