Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Cracking Tools






2. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






3. Shifting responsibility from one party to another






4. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






5. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






6. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.






7. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






8. Transmitting one protocol encapsulated inside another protocol.






9. A wireless networking mode where all clients connect to the wireless network through a central access point.






10. SYN Ping






11. Port 389






12. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






13. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






14. A type of encryption where the same key is used to encrypt and decrypt the message.






15. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






16. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.






17. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.






18. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






19. A list of IP addresses and corresponding MAC addresses stored on a local computer.






20. Version Detection Scan






21. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






22. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






23. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






24. Monitoring of telephone or Internet conversations - typically by covert means.






25. A portion of memory used to temporarily store output or input data.






26. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






27. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






28. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






29. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.






30. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






31. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






32. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






33. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






34. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).






35. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






36. 18 U.S.C. 1029






37. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t






38. The level of importance assigned to an IT asset






39. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






40. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.






41. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






42. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






43. White hat






44. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.






45. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






46. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






47. The change or growth of a project's scope






48. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






49. A protocol that allows a client computer to request services from a server and the server to return the results.






50. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.