Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack that exploits the common mistake many people make when installing operating systems






2. Directing a protocol from one port to another.






3. Version Detection Scan






4. 18 U.S.C. 1030






5. A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.






6. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.






7. The process of recording activity on a system for monitoring and later review.






8. The potential for damage to or loss of an IT asset






9. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.






10. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public






11. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.






12. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.






13. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.






14. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






15. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






16. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.






17. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.






18. A denial-of-service technique that uses numerous hosts to perform the attack.






19. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. Nmap normal output






21. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






22. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






23. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






24. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).






25. RPC Scan






26. An organization's threshold for the seven areas of information security responsibility. This level is established based on the objectives for maintaining confidentiality - integrity - and availability of the organization's IT assets and infrastructur






27. A host designed to collect data on suspicious activity.






28. A virus written in a macro language and usually embedded in document or spreadsheet files.






29. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.






30. A Canonical Name record within DNS - used to provide an alias for a domain name.






31. A file system used by the Mac OS.






32. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.






33. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






34. A form of fraud in which someone pretends to be someone else by assuming that person's identity - typically in order to access resources or obtain credit and other benefits in that person's name.






35. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






36. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.






37. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






38. Network Scanning






39. SYN Ping






40. Shifting responsibility from one party to another






41. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






42. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.






43. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.






44. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.






45. A software or hardware application or device that captures user keystrokes.






46. An early network application that provides information on users currently logged on to a machine.






47. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.






48. A protocol that allows a client computer to request services from a server and the server to return the results.






49. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






50. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.