Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ACK Scan






2. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






3. Hex 29






4. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.






5. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






6. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






7. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






8. Name given to expert groups that handle computer security incidents.






9. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






10. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






11. The level of importance assigned to an IT asset






12. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.






13. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.






14. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.






15. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






16. A section or subset of the network. Often a router or other routing device provides the end point of the segment.






17. NSA






18. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






19. Hex 10






20. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






21. A device providing temporary - on-demand - point-to-point network access to users.






22. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






23. Idlescan






24. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.






25. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)






26. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.






27. FTP Bounce Attack






28. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






29. CAN-SPAM






30. Hex 04






31. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






32. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






33. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






34. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.






35. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






36. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






37. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.






38. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






39. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






40. A denial-of-service technique that uses numerous hosts to perform the attack.






41. The transmission of digital signals without precise clocking or synchronization.






42. Ping Scan






43. ICMP Type/Code 3






44. Recording the time - normally in a log file - when an event happens or when information is created or modified.






45. Evaluation in which testers attempt to penetrate the network.






46. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






47. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






48. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






49. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.






50. Formal description and evaluation of the vulnerabilities in an information system







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests