Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.






2. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).






3. The level of importance assigned to an IT asset






4. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






5. An attack that exploits the common mistake many people make when installing operating systems






6. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is






7. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U






8. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






9. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.






10. Polite scan timing






11. Hex 14






12. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).






13. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






14. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.






15. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.






16. A computer file system architecture used in Windows - OS/2 - and most memory cards.






17. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.






18. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






19. A free and popular version of the Unix operating system.






20. Establish Null Session






21. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






22. ACK Scan






23. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.






24. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.






25. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






26. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






27. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






28. Nmap normal output






29. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.






30. The monetary value assigned to an IT asset.






31. Policy stating what users of a system can and cannot do with the organization's assets.






32. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






33. In computer security - this is an algorithm that uses separate keys for encryption and decryption.






34. A group of experts that handles computer security incidents.






35. The software product or system that is the subject of an evaluation.






36. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






37. Hex 12






38. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






39. The art and science of creating a covert message or image within another message - image - audio - or video file.






40. The act of dialing all numbers within an organization to discover open modems.






41. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.






42. A file system used by the Mac OS.






43. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the






44. Port 88






45. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col






46. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.






47. Ports 20/21






48. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.






49. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.






50. Computer software or hardware that can intercept and log traffic passing over a digital network.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests