Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






2. A virus that plants itself in a system's boot sector and infects the master boot record.






3. The level of importance assigned to an IT asset






4. A method of external testing whereby several systems or resources are used together to effect an attack.






5. Any network incident that prompts some kind of log entry or other notification.






6. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






7. Establish Null Session






8. Nmap ml output






9. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.






10. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


11. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






12. Sending packets or requests to another system to gain information to be used to identify weaknesses and protect the system from attacks.






13. SYN Ping






14. TCP Ping






15. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.






16. Port 31337






17. don't ping






18. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets






19. A type of malware that covertly collects information about a user.






20. Version Detection Scan






21. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.






22. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






23. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






24. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






25. ICMP Ping






26. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.






27. Ports 20/21






28. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.






29. Nmap grepable output






30. Activities to determine the extent to which a security control is implemented correctly - operating as intended - and producing the desired outcome with respect to meeting the security requirements for the system.






31. ICMP Type/Code 0-0






32. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






33. A denial-of-service technique that uses numerous hosts to perform the attack.






34. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






35. Phases of an attack






36. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






37. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.






38. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






39. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






40. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






41. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






42. An organized collection of data.






43. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






44. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






45. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






46. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






47. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






48. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






49. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






50. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests