SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
Telnet
Digital Watermarking
Baseline
Lightweight Directory Access Protocol (LDAP)
2. A file system used by the Mac OS.
Interior Gateway Protocol (IGP)
Hierarchical File System (HFS)
Point-to-Point Protocol (PPP)
hacktivism
3. An Internet routing protocol used to exchange routing information within an autonomous system.
Biometrics
Interior Gateway Protocol (IGP)
fragmentation
parameter tampering
4. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
Malicious code
Due Diligence
single loss expectancy (SLE)
War Chalking
5. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.
fully qualified domain name (FQDN)
shoulder surfing
File Allocation Table (FAT)
-sI
6. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.
Access Control List (ACL)
Wide Area Network (WAN)
Active Attack
shrink-wrap code attacks
7. Black hat
Zone transfer
Hacks without permission
overt channel
File Allocation Table (FAT)
8. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Fast Ethernet
SMB
HIDS
remote procedure call (RPC)
9. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
fully qualified domain name (FQDN)
SOA record
No previous knowledge of the network
Countermeasures
10. The process of recording activity on a system for monitoring and later review.
File Transfer Protocol (FTP)
Auditing
serialize scans & 15 sec wait
iris scanner
11. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.
Bluetooth
Unicode
Replacing numbers in a url to access other files
nslookup
12. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
LDAP
Open System Interconnection (OSI) Reference Model
-sS
Covert Channel
13. The ability to trace actions performed on a system to a specific user or system entity.
Zero Subnet
Accountability
Black Hat
Pretty Good Privacy (PGP)
14. Directory Transversal
security controls
Finding a directory listing and gaining access to a parent or root file for access to other files
GET
Corrective Controls
15. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
NetBus
halo effect
private key
Videocipher II Satellite Encryption System
16. Port 161/162
Asynchronous
security defect
SNMP
-sR
17. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
piggybacking
honeynet
Bluetooth
infrastructure mode
18. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
SNMP
sidejacking
HTTP tunneling
ECHO reply
19. A protocol for exchanging packets over a serial line.
Serial Line Internet Protocol (SLIP)
router
Contingency Plan
Bug
20. A string that represents the location of a web resource
security breach or security incident
Minimum acceptable level of risk
Uniform Resource Locator (URL)
Auditing
21. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
Internet Protocol Security (IPSec) architecture
Domain Name System (DNS) lookup
Banner Grabbing
Cookie
22. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.
Buffer
404EE
protocol stack
Auditing
23. An organized collection of data.
SNMP
Database
Local Administrator
File Allocation Table (FAT)
24. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.
Bluesnarfing
Asymmetric
Eavesdropping
Hacks without permission
25. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
Wi-Fi
Electronic serial number
War Driving
Baseline
26. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
National Security Agency
U P F
Wired Equivalent Privacy (WEP)
Confidentiality
27. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Cracker
footprinting
SYN flood attack
-P0
28. ICMP Type/Code 11
NetBSD
Time exceeded
steganography
-sT
29. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Institute of Electrical and Electronics Engineers (IEEE)
Virtual Local Area Network (VLAN)
Service Set Identifier (SSID)
Cloning
30. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.
Zombie
Ethernet
Bastion host
A R
31. Port 22
Active Directory (AD)
halo effect
Auditing
SSH
32. An informed decision to accept the potential for damage to or loss of an IT asset.
risk acceptance
Secure Sockets Layer (SSL)
shrink-wrap code attacks
reconnaissance
33. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -
HTTP tunneling
Timestamping
Time To Live (TTL)
Malware
34. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.
Web Spider
network interface card (NIC)
National Security Agency
Exploit
35. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
personal identification number (PIN)
network access server
Secure Multipurpose Mail Extension (S/MIME)
Request for Comments (RFC)
36. Polymorphic Virus
Information Technology Security Evaluation Criteria (ITSEC)
self encrypting
Information Technology (IT) security architecture and framework
-sT
37. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
Covert Channel
Cryptography
Bug
Temporal Key Integrity Protocol (TKIP)
38. The art and science of creating a covert message or image within another message - image - audio - or video file.
intrusion detection system (IDS)
SSH
steganography
RID Resource identifier
39. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
session splicing
Eavesdropping
Finger
Tunnel
40. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Address Resolution Protocol (ARP)
remote procedure call (RPC)
security breach or security incident
Computer-Based Attack
41. A documented process for a procedure designed to be consistent - repeatable - and accountable.
Written Authorization
No previous knowledge of the network
private network address
Methodology
42. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.
piggybacking
Replacing numbers in a url to access other files
Contingency Plan
Tini
43. Used for exchanging structured information - such as XML-based messages - in the implementation of web services
Service Set Identifier (SSID)
Internet service provider (ISP)
Simple Object Access Protocol (SOAP)
File Transfer Protocol (FTP)
44. Port 53
Three-Way (TCP) Handshake
hardware keystroke logger
self encrypting
DNS
45. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
Authentication
SYN attack
rootkit
spam
46. A Canonical Name record within DNS - used to provide an alias for a domain name.
sniffer
CNAME record
Internet Protocol (IP)
Bluetooth
47. Controls to detect anomalies or undesirable events occurring on a system.
encryption
Tiger Team
single loss expectancy (SLE)
Detective Controls
48. Port 80/81/8080
Echo request
Collision
Interior Gateway Protocol (IGP)
HTTP
49. The condition of a resource being ready for use and accessible by authorized users.
Directory Traversal
Due Care
flood
Availability
50. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Discretionary Access Control (DAC)
Rijndael
Ethical Hacker
rogue access point
