Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






2. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.






3. Malware designed to install some sort of virus - backdoor - and so on - on a target system.






4. Monitoring of telephone or Internet conversations - typically by covert means.






5. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.






6. An attack that combines a brute-force attack with a dictionary attack.






7. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






8. Port 161/162






9. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






10. A communications protocol used for browsing the Internet.






11. ICMP Type/Code 3






12. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a






13. Computer software or hardware that can intercept and log traffic passing over a digital network.






14. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.






15. 18 U.S.C. 1029






16. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.






17. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






18. Shifting responsibility from one party to another






19. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.






20. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






21. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col






22. A formal set of rules describing data transmission - especially across a network. A protocol determines the type of error checking - the data compression method - how the sending device will indicate completion - how the receiving device will indicat






23. A group of people - gathered together by a business entity - working to address a specific problem or goal.






24. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






25. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






26. Version Detection Scan






27. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






28. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






29. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






30. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.






31. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






32. Evaluation in which testers attempt to penetrate the network.






33. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






34. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.






35. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.






36. Transmitting one protocol encapsulated inside another protocol.






37. The default network authentication suite of protocols for Windows NT 4.0






38. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.






39. Establish Null Session






40. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






41. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






42. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






43. Paranoid scan timing






44. A storage buffer that transparently stores data so future requests for the same data can be served faster.






45. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.






46. Hex 10






47. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.






48. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






49. ICMP Type/Code 11






50. The lack of clocking (imposed time ordering) on a bit stream.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests