SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
Port Address Translation (PAT)
Database
gray hat
HTTP tunneling
2. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
Trusted Computer System Evaluation Criteria (TCSEC)
Competitive Intelligence
self encrypting
packet filtering
3. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.
Tiger Team
Possession of access devices
Brute-Force Password Attack
Unicode
4. CAN-SPAM
Pretty Good Privacy (PGP)
Defines legal email marketing
false rejection rate (FRR)
POST
5. A virus designed to infect the master boot record.
Written Authorization
Master boot record infector
Zombie
parallel scan & 75 sec timeout & 0.3 sec/probe
6. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
Unicode
replay attack
single loss expectancy (SLE)
security kernel
7. A virus written in a macro language and usually embedded in document or spreadsheet files.
Macro virus
network interface card (NIC)
POP 3
fully qualified domain name (FQDN)
8. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
Transport Layer Security (TLS)
single loss expectancy (SLE)
session hijacking
A R
9. Transmitting one protocol encapsulated inside another protocol.
segment
Authentication - Authorization - and Accounting (AAA)
Tunneling
risk avoidance
10. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
Finger
forwarding
halo effect
Written Authorization
11. The lack of clocking (imposed time ordering) on a bit stream.
parallel scan & 75 sec timeout & 0.3 sec/probe
Droppers
Internet service provider (ISP)
Asynchronous
12. A protocol used for sending and receiving log information for nodes on a network.
Syslog
serial scan & 300 sec wait
risk
Multipartite virus
13. Sneaky scan timing
serialize scans & 15 sec wait
Serial Line Internet Protocol (SLIP)
HIDS
suicide hacker
14. Port 110
hacktivism
fully qualified domain name (FQDN)
International Organization for Standardization (ISO)
POP 3
15. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
enumeration
phishing
packet
rogue access point
16. Incremental Substitution
hot site
firewalking
Replacing numbers in a url to access other files
Electronic serial number
17. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.
Timestamping
RID Resource identifier
qualitative analysis
Black Hat
18. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
Unicode
Auditing
Mantrap
Computer Emergency Response Team (CERT)
19. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.
Traceroute
Acknowledgment (ACK)
Master boot record infector
Dumpster Diving
20. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
Back orifice
Acceptable Use Policy (AUP)
Syslog
Wired Equivalent Privacy (WEP)
21. A program designed to execute at a specific time to release malicious code onto the computer system or network.
Time Bomb
-P0
security controls
Back orifice
22. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Wireless Local Area Network (WLAN)
Copyright
Simple Object Access Protocol (SOAP)
encryption
23. The act of dialing all numbers within an organization to discover open modems.
RPC-DCOM
POST
War Dialing
Defense in Depth
24. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
personal identification number (PIN)
Vulnerability Scanning
serialize scans & 15 sec wait
FTP
25. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.
POST
integrity
Temporal Key Integrity Protocol (TKIP)
War Chalking
26. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
Data Encryption Standard (DES)
Console Port
Mandatory access control (MAC)
CAM table
27. A Windows-based GUI version of nmap.
Telnet
Pretty Good Privacy (PGP)
segment
Zenmap
28. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
R
-PB
Event
route
29. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
Syslog
Access Creep
queue
Cookie
30. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.
NOP
Asymmetric Algorithm
Cold Site
quantitative risk assessment
31. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.
Trojan Horse
SAM
DNS enumeration
Domain Name System (DNS)
32. Nmap ml output
Bluejacking
hashing algorithm
Wi-Fi
-oX
33. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Information Technology (IT) security architecture and framework
Due Care
FreeBSD
Vulnerability Scanning
34. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a
Malicious code
-sI
honeynet
Level III assessment
35. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
Point-to-Point Protocol (PPP)
Computer-Based Attack
protocol
spam
36. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
SNMP
Wired Equivalent Privacy (WEP)
Certificate
Audit Trail
37. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.
encryption
public key infrastructure (PKI)
Bluejacking
firewall
38. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
Videocipher II Satellite Encryption System
honeynet
reverse social engineering
private network address
39. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
Google hacking
encapsulation
Filter
Directory Traversal
40. An Application layer protocol for managing devices on an IP network.
out-of-band signaling
quantitative risk assessment
XOR Operation
Simple Network Management Protocol (SNMP)
41. Attacks on the actual programming code of an application.
role-based access control
Echo Reply
Filter
Application-Level Attacks
42. Computer software or hardware that can intercept and log traffic passing over a digital network.
patch
hot site
sniffer
Unicode
43. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Post Office Protocol 3 (POP3)
NetBus
Trojan Horse
Cloning
44. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
honeypot
Information Technology (IT) asset valuation
overt channel
Virtual Local Area Network (VLAN)
45. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o
Electronic serial number
stream cipher
Post Office Protocol 3 (POP3)
Domain Name System (DNS) lookup
46. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
serial scan & 300 sec wait
End User Licensing Agreement (EULA)
Cryptographic Key
SOA record
47. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.
SSH
Time exceeded
sheepdip
network access server
48. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.
Level I assessment
Defines legal email marketing
intranet
Hacks without permission
49. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
802.11
segment
Banner Grabbing
shoulder surfing
50. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
security controls
smart card
RxBoot
null session
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests