Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






2. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






3. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.






4. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra






5. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






6. Vulnerability Scanning






7. Xmas Tree scan






8. The monetary value assigned to an IT asset.






9. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






10. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






11. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






12. A computer system that performs tasks dictated by an attacker from a remote location. Zombies may be active or idle - and owners of the systems generally do not know their systems are compromised.






13. Using conversation or some other interaction between people to gather useful information.






14. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.






15. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






16. A small Trojan program that listens on port 777.






17. Controls to detect anomalies or undesirable events occurring on a system.






18. Cracking Tools






19. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).






20. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






21. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive






22. Establish Null Session






23. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action






24. Port 88






25. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.






26. White box test






27. Ping Scan






28. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






29. The transmission of digital signals without precise clocking or synchronization.






30. ICMP Type/Code 11






31. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






32. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






33. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






34. Another term for firewalking






35. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






36. Port 110






37. A denial-of-service technique that uses numerous hosts to perform the attack.






38. IP Protocol Scan






39. A software or hardware defect that often results in system vulnerabilities.






40. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






41. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






42. The default network authentication suite of protocols for Windows NT 4.0






43. Hashing algorithm that results in a 128-bit output.






44. Two or more LANs connected by a high-speed line across a large geographical area.






45. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.






46. FTP Bounce Attack






47. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






48. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption






49. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






50. A host designed to collect data on suspicious activity.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests