SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.
Password Authentication Protocol (PAP)
Trapdoor Function
replay attack
Bluejacking
2. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
Third Party
protocol stack
serialize scans & 15 sec wait
Fiber Distributed Data Interface (FDDI)
3. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
Dumpster Diving
Sign in Seal
Internet Protocol Security (IPSec) architecture
Directory Traversal
4. FTP Bounce Attack
quality of service (QoS)
-b
Self Replicating
HTTP
5. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
Back orifice
Domain Name System (DNS) cache poisoning
Authentication
Network Address Translation (NAT)
6. Formal description and evaluation of the vulnerabilities in an information system
SYN flood attack
false rejection rate (FRR)
Vulnerability Assessment
The automated process of proactively identifying vulnerabilities of computing systems present in a network
7. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p
reverse lookup; reverse DNS lookup
Simple Object Access Protocol (SOAP)
Lightweight Directory Access Protocol (LDAP)
heuristic scanning
8. A piece of code intentionally inserted into a software system that will perform a malicious function when specified conditions are met at some future point.
logic bomb
Mantrap
payload
Defines legal email marketing
9. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
security breach or security incident
-PP
Due Care
TACACS
10. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a
Malicious code
-sW
Collision Domain
Accountability
11. The process of using easily accessible DNS records to map a target network's internal hosts.
Droppers
DNS enumeration
personal identification number (PIN)
protocol stack
12. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
public key infrastructure (PKI)
red team
SOA record
Packet Internet Groper (ping)
13. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
Point-to-Point Protocol (PPP)
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
flood
Third Party
14. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
End User Licensing Agreement (EULA)
Local Administrator
Collision Domain
Electronic Code Book (ECB)
15. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
Simple Object Access Protocol (SOAP)
Redundant Array of Independent Disks (RAID)
security by obscurity
International Organization for Standardization (ISO)
16. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
Web Spider
null session
Wired Equivalent Privacy (WEP)
quality of service (QoS)
17. A record showing which user has accessed a given resource and what operations the user performed during a given period.
Information Technology (IT) asset valuation
net use \[target ip]IPC$ '' /user:''
Audit Trail
Audit Data
18. Port 137/138/139
SMB
serial scan & 300 sec wait
Internet service provider (ISP)
Vulnerability
19. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
gray box testing
Access Control List (ACL)
Bluejacking
Level I assessment
20. A cell phone attack in which the serial number from one cell phone is copied to another in an effort to copy the cell phone.
security breach or security incident
Authentication Header (AH)
A
Cloning
21. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Data Link layer
gray box testing
Last In First Out (LIFO)
Asset
22. The process of embedding information into a digital signal in a way that makes it difficult to remove.
Digital Watermarking
Tiger Team
hash
Bastion host
23. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.
false rejection rate (FRR)
Copyright
Real application encompassing Trojan
Hacks with permission
24. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
GET
Console Port
firewalking
steganography
25. MAC Flooding
Simple Mail Transfer Protocol (SMTP)
Overwhelm CAM table to convert switch to hub mode
Active Directory (AD)
LDAP
26. The combination of all IT assets - resources - components - and systems.
Port Address Translation (PAT)
A S
Information Technology (IT) infrastructure
ring topology
27. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
Fiber Distributed Data Interface (FDDI)
Data Link layer
Information Technology (IT) security architecture and framework
signature scanning
28. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.
Defense in Depth
out-of-band signaling
keylogger
Wrapper
29. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.
XOR Operation
Destination Unreachable
Domain Name System (DNS)
physical security
30. The level of importance assigned to an IT asset
Whois
Information Technology (IT) asset criticality
local area network (LAN)
XOR Operation
31. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
-sA
promiscuous mode
false rejection rate (FRR)
Cryptographic Key
32. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Bit Flipping
Access Creep
Countermeasures
Network Basic Input/Output System (NetBIOS)
33. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.
End User Licensing Agreement (EULA)
separation of duties
NetBSD
Audit Data
34. A communications path - such as the Internet - authorized for data transmission within a computer system or network.
Web Spider
CAM table
overt channel
Virus Hoax
35. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Bluesnarfing
CNAME record
802.11
Wireless Local Area Network (WLAN)
36. Vulnerability Scanning
Ciphertext
Access Creep
symmetric encryption
The automated process of proactively identifying vulnerabilities of computing systems present in a network
37. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
Information Technology (IT) security architecture and framework
Institute of Electrical and Electronics Engineers (IEEE)
Crossover Error Rate (CER)
Internet Assigned Number Authority (IANA)
38. A small Trojan program that listens on port 777.
non-repudiation
POST
R
Tini
39. ICMP Ping
key exchange protocol
-PI
Data Link layer
protocol
40. The condition of a resource being ready for use and accessible by authorized users.
Computer-Based Attack
Due Diligence
Availability
Internet Protocol (IP)
41. A portion of memory used to temporarily store output or input data.
False Acceptance Rate (FAR)
ping sweep
Buffer
Media Access Control (MAC)
42. The potential for damage to or loss of an IT asset
Videocipher II Satellite Encryption System
Challenge Handshake Authentication Protocol (CHAP)
risk
serialize scans & 0.4 sec wait
43. Idlescan
-sI
initial sequence number (ISN)
LDAP
Tini
44. Wrapper or Binder
network operations center (NOC)
Information Technology (IT) infrastructure
Mantrap
Real application encompassing Trojan
45. A person or entity indirectly involved in a relationship between two principles.
service level agreements (SLAs)
firewalking
Third Party
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
46. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Cookie
Address Resolution Protocol (ARP)
sheepdip
Buffer Overflow
47. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Redundant Array of Independent Disks (RAID)
Acceptable Use Policy (AUP)
Certificate Authority (CA)
-sI
48. A systematic process for the assessment of security vulnerabilities.
INFOSEC Assessment Methodology (IAM)
payload
limitation of liability and remedies
iris scanner
49. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.
TACACS
DNS
Trojan Horse
Zombie
50. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
Point-to-Point Protocol (PPP)
Eavesdropping
HTTP tunneling
Wireless Local Area Network (WLAN)
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests