SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Evaluation in which testers attempt to penetrate the network.
Level III assessment
fragmentation
Simple Network Management Protocol (SNMP)
Tumbling
2. Policy stating what users of a system can and cannot do with the organization's assets.
route
Due Diligence
Acceptable Use Policy (AUP)
Replacing numbers in a url to access other files
3. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
proxy server
firewalking
router
Time Bomb
4. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination
Presentation layer
ISO 17799
network access server
packet filtering
5. The steps taken to gather evidence and information on the targets you wish to attack.
FTP
parallel scan & 75 sec timeout & 0.3 sec/probe
reconnaissance
node
6. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.
reverse lookup; reverse DNS lookup
A R
social engineering
ping sweep
7. An adapter that provides the physical connection to send and receive data between the computer and the network media.
-sF
Trapdoor Function
Virus Hoax
network interface card (NIC)
8. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -
Malware
Contingency Plan
Copyright
EDGAR database
9. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
Threat
single loss expectancy (SLE)
stream cipher
key exchange protocol
10. A virus written in a macro language and usually embedded in document or spreadsheet files.
Secure Multipurpose Mail Extension (S/MIME)
Wrapper
network operations center (NOC)
Macro virus
11. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Administratively Prohibited
script kiddie
Block Cipher
Virtual Local Area Network (VLAN)
12. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.
reconnaissance
802.11
Videocipher II Satellite Encryption System
impersonation
13. The exploitation of a security vulnerability
keylogger
promiscuous mode
security breach or security incident
-sR
14. Incremental Substitution
shoulder surfing
Replacing numbers in a url to access other files
SAM
physical security
15. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.
risk transference
red team
audit
route
16. ICMP Type/Code 11
Time exceeded
security incident response team (SIRT)
Zero Subnet
Internet Protocol (IP)
17. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Multipurpose Internet Mail Extensions (MIME)
queue
nslookup
Unicode
18. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
footprinting
Active Directory (AD)
Tunneling
ad hoc mode
19. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
Database
Client
packet
Packet Internet Groper (ping)
20. The change or growth of a project's scope
Banner Grabbing
scope creep
segment
Transport Layer Security (TLS)
21. White box test
Hierarchical File System (HFS)
Vulnerability Assessment
risk
Internal access to the network
22. An informed decision to accept the potential for damage to or loss of an IT asset.
sheepdip
Assessment
-sL
risk acceptance
23. A protocol for exchanging packets over a serial line.
Serial Line Internet Protocol (SLIP)
Defines legal email marketing
encryption
XOR Operation
24. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.
-oA
port knocking
rootkit
network tap
25. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).
RxBoot
Zone transfer
Competitive Intelligence
gap analysis
26. The monetary value assigned to an IT asset.
Information Technology (IT) asset valuation
Copyright
Authentication
Port Address Translation (PAT)
27. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
Threat
File Transfer Protocol (FTP)
Active Fingerprinting
personal identification number (PIN)
28. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.
Access Control List (ACL)
Threat
shrink-wrap code attacks
Service Set Identifier (SSID)
29. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.
Media Access Control (MAC)
Acceptable Use Policy (AUP)
social engineering
serial scan & 300 sec wait
30. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Fast Ethernet
Biometrics
GET
Antivirus (AV) software
31. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.
Cryptography
Temporal Key Integrity Protocol (TKIP)
red team
Authentication
32. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
Destination Unreachable
Data Link layer
Wi-Fi
Level I assessment
33. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
Audit Trail
Digital Signature
Cold Site
router
34. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
No previous knowledge of the network
script kiddie
War Driving
Cryptography
35. An organized collection of data.
Virtual Private Network (VPN)
Database
Antivirus (AV) software
encapsulation
36. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Due Care
integrity
Whois
Telnet
37. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
security controls
Vulnerability Management
Crossover Error Rate (CER)
identity theft
38. The Security Accounts Manager file in Windows stores all the password hashes for the system.
Password Authentication Protocol (PAP)
shrink-wrap code attacks
SAM
Macro virus
39. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.
stream cipher
Port Address Translation (PAT)
hot site
hash
40. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
Virtual Private Network (VPN)
POST
Computer-Based Attack
War Chalking
41. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.
phishing
Address Resolution Protocol (ARP)
source routing
Lightweight Directory Access Protocol (LDAP)
42. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
sniffer
Backdoor
-PB
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
43. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
stateful packet filtering
gray box testing
Secure Sockets Layer (SSL)
Countermeasures
44. Directory Transversal
Finding a directory listing and gaining access to a parent or root file for access to other files
open source
Presentation layer
security kernel
45. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Cloning
Three-Way (TCP) Handshake
Event
shoulder surfing
46. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
Countermeasures
Accountability
Console Port
File Transfer Protocol (FTP)
47. Any item of value or worth to an organization - whether physical or virtual.
Asset
Uniform Resource Locator (URL)
Trapdoor Function
Malware
48. A record showing which user has accessed a given resource and what operations the user performed during a given period.
Audit Trail
non-repudiation
security defect
User Datagram Protocol (UDP)
49. An early network application that provides information on users currently logged on to a machine.
Finger
role-based access control
Detective Controls
Threat
50. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.
--randomize_hosts -O OS fingerprinting
Malicious code
Three-Way (TCP) Handshake
polymorphic virus
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests