SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An early network application that provides information on users currently logged on to a machine.
Banner Grabbing
End User Licensing Agreement (EULA)
Finger
Antivirus (AV) software
2. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.
net use \[target ip]IPC$ '' /user:''
Block Cipher
audit
Electronic serial number
3. The subjective - potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor (EF) is a subjective value the person assessing risk must define.
-sL
Macro virus
Exposure Factor
Time exceeded
4. The Security Accounts Manager file in Windows stores all the password hashes for the system.
Annualized Loss Expectancy (ALE)
risk
Tunneling Virus
SAM
5. TCP Ping
-sU
-PT
protocol
public key infrastructure (PKI)
6. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.
Address Resolution Protocol (ARP)
secure channel
role-based access control
net use \[target ip]IPC$ '' /user:''
7. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.
End User Licensing Agreement (EULA)
POST
DNS enumeration
Common Internet File System/Server Message Block
8. Port 110
Domain Name System (DNS)
Bit Flipping
Malicious code
POP 3
9. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.
node
White Box Testing
Threat
quantitative risk assessment
10. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
-sP
Community String
rogue access point
passive attack
11. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Information Technology (IT) security architecture and framework
-PI
Hacks with permission
Vulnerability Management
12. Layer 6 of the OSI reference model. The Presentation layer ensures information sent by the Application layer of the sending system will be readable by the Application layer of the receiving system.
Asymmetric Algorithm
Request for Comments (RFC)
Decryption
Presentation layer
13. A communications protocol used for browsing the Internet.
POST
Hypertext Transfer Protocol (HTTP)
intrusion prevention system (IPS)
Crossover Error Rate (CER)
14. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
personal identification number (PIN)
parallel scan & 75 sec timeout & 0.3 sec/probe
gray hat
packet
15. UDP Scan
ring topology
piggybacking
Virus Hoax
-sU
16. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
phishing
Packet Internet Groper (ping)
steganography
RID Resource identifier
17. Polite scan timing
serialize scans & 0.4 sec wait
Denial of Service (DoS)
Backdoor
null session
18. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.
Unicode
Wide Area Network (WAN)
Lightweight Directory Access Protocol (LDAP)
Blowfish
19. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.
Traceroute
Bluejacking
Wrapper
-oN
20. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
--randomize_hosts -O OS fingerprinting
The automated process of proactively identifying vulnerabilities of computing systems present in a network
encapsulation
Redundant Array of Independent Disks (RAID)
21. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
net use \[target ip]IPC$ '' /user:''
Access Control List (ACL)
rule-based access control
Blowfish
22. Access by information systems (or users) communicating from outside the information system security perimeter.
piggybacking
parallel scan & 300 sec timeout & 1.25 sec/probe
remote access
Application Layer
23. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.
Client
Level II assessment
ISO 17799
Media Access Control (MAC)
24. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Network Basic Input/Output System (NetBIOS)
role-based access control
risk
SID
25. Any item of value or worth to an organization - whether physical or virtual.
MD5
Asset
Hierarchical File System (HFS)
Blowfish
26. ICMP Type/Code 11
Institute of Electrical and Electronics Engineers (IEEE)
Time exceeded
-p <port ranges>
Password Authentication Protocol (PAP)
27. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
Transmission Control Protocol (TCP)
remote access
Domain Name System (DNS) lookup
Cracker
28. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).
NOP
Filter
remote access
ping sweep
29. Port 135
Cache
Anonymizer
encryption
RPC-DCOM
30. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
Smurf attack
quantitative risk assessment
-sW
NT LAN Manager (NTLM)
31. The combination of all IT assets - resources - components - and systems.
false rejection rate (FRR)
Information Technology (IT) infrastructure
serialize scans & 0.4 sec wait
Ethical Hacker
32. Nmap normal output
-oN
footprinting
False Acceptance Rate (FAR)
firewalking
33. SYN Ping
File Transfer Protocol (FTP)
proxy server
-PS
Trusted Computer Base (TCB)
34. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Exposure Factor
Cryptographic Key
security breach or security incident
gap analysis
35. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.
Cryptography
nslookup
Defines legal email marketing
serialize scans & 0.4 sec wait
36. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
suicide hacker
Copyright
Zero Subnet
Cookie
37. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
enumeration
Bug
Information Technology (IT) infrastructure
FreeBSD
38. A group of people - gathered together by a business entity - working to address a specific problem or goal.
Tiger Team
Multipartite virus
patch
intrusion prevention system (IPS)
39. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
enumeration
public key
Asymmetric Algorithm
out-of-band signaling
40. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
HTTP tunneling
Covert Channel
security kernel
Ciphertext
41. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.
MAC filtering
-PI
Ethernet
A R
42. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
Adware
Due Diligence
Target Of Engagement (TOE)
Mandatory access control (MAC)
43. A mode of operation in a wireless LAN in which clients send data directly to one another without utilizing a wireless access point (WAP) - much like a point-to-point wired connection.
Virus
Destination Unreachable
spyware
ad hoc mode
44. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
asynchronous transmission
Dumpster Diving
private network address
Anonymizer
45. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Finger
Asymmetric
payload
Daemon
46. Attacks that take advantage of the built-in code and scripts most off-the-shelf applications come with.
shrink-wrap code attacks
Echo Reply
Wi-Fi Protected Access (WPA)
fragmentation
47. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.
Temporal Key Integrity Protocol (TKIP)
private key
Bluesnarfing
War Dialing
48. Injecting traffic into the network to identify the operating system of a device.
sidejacking
-sR
Active Fingerprinting
Cryptography
49. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.
network tap
Bastion host
ECHO reply
Internet Protocol Security (IPSec) architecture
50. TCP connect() scan
-P0
Unicode
Vulnerability Management
-sT
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests