SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A software or hardware application or device that captures user keystrokes.
port redirection
ring topology
keylogger
false rejection rate (FRR)
2. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
-PI
CIA triangle
Defense in Depth
3. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
Master boot record infector
DNS
Application Layer
reverse lookup; reverse DNS lookup
4. don't ping
signature scanning
-P0
logic bomb
Data Link layer
5. Incremental Substitution
Routing Information Protocol (RIP)
Replacing numbers in a url to access other files
Videocipher II Satellite Encryption System
parallel scan & 75 sec timeout & 0.3 sec/probe
6. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.
identity theft
false rejection rate (FRR)
Redundant Array of Independent Disks (RAID)
SSH
7. A command used in HTTP and FTP to retrieve a file from a server.
GET
protocol
Service Set Identifier (SSID)
non-repudiation
8. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.
Countermeasures
Time To Live (TTL)
Black Hat
Threat
9. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
source routing
Port Address Translation (PAT)
Authentication Header (AH)
-PB
10. Malware designed to install some sort of virus - backdoor - and so on - on a target system.
-sF
Droppers
Time Bomb
Black Box Testing
11. Formal description and evaluation of the vulnerabilities in an information system
Wireless Local Area Network (WLAN)
-sL
Vulnerability Assessment
RPC-DCOM
12. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)
network operations center (NOC)
Accountability
hash
A procedure for identifying active hosts on a network.
13. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Domain Name System (DNS) cache poisoning
red team
Authentication
-sF
14. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
802.11
suicide hacker
Warm Site
red team
15. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.
keylogger
Wi-Fi
Defense in Depth
non-repudiation
16. Access by information systems (or users) communicating from outside the information system security perimeter.
NetBSD
risk assessment
remote access
Minimum acceptable level of risk
17. Any network incident that prompts some kind of log entry or other notification.
Post Office Protocol 3 (POP3)
intranet
rootkit
Event
18. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the
Crossover Error Rate (CER)
Collision Domain
-sR
POST
19. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.
Authentication Header (AH)
Brute-Force Password Attack
firewalking
gateway
20. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).
risk assessment
key exchange protocol
Decryption
ISO 17799
21. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Data Encryption Standard (DES)
Hypertext Transfer Protocol Secure (HTTPS)
No previous knowledge of the network
Asset
22. A type of malware that covertly collects information about a user.
Zombie
protocol stack
spam
spyware
23. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.
Banner Grabbing
Internet service provider (ISP)
Information Technology Security Evaluation Criteria (ITSEC)
segment
24. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
Internet Assigned Number Authority (IANA)
router
-b
Database
25. A protocol defining packets that are able to be routed by a router.
Simple Object Access Protocol (SOAP)
FreeBSD
routed protocol
Uniform Resource Locator (URL)
26. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
Assessment
Web Spider
Block Cipher
Last In First Out (LIFO)
27. The combination of all IT assets - resources - components - and systems.
symmetric encryption
Information Technology (IT) infrastructure
security kernel
honeynet
28. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.
Internet Protocol (IP)
Ethernet
Availability
site survey
29. Port 23
Telnet
Back orifice
patch
hacktivism
30. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
Wireless Local Area Network (WLAN)
-sP
pattern matching
honeynet
31. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.
encapsulation
Digital Watermarking
Time Bomb
Exposure Factor
32. A tool that helps a company to compare its actual performance with its potential performance.
gap analysis
spam
Internet service provider (ISP)
Common Internet File System/Server Message Block
33. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
Minimum acceptable level of risk
802.11 i
encapsulation
Acknowledgment (ACK)
34. LM Hash for short passwords (under 7)
Internet Protocol (IP)
false rejection rate (FRR)
404EE
-oN
35. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
Data Link layer
RxBoot
Computer Emergency Response Team (CERT)
parallel scan
36. Shifting responsibility from one party to another
EDGAR database
risk transference
FreeBSD
Internal access to the network
37. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
site survey
CNAME record
Cache
Level I assessment
38. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
Kerberos
Computer-Based Attack
network operations center (NOC)
Daisy Chaining
39. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
Due Care
network access server
Certificate
Secure Sockets Layer (SSL)
40. A group of people - gathered together by a business entity - working to address a specific problem or goal.
Tiger Team
Internet Protocol Security (IPSec) architecture
Mandatory access control (MAC)
Backdoor
41. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
Minimum acceptable level of risk
A procedure for identifying active hosts on a network.
Internet Assigned Number Authority (IANA)
Challenge Handshake Authentication Protocol (CHAP)
42. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
protocol stack
Tunneling Virus
Filter
Post Office Protocol 3 (POP3)
43. Port 31337
Echo request
Back orifice
Information Technology (IT) asset valuation
ping sweep
44. A point of reference used to mark an initial state in order to manage change.
ECHO reply
hardware keystroke logger
Baseline
Multipurpose Internet Mail Extensions (MIME)
45. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
forwarding
Access Point (AP)
enumeration
Biometrics
46. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.
Secure Multipurpose Mail Extension (S/MIME)
symmetric algorithm
serialize scans & 0.4 sec wait
Confidentiality
47. A virus written in a macro language and usually embedded in document or spreadsheet files.
Macro virus
War Chalking
Information Technology (IT) asset criticality
-sI
48. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Lightweight Directory Access Protocol (LDAP)
Virtual Private Network (VPN)
Smurf attack
rootkit
49. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.
Temporal Key Integrity Protocol (TKIP)
Virus
Worm
Event
50. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
Challenge Handshake Authentication Protocol (CHAP)
rule-based access control
Anonymizer
Information Technology (IT) asset criticality
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests