SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par
secure channel
Demilitarized Zone (DMZ)
role-based access control
Finger
2. A protocol used for sending and receiving log information for nodes on a network.
-sF
Syslog
Denial of Service (DoS)
packet
3. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Digital Signature
Pretty Good Privacy (PGP)
Cold Site
Trusted Computer System Evaluation Criteria (TCSEC)
4. FTP Bounce Attack
Due Care
-b
flood
Timestamping
5. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
Availability
Algorithm
Network Address Translation (NAT)
Contingency Plan
6. A protocol that allows a client computer to request services from a server and the server to return the results.
encapsulation
Trapdoor Function
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
remote procedure call (RPC)
7. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
red team
segment
File Allocation Table (FAT)
forwarding
8. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
War Driving
risk avoidance
Digital Certificate
Distributed DoS (DDoS)
9. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
fully qualified domain name (FQDN)
sidejacking
POST
OpenBSD
10. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
National Security Agency
GET
non-repudiation
Request for Comments (RFC)
11. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Database
Demilitarized Zone (DMZ)
Rijndael
Simple Network Management Protocol (SNMP)
12. List Scan
replay attack
Back orifice
Virtual Local Area Network (VLAN)
-sL
13. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.
gap analysis
intranet
Authorization
Digital Signature
14. A portion of memory used to temporarily store output or input data.
Vulnerability
Open System Interconnection (OSI) Reference Model
smart card
Buffer
15. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.
packet
CIA triangle
enumeration
Worm
16. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
EDGAR database
port knocking
risk transference
Data Link layer
17. Microsoft SID 500
Cloning
Digital Signature
Local Administrator
802.11 i
18. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Adware
Fast Ethernet
hot site
-PI
19. An attack that exploits the common mistake many people make when installing operating systems
Port Address Translation (PAT)
-sU
operating system attack
stream cipher
20. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.
Internet Protocol (IP)
Minimum acceptable level of risk
MAC filtering
Fiber Distributed Data Interface (FDDI)
21. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
Exploit
hacktivism
-sL
public key infrastructure (PKI)
22. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
Detective Controls
Fiber Distributed Data Interface (FDDI)
rule-based access control
Dumpster Diving
23. A data encryption/decryption program often used for e-mail and file storage.
Hypertext Transfer Protocol (HTTP)
Pretty Good Privacy (PGP)
MAC filtering
Kerberos
24. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
Information Technology Security Evaluation Criteria (ITSEC)
smart card
firewall
nslookup
25. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
gray box testing
Warm Site
asynchronous transmission
flood
26. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
HTTP
secure channel
Hypertext Transfer Protocol Secure (HTTPS)
RxBoot
27. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Smurf attack
quality of service (QoS)
Cache
Virtual Private Network (VPN)
28. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
network access server
Due Care
International Organization for Standardization (ISO)
router
29. A virus written in a macro language and usually embedded in document or spreadsheet files.
packet filtering
Discretionary Access Control (DAC)
Internet Assigned Number Authority (IANA)
Macro virus
30. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
Access Control List (ACL)
Routing Information Protocol (RIP)
intrusion prevention system (IPS)
replay attack
31. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
CIA triangle
Black Hat
Real application encompassing Trojan
32. The ability to trace actions performed on a system to a specific user or system entity.
Community String
red team
Accountability
fragmentation
33. Paranoid scan timing
serial scan & 300 sec wait
Client
MD5
Temporal Key Integrity Protocol (TKIP)
34. Name given to expert groups that handle computer security incidents.
Cloning
Black Hat
Computer Emergency Response Team (CERT)
security kernel
35. nmap
-p <port ranges>
Whois
network access server
smart card
36. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
intranet
-PB
Network Basic Input/Output System (NetBIOS)
Brute-Force Password Attack
37. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
FreeBSD
piggybacking
802.11
Address Resolution Protocol (ARP) table
38. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Copyright
false rejection rate (FRR)
out-of-band signaling
Tunneling Virus
39. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
site survey
-sV
Common Internet File System/Server Message Block
Biometrics
40. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.
Zero Subnet
RID Resource identifier
Information Technology Security Evaluation Criteria (ITSEC)
remote procedure call (RPC)
41. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a
security breach or security incident
FTP
footprinting
Demilitarized Zone (DMZ)
42. Port 31337
protocol stack
Back orifice
net use \[target ip]IPC$ '' /user:''
Smurf attack
43. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
802.11 i
Vulnerability Management
footprinting
Internet Assigned Number Authority (IANA)
44. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Whois
-sS
FTP
Videocipher II Satellite Encryption System
45. Directing a protocol from one port to another.
port redirection
GET
Auditing
Level II assessment
46. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
EDGAR database
Banner Grabbing
Multipartite virus
encapsulation
47. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.
CNAME record
Telnet
secure channel
rootkit
48. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).
--randomize_hosts -O OS fingerprinting
Media Access Control (MAC)
-PP
key exchange protocol
49. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.
audit
parallel scan
Audit Data
physical security
50. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.
public key infrastructure (PKI)
Mandatory access control (MAC)
Digital Watermarking
TACACS
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests