Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.






2. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






3. A communications protocol used for browsing the Internet.






4. Hex 10






5. Black box test






6. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.






7. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






8. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






9. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






10. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






11. Directory Transversal






12. A social-engineering attack that manipulates the victim into calling the attacker for help.






13. FTP Bounce Attack






14. Any network incident that prompts some kind of log entry or other notification.






15. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






16. Idlescan






17. A portion of memory used to temporarily store output or input data.






18. A person or entity indirectly involved in a relationship between two principles.






19. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






20. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c






21. Policy stating what users of a system can and cannot do with the organization's assets.






22. don't ping






23. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






24. Microsoft SID 500






25. nmap






26. A routing protocol developed to be used within a single organization.






27. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.






28. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.






29. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






30. A documented process for a procedure designed to be consistent - repeatable - and accountable.






31. A computer virus that infects and spreads in multiple ways.






32. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






33. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.






34. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.






35. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






36. Using conversation or some other interaction between people to gather useful information.






37. A comparison metric for different biometric devices and technologies; the point at which the false acceptance rate (FAR) equals the






38. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






39. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






40. A computer process that requests a service from another computer and accepts the server's responses.






41. The process of recording activity on a system for monitoring and later review.






42. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






43. Two or more LANs connected by a high-speed line across a large geographical area.






44. Insane scan timing






45. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






46. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.






47. A denial-of-service technique that uses numerous hosts to perform the attack.






48. A software or hardware defect that often results in system vulnerabilities.






49. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






50. A protocol used for sending and receiving log information for nodes on a network.