SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
firewall
Web Spider
No previous knowledge of the network
halo effect
2. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
FreeBSD
File Transfer Protocol (FTP)
Trapdoor Function
security bulletins
3. ICMP Type/Code 11
Active Attack
Internet Control Message Protocol (ICMP)
Time exceeded
Black Box Testing
4. Using conversation or some other interaction between people to gather useful information.
serialize scans & 15 sec wait
separation of duties
Ethernet
human-based social engineering
5. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
stateful packet filtering
Collision Domain
Routing Protocol
Cloning
6. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p
heuristic scanning
Multipurpose Internet Mail Extensions (MIME)
Dumpster Diving
local area network (LAN)
7. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption
RPC-DCOM
--randomize_hosts -O OS fingerprinting
Algorithm
Dumpster Diving
8. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
null session
patch
Domain Name System (DNS) lookup
hashing algorithm
9. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.
Domain Name System (DNS) cache poisoning
Exploit
HIDS
National Security Agency
10. ACK Scan
-sA
Banner Grabbing
Level I assessment
router
11. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.
firewall
serial scan & 300 sec wait
keylogger
Virtual Private Network (VPN)
12. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.
Exploit
Asymmetric Algorithm
Written Authorization
Port Address Translation (PAT)
13. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
Tunneling
Bastion host
limitation of liability and remedies
Transmission Control Protocol (TCP)
14. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Filter
Domain Name System (DNS) cache poisoning
Time To Live (TTL)
promiscuous mode
15. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
-sT
Man-in-the-middle attack
Media Access Control (MAC)
human-based social engineering
16. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
risk assessment
Routing Protocol
network operations center (NOC)
Kerberos
17. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
False Acceptance Rate (FAR)
SYN attack
Request for Comments (RFC)
Adware
18. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Hypertext Transfer Protocol Secure (HTTPS)
Trusted Computer Base (TCB)
Extensible Authentication Protocol (EAP)
risk avoidance
19. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
Zero Subnet
Ciphertext
script kiddie
rogue access point
20. A social-engineering attack that manipulates the victim into calling the attacker for help.
reverse social engineering
Data Link layer
Black Hat
Defines legal email marketing
21. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
stream cipher
Acceptable Use Policy (AUP)
End User Licensing Agreement (EULA)
Web Spider
22. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
Virtual Private Network (VPN)
inference attack
null session
patch
23. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu
intrusion prevention system (IPS)
Multipartite virus
Malicious code
Computer-Based Attack
24. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
Exploit
Telnet
net use \[target ip]IPC$ '' /user:''
patch
25. A file system used by the Mac OS.
Electronic Code Book (ECB)
Hierarchical File System (HFS)
Digital Signature
session splicing
26. Any network incident that prompts some kind of log entry or other notification.
Boot Sector Virus
404EE
Event
security bulletins
27. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Cryptographic Key
public key
hot site
Network Basic Input/Output System (NetBIOS)
28. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
serialize scans & 15 sec wait
Bit Flipping
Information Technology Security Evaluation Criteria (ITSEC)
Mantrap
29. Nmap grepable output
Defense in Depth
Demilitarized Zone (DMZ)
Domain Name
-oG
30. A group of people - gathered together by a business entity - working to address a specific problem or goal.
Tiger Team
NetBSD
Mantrap
route
31. Safeguards or countermeasures to avoid - counteract - or minimize security risks.
security controls
Ciphertext
Warm Site
Traceroute
32. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
public key infrastructure (PKI)
MAC filtering
Bluesnarfing
security incident response team (SIRT)
33. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.
Cryptographic Key
Due Diligence
Brute-Force Password Attack
Tini
34. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
Wrapper
Secure Sockets Layer (SSL)
-PB
router
35. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.
source routing
overt channel
-p <port ranges>
Virus
36. An unknown deficiency in software or some other product that results in a security vulnerability being identified.
Cookie
security defect
Simple Network Management Protocol (SNMP)
spyware
37. A portion of memory used to temporarily store output or input data.
open source
Buffer
polymorphic virus
Request for Comments (RFC)
38. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
encryption
Tumbling
heuristic scanning
packet
39. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
Access Creep
pattern matching
ECHO reply
rogue access point
40. The exploitation of a security vulnerability
Asset
security breach or security incident
Multipartite virus
Routing Protocol
41. The process of determining if a network entity (user or service) is legitimate
enumeration
source routing
Threat
Authentication
42. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
hacktivism
smart card
Post Office Protocol 3 (POP3)
Trusted Computer Base (TCB)
43. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.
-PB
Collision
Web Spider
packet filtering
44. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Corrective Controls
Fast Ethernet
Due Care
Detective Controls
45. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
Minimum acceptable level of risk
Contingency Plan
HTTP tunneling
Tumbling
46. Insane scan timing
remote access
gap analysis
TACACS
parallel scan & 75 sec timeout & 0.3 sec/probe
47. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
Wrapper
Tini
out-of-band signaling
Routing Protocol
48. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.
Threat
Ciphertext
Post Office Protocol 3 (POP3)
Password Authentication Protocol (PAP)
49. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.
service level agreements (SLAs)
Bluesnarfing
Application Layer
Secure Sockets Layer (SSL)
50. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
RPC-DCOM
Finding a directory listing and gaining access to a parent or root file for access to other files
802.11 i
rogue access point
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests