Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A section or subset of the network. Often a router or other routing device provides the end point of the segment.






2. PI and PT Ping






3. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






4. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.






5. Port 22






6. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






7. A systematic process for the assessment of security vulnerabilities.






8. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi






9. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






10. An early network application that provides information on users currently logged on to a machine.






11. ICMP Type/Code 0-0






12. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






13. Ping Scan






14. A Windows-based GUI version of nmap.






15. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.






16. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g






17. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






18. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






19. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






20. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.






21. An organized collection of data.






22. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






23. The process of recording activity on a system for monitoring and later review.






24. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






25. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.






26. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






27. Nmap grepable output






28. A backlog of packets stored in buffers and waiting to be forwarded over an interface.






29. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.






30. A protocol for exchanging packets over a serial line.






31. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col






32. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.






33. Used for exchanging structured information - such as XML-based messages - in the implementation of web services






34. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.






35. The process of determining if a network entity (user or service) is legitimate






36. FIN Scan






37. A free and popular version of the Unix operating system.






38. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






39. A software or hardware defect that often results in system vulnerabilities.






40. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






41. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






42. nmap






43. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






44. Hex 10






45. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)






46. Normal scan timing






47. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






48. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.






49. Computer software or hardware that can intercept and log traffic passing over a digital network.






50. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.