Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






2. A file system used by the Mac OS.






3. An Internet routing protocol used to exchange routing information within an autonomous system.






4. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)






5. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.






6. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.






7. Black hat






8. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.






9. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.






10. The process of recording activity on a system for monitoring and later review.






11. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






12. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






13. The ability to trace actions performed on a system to a specific user or system entity.






14. Directory Transversal






15. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






16. Port 161/162






17. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.






18. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.






19. A protocol for exchanging packets over a serial line.






20. A string that represents the location of a web resource






21. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).






22. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






23. An organized collection of data.






24. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






25. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






26. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






27. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






28. ICMP Type/Code 11






29. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.






30. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






31. Port 22






32. An informed decision to accept the potential for damage to or loss of an IT asset.






33. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






34. Software code - a portion of data - or sequence of commands intended to take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware.






35. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.






36. Polymorphic Virus






37. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.






38. The art and science of creating a covert message or image within another message - image - audio - or video file.






39. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






40. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






41. A documented process for a procedure designed to be consistent - repeatable - and accountable.






42. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






43. Used for exchanging structured information - such as XML-based messages - in the implementation of web services






44. Port 53






45. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.






46. A Canonical Name record within DNS - used to provide an alias for a domain name.






47. Controls to detect anomalies or undesirable events occurring on a system.






48. Port 80/81/8080






49. The condition of a resource being ready for use and accessible by authorized users.






50. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).