SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
packet filtering
802.11 i
Trusted Computer Base (TCB)
routed protocol
2. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
reverse lookup; reverse DNS lookup
Real application encompassing Trojan
Common Internet File System/Server Message Block
NOP
3. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
RID Resource identifier
red team
Kerberos
Kerberos
4. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
key exchange protocol
stream cipher
risk avoidance
spyware
5. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
Zone transfer
Trusted Computer Base (TCB)
SOA record
Wi-Fi Protected Access (WPA)
6. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.
fully qualified domain name (FQDN)
ping sweep
Level III assessment
Decryption
7. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.
POST
TACACS
Trapdoor Function
Wi-Fi Protected Access (WPA)
8. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
reverse lookup; reverse DNS lookup
War Chalking
protocol stack
9. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
flood
reverse social engineering
HTTP tunneling
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
10. Controls to detect anomalies or undesirable events occurring on a system.
Detective Controls
Acceptable Use Policy (AUP)
rootkit
reverse lookup; reverse DNS lookup
11. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
Time To Live (TTL)
rogue access point
Level II assessment
packet
12. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Routing Protocol
Adware
Unicode
gateway
13. Attacks on the actual programming code of an application.
Telnet
Electronic Code Book (ECB)
Application-Level Attacks
National Security Agency
14. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
SYN flood attack
social engineering
Copyright
Discretionary Access Control (DAC)
15. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.
RID Resource identifier
integrity
XOR Operation
secure channel
16. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
Open System Interconnection (OSI) Reference Model
CAM table
Event
security kernel
17. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
gray box testing
Certificate Authority (CA)
-sA
Collision Domain
18. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
CNAME record
Dumpster Diving
Baseline
Competitive Intelligence
19. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
operating system attack
Access Creep
Authentication Header (AH)
Cold Site
20. A social-engineering attack that manipulates the victim into calling the attacker for help.
rogue access point
Black Box Testing
reverse social engineering
Virus
21. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
iris scanner
shrink-wrap code attacks
False Acceptance Rate (FAR)
Electronic serial number
22. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.
Lightweight Directory Access Protocol (LDAP)
Authorization
symmetric algorithm
integrity
23. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
personal identification number (PIN)
Active Directory (AD)
Traceroute
qualitative analysis
24. ICMP Type/Code 11
Internet Protocol (IP)
POST
router
Time exceeded
25. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.
scope creep
sheepdip
-sO
Traceroute
26. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
U P F
self encrypting
Minimum acceptable level of risk
Denial of Service (DoS)
27. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
Acknowledgment (ACK)
Access Creep
fragmentation
Simple Mail Transfer Protocol (SMTP)
28. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.
Ethical Hacker
Digital Signature
-sX
parallel scan & 300 sec timeout & 1.25 sec/probe
29. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
null session
Man-in-the-middle attack
Cookie
encapsulation
30. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.
ping sweep
security controls
iris scanner
Distributed DoS (DDoS)
31. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Confidentiality
Data Encryption Standard (DES)
SYN flood attack
File Allocation Table (FAT)
32. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
Common Internet File System/Server Message Block
U P F
HTTP tunneling
Tunneling
33. A person or entity indirectly involved in a relationship between two principles.
Third Party
footprinting
Denial of Service (DoS)
Trapdoor Function
34. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
-sO
Demilitarized Zone (DMZ)
Archive
gap analysis
35. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
Password Authentication Protocol (PAP)
Filter
INFOSEC Assessment Methodology (IAM)
sidejacking
36. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
ISO 17799
Network Address Translation (NAT)
CAM table
-sO
37. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.
session splicing
Audit Data
Contingency Plan
Droppers
38. ICMP Ping
A R
-PI
Echo Reply
Uniform Resource Locator (URL)
39. A business - government agency - or educational institution that provides access to the Internet.
gray hat
Internet Assigned Number Authority (IANA)
Filter
Internet service provider (ISP)
40. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.
Back orifice
Electronic Code Book (ECB)
Timestamping
Ciphertext
41. ICMP Type/Code 0-0
-P0
Echo Reply
Assessment
Digital Watermarking
42. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio
rule-based access control
Internet Protocol Security (IPSec) architecture
steganography
Ethernet
43. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
Cookie
Contingency Plan
-PT
personal identification number (PIN)
44. A social-engineering attack using computer resources - such as e-mail or IRC.
Computer-Based Attack
network interface card (NIC)
-sO
Daemon
45. A group of experts that handles computer security incidents.
network access server
piggybacking
Vulnerability Management
security incident response team (SIRT)
46. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
false negative
DNS
-oA
Level II assessment
47. Establish Null Session
net use \[target ip]IPC$ '' /user:''
local area network (LAN)
Application-Level Attacks
Level II assessment
48. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
risk assessment
Telnet
overt channel
security kernel
49. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
Zero Subnet
Brute-Force Password Attack
Network Address Translation (NAT)
SMB
50. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).
patch
Interior Gateway Protocol (IGP)
port scanning
Trusted Computer Base (TCB)