Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP connect() scan






2. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






3. The transmission of digital signals without precise clocking or synchronization.






4. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.






5. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






6. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






7. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.






8. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






9. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.






10. Wrapper or Binder






11. A program or piece of code inserted into a system - usually covertly - with the intent of compromising the confidentiality - integrity - or availability of the victim's data - applications - or operating system. Malware consists of viruses - worms -






12. White box test






13. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity






14. Two or more LANs connected by a high-speed line across a large geographical area.






15. The default network authentication suite of protocols for Windows NT 4.0






16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






17. Port 135






18. Policy stating what users of a system can and cannot do with the organization's assets.






19. An early network application that provides information on users currently logged on to a machine.






20. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






21. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






22. A type of malware that covertly collects information about a user.






23. Port 22






24. Attacks on the actual programming code of an application.






25. Metamorphic Virus






26. A social-engineering attack that manipulates the victim into calling the attacker for help.






27. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.






28. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.






29. ICMP Type/Code 11






30. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.






31. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.






32. The process of embedding information into a digital signal in a way that makes it difficult to remove.






33. One or more locations from which control is exercised over a computer - television broadcast - or telecommunications network.






34. Port 80/81/8080






35. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






36. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu






37. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.






38. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






39. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.






40. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.






41. A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option) - one after another - until successful. Bruteforce attacks take a long time t






42. Vulnerability Scanning






43. A protocol used to pass control and error messages between nodes on the Internet.






44. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






45. A file system used by the Mac OS.






46. Xmas Tree scan






47. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






48. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






49. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.






50. Hex 14