Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






2. A free and popular version of the Unix operating system.






3. A method used to prevent IDS detection by dividing the request into multiple parts that are sent in different packets






4. Any item of value or worth to an organization - whether physical or virtual.






5. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






6. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






7. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






8. A group of experts that handles computer security incidents.






9. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






10. Version Detection Scan






11. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






12. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.






13. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






14. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






15. Normal scan timing






16. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.






17. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






18. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.






19. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.






20. A documented process for a procedure designed to be consistent - repeatable - and accountable.






21. A software or hardware application or device that captures user keystrokes.






22. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)






23. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






24. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






25. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






26. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






27. Another term for firewalking






28. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.






29. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.






30. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t






31. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.






32. A stand-alone computer - kept off the network - that is used for scanning potentially malicious media or software.






33. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






34. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






35. Hex 10






36. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.






37. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






38. An attack that combines a brute-force attack with a dictionary attack.






39. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






40. Transmitting one protocol encapsulated inside another protocol.






41. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.






42. Polite scan timing






43. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






44. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.






45. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.






46. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






47. A virus designed to infect the master boot record.






48. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman






49. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.






50. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity