Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An Internet routing protocol used to exchange routing information within an autonomous system.






2. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






3. The lack of clocking (imposed time ordering) on a bit stream.






4. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






5. A person or entity indirectly involved in a relationship between two principles.






6. The condition of a resource being ready for use and accessible by authorized users.






7. Network Scanning






8. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






9. ICMP Type/Code 0-0






10. An organized collection of data.






11. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






12. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






13. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






14. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






15. Recording the time - normally in a log file - when an event happens or when information is created or modified.






16. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






17. The process of systematically testing each port on a firewall to map rules and determine accessible ports.






18. Any item of value or worth to an organization - whether physical or virtual.






19. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets






20. A virus that plants itself in a system's boot sector and infects the master boot record.






21. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






22. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






23. A file system used by the Mac OS.






24. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






25. Normal scan timing






26. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






27. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






28. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






29. A communications path - such as the Internet - authorized for data transmission within a computer system or network.






30. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






31. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






32. Port 53






33. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.






34. Microsoft SID 500






35. Hex 10






36. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






37. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all






38. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






39. A command used in HTTP and FTP to retrieve a file from a server.






40. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






41. ICMP Type/Code 8






42. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






43. Used for exchanging structured information - such as XML-based messages - in the implementation of web services






44. The ability to trace actions performed on a system to a specific user or system entity.






45. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.






46. An Application layer protocol for sending electronic mail between servers.






47. Controls to detect anomalies or undesirable events occurring on a system.






48. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.






49. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






50. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.