Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






2. Port 53






3. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or






4. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






5. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






6. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.






7. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






8. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






9. Hex 04






10. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






11. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






12. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






13. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






14. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






15. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






16. A piece of code intentionally inserted into a software system that will perform a malicious function when specified conditions are met at some future point.






17. Paranoid scan timing






18. don't ping






19. Port 137/138/139






20. A person or entity indirectly involved in a relationship between two principles.






21. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






22. LM Hash for short passwords (under 7)






23. Port 389






24. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.






25. White box test






26. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






27. ex 02






28. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.






29. A document describing information security guidelines - policies - procedures - and standards.






30. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.






31. The process of systematically testing each port on a firewall to map rules and determine accessible ports.






32. 18 U.S.C. 1029






33. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.






34. Access by information systems (or users) communicating from outside the information system security perimeter.






35. A device on a network.






36. A tool that helps a company to compare its actual performance with its potential performance.






37. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.






38. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.






39. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






40. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






41. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.






42. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.






43. A protocol for exchanging packets over a serial line.






44. A file system used by the Mac OS.






45. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


46. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






47. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






48. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






49. TCP SYN Scan






50. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.