SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP connect() scan
Virtual Local Area Network (VLAN)
-sT
out-of-band signaling
Network Address Translation (NAT)
2. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
Open System Interconnection (OSI) Reference Model
network tap
Adware
Telnet
3. The transmission of digital signals without precise clocking or synchronization.
halo effect
asynchronous transmission
Crossover Error Rate (CER)
Web Spider
4. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Bluesnarfing
Community String
Target Of Engagement (TOE)
Copyright
5. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
Algorithm
ad hoc mode
Fiber Distributed Data Interface (FDDI)
SOA record
6. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
DNS enumeration
Virus
Challenge Handshake Authentication Protocol (CHAP)
Daemon
7. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
Application Layer
-PM
public key infrastructure (PKI)
patch
8. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP
packet
File Transfer Protocol (FTP)
Mantrap
Kerberos
9. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.
piggybacking
MD5
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Open System Interconnection (OSI) Reference Model
10. Wrapper or Binder
parallel scan & 75 sec timeout & 0.3 sec/probe
local area network (LAN)
Real application encompassing Trojan
Demilitarized Zone (DMZ)
11. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -
Filter
-PM
Malware
rule-based access control
12. White box test
Client
Computer-Based Attack
Routing Information Protocol (RIP)
Internal access to the network
13. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
SAM
Unicode
personal identification number (PIN)
Port Address Translation (PAT)
14. Two or more LANs connected by a high-speed line across a large geographical area.
EDGAR database
Filter
Wide Area Network (WAN)
personal identification number (PIN)
15. The default network authentication suite of protocols for Windows NT 4.0
SMB
Collision Domain
NT LAN Manager (NTLM)
Ethernet
16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
reverse lookup; reverse DNS lookup
Internet Assigned Number Authority (IANA)
Simple Network Management Protocol (SNMP)
Hypertext Transfer Protocol Secure (HTTPS)
17. Port 135
-PM
passive attack
File Allocation Table (FAT)
RPC-DCOM
18. Policy stating what users of a system can and cannot do with the organization's assets.
ECHO reply
Acceptable Use Policy (AUP)
Defense in Depth
Contingency Plan
19. An early network application that provides information on users currently logged on to a machine.
Finger
War Dialing
Fiber Distributed Data Interface (FDDI)
sidejacking
20. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
War Driving
Acknowledgment (ACK)
Cold Site
qualitative analysis
21. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
reverse social engineering
rogue access point
Mantrap
Discretionary Access Control (DAC)
22. A type of malware that covertly collects information about a user.
Buffer
Tunneling
spyware
Telnet
23. Port 22
-sT
SSH
HTTP
payload
24. Attacks on the actual programming code of an application.
Fast Ethernet
Wi-Fi
firewall
Application-Level Attacks
25. Metamorphic Virus
404EE
promiscuous mode
Crossover Error Rate (CER)
Self Replicating
26. A social-engineering attack that manipulates the victim into calling the attacker for help.
reverse social engineering
Cookie
Address Resolution Protocol (ARP)
Virtual Local Area Network (VLAN)
27. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.
SAM
Written Authorization
Finding a directory listing and gaining access to a parent or root file for access to other files
-oA
28. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.
War Chalking
pattern matching
Fast Ethernet
initial sequence number (ISN)
29. ICMP Type/Code 11
Time exceeded
-sP
Packet Internet Groper (ping)
Man-in-the-middle attack
30. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.
Daisy Chaining
quality of service (QoS)
Wrapper
War Dialing
31. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Wiretapping
parallel scan
Boot Sector Virus
Archive
32. The process of embedding information into a digital signal in a way that makes it difficult to remove.
Digital Watermarking
halo effect
Temporal Key Integrity Protocol (TKIP)
Database
33. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.
End User Licensing Agreement (EULA)
network operations center (NOC)
-sF
scope creep
34. Port 80/81/8080
Hacks with permission
HTTP
CAM table
-oX
35. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.
XOR Operation
Hypertext Transfer Protocol Secure (HTTPS)
packet
polymorphic virus
36. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu
intrusion prevention system (IPS)
self encrypting
proxy server
Level I assessment
37. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
-PS
Whois
Master boot record infector
Open System Interconnection (OSI) Reference Model
38. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
Hacks with permission
802.11
-sA
Filter
39. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.
inference attack
Defines legal email marketing
Trapdoor Function
iris scanner
40. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
parallel scan & 75 sec timeout & 0.3 sec/probe
International Organization for Standardization (ISO)
hot site
Trusted Computer System Evaluation Criteria (TCSEC)
41. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t
protocol
Internet Assigned Number Authority (IANA)
phishing
Brute-Force Password Attack
42. Vulnerability Scanning
NetBus
Vulnerability Management
R
The automated process of proactively identifying vulnerabilities of computing systems present in a network
43. A protocol used to pass control and error messages between nodes on the Internet.
Internet Control Message Protocol (ICMP)
Archive
R
U P F
44. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.
Confidentiality
steganography
spoofing
Information Technology (IT) infrastructure
45. A file system used by the Mac OS.
Hierarchical File System (HFS)
honeynet
MAC filtering
Internet Control Message Protocol (ICMP)
46. Xmas Tree scan
sniffer
-sX
Level II assessment
Interior Gateway Protocol (IGP)
47. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.
Routing Protocol
Asymmetric
Minimum acceptable level of risk
rootkit
48. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
polymorphic virus
public key infrastructure (PKI)
Kerberos
personal identification number (PIN)
49. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
File Transfer Protocol (FTP)
Smurf attack
physical security
private network address
50. Hex 14
Administratively Prohibited
A R
Multipartite virus
-sU
