Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The default network authentication suite of protocols for Windows NT 4.0
Self Replicating
Bluesnarfing
NT LAN Manager (NTLM)
ping sweep

2. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
session hijacking
--randomize_hosts -O OS fingerprinting
Certificate Authority (CA)
Adware

3. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).
Rijndael
Anonymizer
NOP
hot site

4. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
-P0
404EE
802.11 i
Asymmetric

5. ICMP Type/Code 3-13
404EE
Tumbling
Administratively Prohibited
Cache

6. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
Address Resolution Protocol (ARP)
private network address
encapsulation
network interface card (NIC)

7. The change or growth of a project's scope
scope creep
NetBSD
Written Authorization
SYN attack

8. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
Information Technology (IT) infrastructure
MAC filtering
Macro virus
Virus

9. Port 31337
-PM
Back orifice
port scanning
Overwhelm CAM table to convert switch to hub mode

10. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).
Wi-Fi
port redirection
passive attack
Collision Domain

11. ICMP Type/Code 0-0
Ciphertext
Echo Reply
Data Link layer
Community String

12. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.
-PT
HIDS
-sT
net use \[target ip]IPC$ '' /user:''

13. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.
Time To Live (TTL)
Discretionary Access Control (DAC)
Syslog
service level agreements (SLAs)

14. The transmission of digital signals without precise clocking or synchronization.
halo effect
asynchronous transmission
DNS
security defect

15. A backlog of packets stored in buffers and waiting to be forwarded over an interface.
Level I assessment
HTTP tunneling
queue
Three-Way (TCP) Handshake

16. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Bluesnarfing
Trusted Computer Base (TCB)
Wireless Local Area Network (WLAN)
War Dialing

17. An early network application that provides information on users currently logged on to a machine.
Finger
Time Bomb
Trusted Computer System Evaluation Criteria (TCSEC)
Computer-Based Attack

18. UDP Scan
proxy server
Demilitarized Zone (DMZ)
-sU
risk

19. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.
Access Point (AP)
Redundant Array of Independent Disks (RAID)
serialize scans & 0.4 sec wait
Secure Multipurpose Mail Extension (S/MIME)

20. TCP connect() scan
Event
-sT
A procedure for identifying active hosts on a network.
Tini

21. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
ECHO reply
User Datagram Protocol (UDP)
shoulder surfing
Time To Live (TTL)

22. The concept of having more than one person required to complete a task
separation of duties
Acknowledgment (ACK)
reverse lookup; reverse DNS lookup
social engineering

23. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
U P F
Level I assessment
Cracker
Virtual Private Network (VPN)

24. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.
promiscuous mode
keylogger
Three-Way (TCP) Handshake
Electronic Code Book (ECB)

25. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio
-sP
Routing Information Protocol (RIP)
Internet Protocol Security (IPSec) architecture
Antivirus (AV) software

26. FIN Scan
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
shoulder surfing
Password Authentication Protocol (PAP)
-sF

27. Phases of an attack
Service Set Identifier (SSID)
Pretty Good Privacy (PGP)
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Port Address Translation (PAT)

28. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.
Target Of Engagement (TOE)
POP 3
SNMP
gateway

29. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.
Fast Ethernet
private key
router
NetBus

30. A method of external testing whereby several systems or resources are used together to effect an attack.
Acceptable Use Policy (AUP)
Daisy Chaining
-oA
sheepdip

31. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Certificate Authority (CA)
Vulnerability Scanning
promiscuous mode
Hypertext Transfer Protocol Secure (HTTPS)

32. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
Self Replicating
hash
Internal access to the network
HTTP tunneling

33. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
key exchange protocol
Zombie
Smurf attack
Data Link layer

34. A Canonical Name record within DNS - used to provide an alias for a domain name.
Possession of access devices
CNAME record
-sU
Zone transfer

35. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
encapsulation
Simple Mail Transfer Protocol (SMTP)
logic bomb
802.11

36. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
Zero Subnet
passive attack
Tumbling
Secure Multipurpose Mail Extension (S/MIME)

37. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
Multipartite virus
Fiber Distributed Data Interface (FDDI)
Warm Site
Common Internet File System/Server Message Block

38. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
Collision Domain
phishing
open source
keylogger

39. A computer process that requests a service from another computer and accepts the server's responses.
CAM table
Client
security breach or security incident
secure channel

40. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
Authentication
risk assessment
--randomize_hosts -O OS fingerprinting
Third Party

41. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
spyware
infrastructure mode
Database
single loss expectancy (SLE)

42. Microsoft SID 500
Replacing numbers in a url to access other files
reverse lookup; reverse DNS lookup
Local Administrator
Collision Domain

43. Polymorphic Virus
symmetric encryption
self encrypting
hacktivism
overt channel

44. Port 389
Minimum acceptable level of risk
Tunneling Virus
LDAP
Rijndael

45. PI and PT Ping
-PB
-sI
Destination Unreachable
Replacing numbers in a url to access other files

46. Monitoring of telephone or Internet conversations - typically by covert means.
Filter
Cold Site
human-based social engineering
Wiretapping

47. A protocol defining packets that are able to be routed by a router.
risk
Collision Domain
routed protocol
heuristic scanning

48. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
ping sweep
port redirection
red team
Block Cipher

49. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.
Hacks with permission
Transmission Control Protocol (TCP)
Extensible Authentication Protocol (EAP)
Open System Interconnection (OSI) Reference Model

50. Nmap grepable output
Confidentiality
-oG
security kernel
A