Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Routing Protocol
File Transfer Protocol (FTP)
false rejection rate (FRR)
Mandatory access control (MAC)

2. ICMP Type/Code 11
Tiger Team
Time exceeded
Access Creep
gray hat

3. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.
qualitative analysis
parameter tampering
Black Hat
Corrective Controls

4. A method of external testing whereby several systems or resources are used together to effect an attack.
Daisy Chaining
Bit Flipping
802.11 i
Methodology

5. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.
Third Party
serial scan & 300 sec wait
OpenBSD
Presentation layer

6. IP Protocol Scan
-sO
Timestamping
protocol stack
heuristic scanning

7. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
smart card
Adware
SAM
iris scanner

8. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
Local Administrator
Console Port
A
Digital Certificate

9. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
separation of duties
ad hoc mode
penetration testing
Trusted Computer System Evaluation Criteria (TCSEC)

10. A Canonical Name record within DNS - used to provide an alias for a domain name.
Mandatory access control (MAC)
parallel scan
CNAME record
Baseline

11. A type of encryption where the same key is used to encrypt and decrypt the message.
symmetric encryption
-PS
-oG
shoulder surfing

12. An organized collection of data.
Database
Time exceeded
-sW
red team

13. List Scan
-sL
Internet Control Message Protocol (ICMP)
overt channel
stream cipher

14. A list of IP addresses and corresponding MAC addresses stored on a local computer.
Address Resolution Protocol (ARP) table
risk acceptance
Last In First Out (LIFO)
Internet service provider (ISP)

15. Ports 20/21
FTP
Self Replicating
Cookie
network access server

16. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.
Simple Object Access Protocol (SOAP)
intrusion detection system (IDS)
Tunneling
symmetric encryption

17. An Application layer protocol for sending electronic mail between servers.
Hierarchical File System (HFS)
POST
Client
Simple Mail Transfer Protocol (SMTP)

18. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
parallel scan
LDAP
Hacks with permission
Black Box Testing

19. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
site survey
non-repudiation
File Transfer Protocol (FTP)
Filter

20. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Asynchronous
Web Spider
piggybacking
Cache

21. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.
fragmentation
Wiretapping
integrity
Hacks without permission

22. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
port scanning
gap analysis
ECHO reply
Virus

23. Port 31337
Kerberos
single loss expectancy (SLE)
ping sweep
Back orifice

24. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
CIA triangle
Authentication - Authorization - and Accounting (AAA)
Finger
Routing Protocol

25. Port 22
Rijndael
-PS
Transmission Control Protocol (TCP)
SSH

26. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
session splicing
routed protocol
public key infrastructure (PKI)
-PS

27. Nmap normal output
Adware
-oN
-sT
source routing

28. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.
Post Office Protocol 3 (POP3)
--randomize_hosts -O OS fingerprinting
Exploit
LDAP

29. A device on a network.
Algorithm
protocol stack
node
Black Hat

30. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.
-P0
Domain Name System (DNS) lookup
integrity
Access Control List (ACL)

31. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g
HTTP tunneling
Digital Signature
Event
Three-Way (TCP) Handshake

32. Another term for firewalking
Denial of Service (DoS)
routed protocol
limitation of liability and remedies
port knocking

33. A file system used by the Mac OS.
Electronic serial number
Hierarchical File System (HFS)
ISO 17799
enumeration

34. Phases of an attack
Hacks without permission
session hijacking
Simple Object Access Protocol (SOAP)
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks

35. Window Scan
Local Administrator
private key
-sW
Port Address Translation (PAT)

36. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.
Bit Flipping
session hijacking
Methodology
network tap

37. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
Asymmetric
Presentation layer
Domain Name
security defect

38. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
SSH
Console Port
promiscuous mode
Sign in Seal

39. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
ad hoc mode
Transport Layer Security (TLS)
Media Access Control (MAC)
site survey

40. ICMP Type/Code 0-0
Cryptography
Echo Reply
Zenmap
Authentication - Authorization - and Accounting (AAA)

41. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
private network address
phishing
Asymmetric
Cloning

42. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
Console Port
Access Point (AP)
Sign in Seal
International Organization for Standardization (ISO)

43. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
SYN flood attack
security bulletins
honeypot
Active Directory (AD)

44. A protocol used for sending and receiving log information for nodes on a network.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
limitation of liability and remedies
Syslog
protocol stack

45. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.
non-repudiation
Local Administrator
Transport Layer Security (TLS)
Community String

46. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
iris scanner
Bastion host
Daisy Chaining
Third Party

47. UDP Scan
Smurf attack
-sU
Anonymizer
operating system attack

48. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
-sU
Password Authentication Protocol (PAP)
Blowfish
Data Encryption Standard (DES)

49. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
Zero Subnet
XOR Operation
smart card
Tunnel

50. Vulnerability Scanning
Access Control List (ACL)
The automated process of proactively identifying vulnerabilities of computing systems present in a network
reconnaissance
ad hoc mode