SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
false rejection rate (FRR)
Authorization
Information Technology Security Evaluation Criteria (ITSEC)
Access Creep
2. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
Audit Data
self encrypting
honeynet
Kerberos
3. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
Tunneling
Overwhelm CAM table to convert switch to hub mode
SMB
Post Office Protocol 3 (POP3)
4. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
identity theft
Address Resolution Protocol (ARP) table
Interior Gateway Protocol (IGP)
5. Evaluation in which testers attempt to penetrate the network.
Information Technology (IT) asset criticality
Minimum acceptable level of risk
Virtual Private Network (VPN)
Level III assessment
6. Microsoft SID 500
Tunnel
Hacks with permission
War Dialing
Local Administrator
7. Black box test
No previous knowledge of the network
NOP
risk
Redundant Array of Independent Disks (RAID)
8. Aggressive scan timing
parallel scan & 300 sec timeout & 1.25 sec/probe
Blowfish
Address Resolution Protocol (ARP)
-sF
9. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
Redundant Array of Independent Disks (RAID)
proxy server
CIA triangle
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
10. The change or growth of a project's scope
scope creep
False Acceptance Rate (FAR)
Network Address Translation (NAT)
Zenmap
11. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Dumpster Diving
White Box Testing
National Security Agency
Certificate Authority (CA)
12. A tool that helps a company to compare its actual performance with its potential performance.
gap analysis
Accountability
ring topology
hot site
13. FTP Bounce Attack
Authentication Header (AH)
Client
halo effect
-b
14. Describes practices in production and development that promote access to the end product's source materials.
Vulnerability Assessment
-sO
open source
Application Layer
15. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
network operations center (NOC)
-PM
Back orifice
DNS enumeration
16. Sneaky scan timing
Password Authentication Protocol (PAP)
Target Of Engagement (TOE)
serialize scans & 15 sec wait
Interior Gateway Protocol (IGP)
17. Computer software or hardware that can intercept and log traffic passing over a digital network.
Competitive Intelligence
risk acceptance
physical security
sniffer
18. A free and popular version of the Unix operating system.
infrastructure mode
Hacks without permission
Malicious code
FreeBSD
19. A social-engineering attack using computer resources - such as e-mail or IRC.
proxy server
RID Resource identifier
honeynet
Computer-Based Attack
20. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
False Acceptance Rate (FAR)
flood
router
parallel scan
21. The ability to trace actions performed on a system to a specific user or system entity.
-PS
Accountability
Level I assessment
Data Encryption Standard (DES)
22. PI and PT Ping
Block Cipher
net use \[target ip]IPC$ '' /user:''
parameter tampering
-PB
23. A command used in HTTP and FTP to retrieve a file from a server.
War Chalking
reconnaissance
Authentication
GET
24. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
Active Directory (AD)
Wired Equivalent Privacy (WEP)
Authentication - Authorization - and Accounting (AAA)
Bastion host
25. NSA
out-of-band signaling
Kerberos
National Security Agency
Authentication Header (AH)
26. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Discretionary Access Control (DAC)
Hierarchical File System (HFS)
Wi-Fi Protected Access (WPA)
site survey
27. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.
Confidentiality
Temporal Key Integrity Protocol (TKIP)
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
integrity
28. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
qualitative analysis
INFOSEC Assessment Methodology (IAM)
Secure Sockets Layer (SSL)
key exchange protocol
29. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
Tunnel
S
iris scanner
gray box testing
30. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
shrink-wrap code attacks
Cryptography
-oG
Web Spider
31. Establish Null Session
Wrapper
MAC filtering
net use \[target ip]IPC$ '' /user:''
physical security
32. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
overt channel
ad hoc mode
risk assessment
steganography
33. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Virus Hoax
security kernel
Tiger Team
-P0
34. Port 110
Buffer Overflow
rule-based access control
National Security Agency
POP 3
35. Black hat
reverse lookup; reverse DNS lookup
Warm Site
Hacks without permission
Wired Equivalent Privacy (WEP)
36. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.
proxy server
honeynet
forwarding
Mantrap
37. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
role-based access control
suicide hacker
Serial Line Internet Protocol (SLIP)
Access Point (AP)
38. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
SYN flood attack
serial scan & 300 sec wait
A R
User Datagram Protocol (UDP)
39. Window Scan
-sW
Simple Network Management Protocol (SNMP)
Information Technology (IT) asset criticality
Worm
40. The software product or system that is the subject of an evaluation.
ring topology
National Security Agency
Target Of Engagement (TOE)
SMB
41. Formal description and evaluation of the vulnerabilities in an information system
Vulnerability Assessment
Mandatory access control (MAC)
separation of duties
-sO
42. UDP Scan
NetBSD
-sU
Syslog
hacktivism
43. A computer process that requests a service from another computer and accepts the server's responses.
single loss expectancy (SLE)
Client
Port Address Translation (PAT)
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
44. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
keylogger
Archive
Mandatory access control (MAC)
Electronic Code Book (ECB)
45. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
forwarding
Fast Ethernet
network interface card (NIC)
Blowfish
46. A virus designed to infect the master boot record.
Domain Name System (DNS) cache poisoning
Fraud and related activity in connection with computers
Traceroute
Master boot record infector
47. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Target Of Engagement (TOE)
port knocking
Rijndael
Cache
48. The steps taken to gather evidence and information on the targets you wish to attack.
Droppers
protocol
reconnaissance
serialize scans & 15 sec wait
49. Metamorphic Virus
Hierarchical File System (HFS)
Backdoor
Self Replicating
Certificate Authority (CA)
50. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
promiscuous mode
SMB
Denial of Service (DoS)
Zenmap
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests