Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP Ping






2. A type of malware that covertly collects information about a user.






3. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






4. A data encryption/decryption program often used for e-mail and file storage.






5. An Internet routing protocol used to exchange routing information within an autonomous system.






6. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






7. Safeguards or countermeasures to avoid - counteract - or minimize security risks.






8. ICMP Type/Code 0-0






9. ICMP Type/Code 3






10. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






11. A Windows-based GUI version of nmap.






12. ICMP Timestamp






13. Hex 12






14. Activities to determine the extent to which a security control is implemented correctly - operating as intended - and producing the desired outcome with respect to meeting the security requirements for the system.






15. Vulnerability Scanning






16. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






17. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






18. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






19. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.






20. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






21. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.






22. The act of dialing all numbers within an organization to discover open modems.






23. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






24. The process of systematically testing each port on a firewall to map rules and determine accessible ports.






25. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






26. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






27. ICMP Type/Code 3-13






28. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or






29. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.






30. A software or hardware defect that often results in system vulnerabilities.






31. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.






32. Hashing algorithm that results in a 128-bit output.






33. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).






34. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






35. The process of recording activity on a system for monitoring and later review.






36. IP Protocol Scan






37. A storage buffer that transparently stores data so future requests for the same data can be served faster.






38. A command used in HTTP and FTP to retrieve a file from a server.






39. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.






40. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.






41. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






42. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






43. Establish Null Session






44. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.






45. A computer file system architecture used in Windows - OS/2 - and most memory cards.






46. Nmap ml output






47. Hex 29






48. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






49. Port 22






50. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa