Test your basic knowledge |

CEH: Certified Ethical Hacker

  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.

2. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.

3. Hex 14

4. Port Scanning

5. A device on a network.

6. ICMP Ping

7. Wrapper or Binder

8. Describes practices in production and development that promote access to the end product's source materials.

9. ICMP Netmask

10. A small Trojan program that listens on port 777.

11. The process of recording activity on a system for monitoring and later review.

12. An Internet routing protocol used to exchange routing information within an autonomous system.

13. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr

14. The exploitation of a security vulnerability

15. An Application layer protocol for managing devices on an IP network.

16. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks

17. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.

18. The default network authentication suite of protocols for Windows NT 4.0

19. The transmission of digital signals without precise clocking or synchronization.

20. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie

21. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is

22. Name given to expert groups that handle computer security incidents.

23. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main

24. A denial-of-service technique that uses numerous hosts to perform the attack.

25. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi

26. A point of reference used to mark an initial state in order to manage change.

27. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori

28. A Windows-based GUI version of nmap.

29. The process of using easily accessible DNS records to map a target network's internal hosts.

30. A virus that plants itself in a system's boot sector and infects the master boot record.

31. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use

32. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.

33. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.

34. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.

35. The software product or system that is the subject of an evaluation.

36. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all

37. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.

38. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.

39. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.

40. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.

41. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.

42. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.

43. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.

44. An Application layer protocol for sending electronic mail between servers.

45. Idlescan

46. nmap

47. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.

48. A backlog of packets stored in buffers and waiting to be forwarded over an interface.

49. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.

50. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.