CEH: Certified Ethical Hacker

Instructions:

• Answer 50 questions in 15 minutes.
• If you are not ready to take this test, you can study here.
• Match each statement with the correct term.
• Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A backlog of packets stored in buffers and waiting to be forwarded over an interface.
-P0
-PM
queue
Traceroute


2. A method of external testing whereby several systems or resources are used together to effect an attack.
shrink-wrap code attacks
-sR
Zone transfer
Daisy Chaining


3. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Zone transfer
encapsulation
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Block Cipher


4. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
Pretty Good Privacy (PGP)
Console Port
Defines legal email marketing
Authentication - Authorization - and Accounting (AAA)


5. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.
suicide hacker
open source
Decryption
intrusion prevention system (IPS)


6. A group of experts that handles computer security incidents.
smart card
security incident response team (SIRT)
INFOSEC Assessment Methodology (IAM)
File Allocation Table (FAT)


7. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
proxy server
Ethical Hacker
Directory Traversal
Banner Grabbing


8. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Media Access Control (MAC)
Trusted Computer System Evaluation Criteria (TCSEC)
Echo request
POP 3


9. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.
Authentication Header (AH)
Internet Assigned Number Authority (IANA)
A
Ciphertext


10. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
identity theft
Trojan Horse
spyware
Authentication - Authorization - and Accounting (AAA)


11. RPC Scan
steganography
SOA record
honeynet
-sR


12. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
Mandatory access control (MAC)
Three-Way (TCP) Handshake
Internet Control Message Protocol (ICMP)
Ciphertext


13. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g
packet
Ethernet
Digital Signature
inference attack


14. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
Echo Reply
Collision
Distributed DoS (DDoS)
Black Box Testing


15. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use
session splicing
Discretionary Access Control (DAC)
Vulnerability Assessment
serialize scans & 15 sec wait


16. A device or service designed to obfuscate traffic between a client and the Internet. Generally used to make activity on the Internet as untraceable as possible.
Worm
Competitive Intelligence
Sign in Seal
Anonymizer


17. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.
piggybacking
Defense in Depth
parameter tampering
Authentication Header (AH)


18. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).
A R
NOP
-sS
Third Party


19. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
local area network (LAN)
Request for Comments (RFC)
Dumpster Diving
public key


20. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
Vulnerability Assessment
CNAME record
polymorphic virus
enumeration


21. ICMP Timestamp
steganography
Pretty Good Privacy (PGP)
Console Port
-PP


22. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
Dumpster Diving
Time To Live (TTL)
route
Due Diligence


23. Any network incident that prompts some kind of log entry or other notification.
-sA
Event
RPC-DCOM
Kerberos


24. Idlescan
Trojan Horse
network access server
Interior Gateway Protocol (IGP)
-sI


25. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
Fiber Distributed Data Interface (FDDI)
asynchronous transmission
Network Basic Input/Output System (NetBIOS)
Blowfish


26. TCP Ping
SYN attack
Password Authentication Protocol (PAP)
Wired Equivalent Privacy (WEP)
-PT


27. An attack that combines a brute-force attack with a dictionary attack.
Secure Multipurpose Mail Extension (S/MIME)
site survey
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
hybrid attack


28. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio
Internet Protocol Security (IPSec) architecture
forwarding
FreeBSD
Auditing


29. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
Level III assessment
Electronic Code Book (ECB)
Certificate
proxy server


30. The monetary value assigned to an IT asset.
Information Technology (IT) asset valuation
pattern matching
Time exceeded
halo effect


31. A person or entity indirectly involved in a relationship between two principles.
Domain Name
NT LAN Manager (NTLM)
Third Party
security controls


32. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Wiretapping
Domain Name System (DNS) cache poisoning
Smurf attack
Trojan Horse


33. Polymorphic Virus
Kerberos
Tunneling
Mandatory access control (MAC)
self encrypting


34. A protocol used to pass control and error messages between nodes on the Internet.
Internet Control Message Protocol (ICMP)
Hacks with permission
Assessment
Request for Comments (RFC)


35. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
risk
Level I assessment
infrastructure mode
Smurf attack


36. A storage buffer that transparently stores data so future requests for the same data can be served faster.
SMB
Cache
TACACS
Antivirus (AV) software


37. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.
qualitative analysis
Information Technology (IT) security architecture and framework
Bastion host
Domain Name


38. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).
Telnet
Transmission Control Protocol (TCP)
passive attack
Access Creep


39. Activities to determine the extent to which a security control is implemented correctly - operating as intended - and producing the desired outcome with respect to meeting the security requirements for the system.
A S
Zenmap
Assessment
routed protocol


40. Port 31337
Back orifice
Service Set Identifier (SSID)
Warm Site
network access server


41. PI and PT Ping
Information Technology Security Evaluation Criteria (ITSEC)
reverse lookup; reverse DNS lookup
Internet Protocol Security (IPSec) architecture
-PB


42. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
heuristic scanning
Asymmetric
proxy server
honeypot


43. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
limitation of liability and remedies
Digital Certificate
Filter
Secure Sockets Layer (SSL)


44. Hex 10
Authentication
A
shoulder surfing
SYN attack


45. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
Packet Internet Groper (ping)
Threat
network operations center (NOC)
red team


46. Black hat
Hacks without permission
personal identification number (PIN)
social engineering
-oX


47. Normal scan timing
security breach or security incident
routed protocol
security kernel
parallel scan


48. Ports 20/21
Confidentiality
Google hacking
Buffer
FTP


49. A command used in HTTP and FTP to retrieve a file from a server.
NT LAN Manager (NTLM)
Assessment
GET
local area network (LAN)


50. The condition of a resource being ready for use and accessible by authorized users.
Availability
remote access
asynchronous transmission
Web Spider