Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A virus designed to infect the master boot record.






2. Port 137/138/139






3. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.






4. Used for exchanging structured information - such as XML-based messages - in the implementation of web services






5. Port 110






6. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






7. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






8. A device on a network.






9. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.






10. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.






11. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






12. ICMP Ping






13. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa






14. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






15. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






16. ICMP Type/Code 0-0






17. A type of encryption where the same key is used to encrypt and decrypt the message.






18. A group of people - gathered together by a business entity - working to address a specific problem or goal.






19. LM Hash for short passwords (under 7)






20. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






21. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.






22. Hex 29






23. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






24. A device providing temporary - on-demand - point-to-point network access to users.






25. A software or hardware application or device that captures user keystrokes.






26. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.






27. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






28. Another term for firewalking






29. Safeguards or countermeasures to avoid - counteract - or minimize security risks.






30. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






31. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






32. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






33. A person or entity indirectly involved in a relationship between two principles.






34. A protocol used for sending and receiving log information for nodes on a network.






35. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






36. Sending packets or requests to another system to gain information to be used to identify weaknesses and protect the system from attacks.






37. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






38. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






39. Attacks on the actual programming code of an application.






40. nmap all output






41. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.






42. PI and PT Ping






43. The steps taken to gather evidence and information on the targets you wish to attack.






44. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






45. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






46. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).






47. Cracking Tools






48. A free and popular version of the Unix operating system.






49. A protocol used to pass control and error messages between nodes on the Internet.






50. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.