Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Port 88






2. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.






3. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






4. An Application layer protocol for sending electronic mail between servers.






5. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






6. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






7. A storage buffer that transparently stores data so future requests for the same data can be served faster.






8. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






9. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.






10. A business - government agency - or educational institution that provides access to the Internet.






11. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.






12. Incremental Substitution






13. A computer virus that infects and spreads in multiple ways.






14. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






15. Port 110






16. The combination of all IT assets - resources - components - and systems.






17. The steps taken to gather evidence and information on the targets you wish to attack.






18. A group of people - gathered together by a business entity - working to address a specific problem or goal.






19. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






20. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.






21. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






22. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).






23. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






24. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






25. ICMP Timestamp






26. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






27. An HTTP command to transmit text to a web server for processing. The opposite of an HTTP GET.






28. A protocol used for sending and receiving log information for nodes on a network.






29. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.






30. A routing protocol developed to be used within a single organization.






31. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






32. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public






33. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






34. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






35. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.






36. The act of dialing all numbers within an organization to discover open modems.






37. Port 22






38. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






39. White hat






40. A social-engineering attack that manipulates the victim into calling the attacker for help.






41. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.






42. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






43. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






44. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is






45. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






46. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






47. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.






48. Hex 12






49. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






50. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests