Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. ICMP Type/Code 3-13
Echo request
-sT
serialize scans & 15 sec wait
Administratively Prohibited

2. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
Cookie
reverse lookup; reverse DNS lookup
Virtual Local Area Network (VLAN)
personal identification number (PIN)

3. nmap
asynchronous transmission
-p <port ranges>
Overwhelm CAM table to convert switch to hub mode
local area network (LAN)

4. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
Worm
Competitive Intelligence
intrusion prevention system (IPS)
A procedure for identifying active hosts on a network.

5. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
separation of duties
Cryptography
hybrid attack
-oN

6. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.
Echo request
Minimum acceptable level of risk
Address Resolution Protocol (ARP) table
Authentication Header (AH)

7. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
quality of service (QoS)
-oX
Bastion host
POP 3

8. Hex 29
Syslog
U P F
Due Diligence
Decryption

9. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.
Digital Certificate
security bulletins
Console Port
Accountability

10. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.
Ciphertext
Point-to-Point Protocol (PPP)
audit
risk transference

11. The process of using easily accessible DNS records to map a target network's internal hosts.
Minimum acceptable level of risk
Network Basic Input/Output System (NetBIOS)
Blowfish
DNS enumeration

12. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
honeypot
hashing algorithm
Ciphertext
Fast Ethernet

13. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
TACACS
MD5
Virtual Private Network (VPN)
Banner Grabbing

14. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
Exposure Factor
Transport Layer Security (TLS)
Man-in-the-middle attack
GET

15. A device providing temporary - on-demand - point-to-point network access to users.
False Acceptance Rate (FAR)
Malware
network access server
Point-to-Point Tunneling Protocol (PPTP)

16. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat
Access Point (AP)
network interface card (NIC)
LDAP
protocol

17. Establish Null Session
sidejacking
LDAP
hardware keystroke logger
net use \[target ip]IPC$ '' /user:''

18. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Hypertext Transfer Protocol Secure (HTTPS)
self encrypting
Electronic serial number
Threat

19. A virus written in a macro language and usually embedded in document or spreadsheet files.
Macro virus
EDGAR database
S
Buffer

20. Describes practices in production and development that promote access to the end product's source materials.
Anonymizer
open source
Data Encryption Standard (DES)
separation of duties

21. A type of denial-of-service attack where a hacker sends thousands of SYN packets to the target with spoofed IP addresses.
Virus Hoax
Whois
SYN attack
packet

22. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Due Care
gateway
802.11
Data Encryption Standard (DES)

23. IP Protocol Scan
RID Resource identifier
-sO
Fraud and related activity in connection with computers
-sP

24. TCP connect() scan
Access Control List (ACL)
-sT
ISO 17799
Macro virus

25. An early network application that provides information on users currently logged on to a machine.
Simple Network Management Protocol (SNMP)
File Allocation Table (FAT)
Finger
Routing Protocol

26. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)
qualitative analysis
Blowfish
Timestamping
Boot Sector Virus

27. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
XOR Operation
MAC filtering
qualitative analysis
User Datagram Protocol (UDP)

28. ICMP Type/Code 8
Post Office Protocol 3 (POP3)
802.11 i
Vulnerability Management
Echo request

29. The condition of a resource being ready for use and accessible by authorized users.
non-repudiation
public key infrastructure (PKI)
Zone transfer
Availability

30. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.
Level II assessment
Digital Certificate
intrusion prevention system (IPS)
Google hacking

31. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.
social engineering
Black Hat
parameter tampering
source routing

32. A group of experts that handles computer security incidents.
security incident response team (SIRT)
Digital Certificate
Internal access to the network
Malware

33. A small Trojan program that listens on port 777.
Tini
Ciphertext
Level II assessment
-PI

34. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
Authentication - Authorization - and Accounting (AAA)
rootkit
Asset
Request for Comments (RFC)

35. A file system used by the Mac OS.
-sW
Hierarchical File System (HFS)
risk transference
Asynchronous

36. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
enumeration
Client
Multipurpose Internet Mail Extensions (MIME)
Port Address Translation (PAT)

37. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
suicide hacker
Bluetooth
Internet Control Message Protocol (ICMP)
-sF

38. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use
flood
Application-Level Attacks
Discretionary Access Control (DAC)
Buffer

39. Port 135
Videocipher II Satellite Encryption System
-sR
SYN attack
RPC-DCOM

40. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
forwarding
encapsulation
security by obscurity
serialize scans & 0.4 sec wait

41. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
false negative
Transmission Control Protocol (TCP)
Hacks without permission
symmetric encryption

42. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
Serial Line Internet Protocol (SLIP)
Defense in Depth
MD5
Bit Flipping

43. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
rule-based access control
Antivirus (AV) software
social engineering
No previous knowledge of the network

44. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption
Algorithm
intrusion detection system (IDS)
Tiger Team
port redirection

45. A software or hardware application or device that captures user keystrokes.
RPC-DCOM
Daemon
No previous knowledge of the network
keylogger

46. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
Archive
Copyright
stateful packet filtering
Acknowledgment (ACK)

47. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.
Written Authorization
source routing
Annualized Loss Expectancy (ALE)
Network Basic Input/Output System (NetBIOS)

48. Transmitting one protocol encapsulated inside another protocol.
Digital Watermarking
Tunneling
Methodology
Network Address Translation (NAT)

49. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.
-oN
Ethernet
Electronic serial number
Defense in Depth

50. Black hat
Secure Multipurpose Mail Extension (S/MIME)
Hacks without permission
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
serialize scans & 0.4 sec wait