Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
Cryptography
Malware
Finding a directory listing and gaining access to a parent or root file for access to other files
MAC filtering

2. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
risk acceptance
Countermeasures
social engineering
Challenge Handshake Authentication Protocol (CHAP)

3. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
Third Party
rule-based access control
Accountability
Multipurpose Internet Mail Extensions (MIME)

4. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator
rootkit
-PP
sidejacking
Tunneling Virus

5. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
initial sequence number (ISN)
Possession of access devices
security kernel
Virtual Private Network (VPN)

6. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
Antivirus (AV) software
Availability
smart card
Crossover Error Rate (CER)

7. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.
signature scanning
secure channel
-sT
Cryptographic Key

8. A Windows-based GUI version of nmap.
CNAME record
Tunneling
Zenmap
sheepdip

9. Formal description and evaluation of the vulnerabilities in an information system
Redundant Array of Independent Disks (RAID)
OpenBSD
Vulnerability Assessment
Local Administrator

10. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
Certificate
-sW
Cryptographic Key
packet

11. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use
Discretionary Access Control (DAC)
Videocipher II Satellite Encryption System
Information Technology (IT) asset criticality
Password Authentication Protocol (PAP)

12. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
Request for Comments (RFC)
Data Link layer
symmetric encryption
-PT

13. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
Asynchronous
SYN attack
Virtual Local Area Network (VLAN)
Collision Domain

14. A group of people - gathered together by a business entity - working to address a specific problem or goal.
-sI
Tiger Team
Tini
packet

15. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
False Acceptance Rate (FAR)
public key
Information Technology Security Evaluation Criteria (ITSEC)
private key

16. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
SMB
enumeration
Dumpster Diving
inference attack

17. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.
Media Access Control (MAC)
stateful packet filtering
gray box testing
Tumbling

18. Port 80/81/8080
Minimum acceptable level of risk
HTTP
Open System Interconnection (OSI) Reference Model
symmetric encryption

19. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).
passive attack
security bulletins
personal identification number (PIN)
Multipurpose Internet Mail Extensions (MIME)

20. nmap all output
script kiddie
network operations center (NOC)
Auditing
-oA

21. ACK Scan
-PI
-sA
piggybacking
Man-in-the-middle attack

22. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
gray box testing
sidejacking
Local Administrator
ISO 17799

23. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Exposure Factor
Service Set Identifier (SSID)
Zone transfer
Covert Channel

24. Any network incident that prompts some kind of log entry or other notification.
Event
Certificate
Interior Gateway Protocol (IGP)
sidejacking

25. ICMP Ping
Fiber Distributed Data Interface (FDDI)
Daemon
SID
-PI

26. ICMP Type/Code 11
gray hat
Time exceeded
footprinting
The automated process of proactively identifying vulnerabilities of computing systems present in a network

27. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
Digital Signature
User Datagram Protocol (UDP)
Computer-Based Attack
security by obscurity

28. Phases of an attack
passive attack
Authentication - Authorization - and Accounting (AAA)
phishing
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks

29. A protocol for exchanging packets over a serial line.
Fiber Distributed Data Interface (FDDI)
Serial Line Internet Protocol (SLIP)
Cryptographic Key
security incident response team (SIRT)

30. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
piggybacking
public key
Demilitarized Zone (DMZ)
Asymmetric Algorithm

31. Xmas Tree scan
OpenBSD
Authorization
Internet Protocol (IP)
-sX

32. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
Common Internet File System/Server Message Block
public key
National Security Agency
Internet service provider (ISP)

33. 18 U.S.C. 1029
nslookup
keylogger
ring topology
Possession of access devices

34. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
Decryption
Wide Area Network (WAN)
Port Address Translation (PAT)
Due Care

35. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.
End User Licensing Agreement (EULA)
Wi-Fi
Cryptographic Key
packet

36. The default network authentication suite of protocols for Windows NT 4.0
Anonymizer
NT LAN Manager (NTLM)
Bluesnarfing
Domain Name System (DNS) lookup

37. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Community String
security controls
separation of duties
Multipurpose Internet Mail Extensions (MIME)

38. Another term for firewalking
security bulletins
Level III assessment
-PS
port knocking

39. Nmap grepable output
-oG
human-based social engineering
Adware
Information Technology (IT) asset criticality

40. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
Authentication
ECHO reply
infrastructure mode
promiscuous mode

41. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.
INFOSEC Assessment Methodology (IAM)
quantitative risk assessment
-sF
Traceroute

42. Hex 04
Console Port
Hierarchical File System (HFS)
R
Detective Controls

43. A documented process for a procedure designed to be consistent - repeatable - and accountable.
Overwhelm CAM table to convert switch to hub mode
Auditing
intrusion prevention system (IPS)
Methodology

44. A file system used by the Mac OS.
Buffer Overflow
Hierarchical File System (HFS)
Directory Traversal
Port Address Translation (PAT)

45. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
Internet Assigned Number Authority (IANA)
symmetric encryption
role-based access control
route

46. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
ECHO reply
Collision Domain
risk
A R

47. A host designed to collect data on suspicious activity.
parallel scan
Point-to-Point Protocol (PPP)
honeypot
End User Licensing Agreement (EULA)

48. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
Information Technology (IT) security architecture and framework
intrusion prevention system (IPS)
network tap
signature scanning

49. Name given to expert groups that handle computer security incidents.
security by obscurity
Computer Emergency Response Team (CERT)
Decryption
network tap

50. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
protocol
personal identification number (PIN)
Institute of Electrical and Electronics Engineers (IEEE)
Console Port