SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Injecting traffic into the network to identify the operating system of a device.
Active Fingerprinting
risk acceptance
Daemon
Cryptography
2. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
intrusion detection system (IDS)
Institute of Electrical and Electronics Engineers (IEEE)
Exploit
Post Office Protocol 3 (POP3)
3. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.
sheepdip
Internet Protocol (IP)
remote access
Black Hat
4. A computer virus that infects and spreads in multiple ways.
Smurf attack
Common Internet File System/Server Message Block
audit
Multipartite virus
5. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption
Community String
Authorization
parallel scan & 75 sec timeout & 0.3 sec/probe
Virus
6. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.
Decryption
secure channel
End User Licensing Agreement (EULA)
Warm Site
7. CAN-SPAM
ring topology
intranet
Defines legal email marketing
Buffer Overflow
8. RPC Scan
Ethical Hacker
-sR
risk avoidance
Bit Flipping
9. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Blowfish
Lightweight Directory Access Protocol (LDAP)
Detective Controls
Countermeasures
10. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.
Audit Data
Digital Signature
Buffer
shrink-wrap code attacks
11. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.
replay attack
-sF
HIDS
session hijacking
12. IP Protocol Scan
-sO
Application Layer
port redirection
-PS
13. Hex 12
personal identification number (PIN)
A S
Echo request
Electronic serial number
14. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.
quantitative risk assessment
-sO
remote procedure call (RPC)
Black Box Testing
15. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Community String
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Cracker
-sT
16. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
session splicing
Daisy Chaining
enumeration
flood
17. A social-engineering attack using computer resources - such as e-mail or IRC.
reverse lookup; reverse DNS lookup
Internet Protocol Security (IPSec) architecture
Computer-Based Attack
polymorphic virus
18. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
-p <port ranges>
source routing
security kernel
enumeration
19. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
Wi-Fi Protected Access (WPA)
Man-in-the-middle attack
ping sweep
proxy server
20. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.
patch
802.11
Confidentiality
spoofing
21. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa
Electronic Code Book (ECB)
Telnet
Daisy Chaining
Address Resolution Protocol (ARP) table
22. An adapter that provides the physical connection to send and receive data between the computer and the network media.
network interface card (NIC)
honeynet
RPC-DCOM
Cryptography
23. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
Asymmetric
Tunneling Virus
Transport Layer Security (TLS)
ad hoc mode
24. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.
File Allocation Table (FAT)
Tumbling
Virus Hoax
limitation of liability and remedies
25. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Real application encompassing Trojan
Hypertext Transfer Protocol Secure (HTTPS)
Crossover Error Rate (CER)
audit
26. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.
SYN attack
Fiber Distributed Data Interface (FDDI)
Computer-Based Attack
key exchange protocol
27. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information
User Datagram Protocol (UDP)
phishing
Warm Site
Replacing numbers in a url to access other files
28. A Canonical Name record within DNS - used to provide an alias for a domain name.
Finger
Whois
Access Creep
CNAME record
29. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
Droppers
script kiddie
Access Creep
Simple Mail Transfer Protocol (SMTP)
30. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
Bluejacking
Written Authorization
Minimum acceptable level of risk
Asynchronous
31. A communications path - such as the Internet - authorized for data transmission within a computer system or network.
Acceptable Use Policy (AUP)
overt channel
key exchange protocol
Secure Multipurpose Mail Extension (S/MIME)
32. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use
Discretionary Access Control (DAC)
Mantrap
-PP
keylogger
33. 18 U.S.C. 1029
Possession of access devices
spyware
Exposure Factor
Competitive Intelligence
34. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.
gray box testing
audit
payload
Redundant Array of Independent Disks (RAID)
35. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
proxy server
Open System Interconnection (OSI) Reference Model
International Organization for Standardization (ISO)
Hierarchical File System (HFS)
36. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.
Wi-Fi Protected Access (WPA)
Pretty Good Privacy (PGP)
Biometrics
Point-to-Point Tunneling Protocol (PPTP)
37. A person or entity indirectly involved in a relationship between two principles.
Third Party
sniffer
Local Administrator
Trusted Computer Base (TCB)
38. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
Transmission Control Protocol (TCP)
rogue access point
Wired Equivalent Privacy (WEP)
Virtual Private Network (VPN)
39. Cracking Tools
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Finding a directory listing and gaining access to a parent or root file for access to other files
Acceptable Use Policy (AUP)
Availability
40. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
Digital Watermarking
Wi-Fi Protected Access (WPA)
polymorphic virus
-PP
41. Port 88
Level III assessment
Kerberos
SAM
Tunnel
42. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
network access server
Application Layer
Tunneling
Authentication - Authorization - and Accounting (AAA)
43. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
false rejection rate (FRR)
key exchange protocol
-PM
Wi-Fi
44. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
infrastructure mode
Collision Domain
Black Box Testing
Bit Flipping
45. ICMP Ping
-PI
Man-in-the-middle attack
Cracker
EDGAR database
46. TCP connect() scan
False Acceptance Rate (FAR)
-sT
risk transference
risk acceptance
47. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.
Domain Name System (DNS) lookup
Anonymizer
symmetric algorithm
patch
48. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.
802.11
Due Diligence
Information Technology Security Evaluation Criteria (ITSEC)
--randomize_hosts -O OS fingerprinting
49. A computer network confined to a relatively small area - such as a single building or campus.
R
Timestamping
Backdoor
local area network (LAN)
50. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
A R
Anonymizer
Data Encryption Standard (DES)
Cookie
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests