SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
-oX
protocol
risk avoidance
Wrapper
2. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio
Internet Protocol Security (IPSec) architecture
SNMP
Tiger Team
Dumpster Diving
3. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
rogue access point
suicide hacker
Malicious code
Digital Certificate
4. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi
File Transfer Protocol (FTP)
gap analysis
Media Access Control (MAC)
gray hat
5. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.
Hacks with permission
Macro virus
net use \[target ip]IPC$ '' /user:''
hot site
6. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
Certificate Authority (CA)
Wireless Local Area Network (WLAN)
Electronic serial number
User Datagram Protocol (UDP)
7. FTP Bounce Attack
parameter tampering
-sF
rule-based access control
-b
8. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.
-PM
Point-to-Point Protocol (PPP)
hot site
gray box testing
9. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.
hash
Pretty Good Privacy (PGP)
physical security
Threat
10. The conveying of official access or legal power to a person or entity.
-sX
Authorization
Temporal Key Integrity Protocol (TKIP)
fully qualified domain name (FQDN)
11. Sneaky scan timing
Trusted Computer Base (TCB)
route
serialize scans & 15 sec wait
Videocipher II Satellite Encryption System
12. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Due Diligence
A S
Antivirus (AV) software
gray box testing
13. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
Bluejacking
Active Directory (AD)
Telnet
Transmission Control Protocol (TCP)
14. ICMP Timestamp
-PP
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Smurf attack
fully qualified domain name (FQDN)
15. Polite scan timing
serialize scans & 0.4 sec wait
Ciphertext
ECHO reply
Web Spider
16. A device that receives and sends data packets between two or more networks; the packet headers and a forwarding table provide the router with the information necessary for deciding which interface to use to forward packets.
ISO 17799
router
Adware
Tiger Team
17. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).
Unicode
Antivirus (AV) software
NOP
SAM
18. 18 U.S.C. 1030
Trusted Computer Base (TCB)
operating system attack
forwarding
Fraud and related activity in connection with computers
19. A program designed to execute at a specific time to release malicious code onto the computer system or network.
Hierarchical File System (HFS)
Active Directory (AD)
Access Creep
Time Bomb
20. LM Hash for short passwords (under 7)
null session
Filter
-sI
404EE
21. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.
audit
scope creep
Domain Name System (DNS) lookup
footprinting
22. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
Redundant Array of Independent Disks (RAID)
Computer Emergency Response Team (CERT)
footprinting
ring topology
23. Cracking Tools
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
non-repudiation
Unicode
SOA record
24. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
Defines legal email marketing
MAC filtering
segment
RID Resource identifier
25. The process of using easily accessible DNS records to map a target network's internal hosts.
reverse social engineering
DNS enumeration
Vulnerability
Certificate
26. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
-PM
Level II assessment
sniffer
Packet Internet Groper (ping)
27. Hex 04
R
parallel scan & 75 sec timeout & 0.3 sec/probe
gray box testing
NetBSD
28. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Daemon
Certificate Authority (CA)
hash
Telnet
29. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
Digital Watermarking
Certificate
User Datagram Protocol (UDP)
Hacks without permission
30. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
human-based social engineering
Common Internet File System/Server Message Block
Virus
War Driving
31. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
False Acceptance Rate (FAR)
rule-based access control
quantitative risk assessment
symmetric algorithm
32. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Eavesdropping
A S
The automated process of proactively identifying vulnerabilities of computing systems present in a network
smart card
33. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
Data Link layer
Uniform Resource Locator (URL)
Electronic serial number
Level III assessment
34. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.
Virtual Local Area Network (VLAN)
symmetric algorithm
Methodology
gray hat
35. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
Event
Information Technology (IT) security architecture and framework
Tumbling
Anonymizer
36. A method of external testing whereby several systems or resources are used together to effect an attack.
Daisy Chaining
End User Licensing Agreement (EULA)
Videocipher II Satellite Encryption System
symmetric encryption
37. The level of importance assigned to an IT asset
Data Link layer
Information Technology (IT) asset criticality
operating system attack
White Box Testing
38. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Last In First Out (LIFO)
Echo request
Bug
Daemon
39. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
Information Technology (IT) infrastructure
Zero Subnet
Cloning
Tunneling
40. Window Scan
-sW
-b
promiscuous mode
Lightweight Directory Access Protocol (LDAP)
41. A protocol used for sending and receiving log information for nodes on a network.
Corrective Controls
A procedure for identifying active hosts on a network.
Destination Unreachable
Syslog
42. Port 137/138/139
Videocipher II Satellite Encryption System
Hacks without permission
SMB
operating system attack
43. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Methodology
Application-Level Attacks
Cracker
Bug
44. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
A procedure for identifying active hosts on a network.
Buffer
Telnet
-sA
45. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
key exchange protocol
HTTP tunneling
Active Attack
non-repudiation
46. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
Three-Way (TCP) Handshake
Banner Grabbing
False Acceptance Rate (FAR)
Secure Multipurpose Mail Extension (S/MIME)
47. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Bluetooth
Due Diligence
Master boot record infector
Service Set Identifier (SSID)
48. Controls to detect anomalies or undesirable events occurring on a system.
Secure Multipurpose Mail Extension (S/MIME)
Detective Controls
false rejection rate (FRR)
firewall
49. Port 31337
Antivirus (AV) software
promiscuous mode
-sP
Back orifice
50. IP Protocol Scan
-sO
Bluetooth
Methodology
ECHO reply
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests