SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.
Access Point (AP)
role-based access control
fragmentation
Time exceeded
2. ex 02
Challenge Handshake Authentication Protocol (CHAP)
RxBoot
S
Vulnerability Assessment
3. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.
White Box Testing
Fast Ethernet
-oX
NetBus
4. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Certificate Authority (CA)
Zone transfer
Syslog
Tumbling
5. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.
proxy server
fully qualified domain name (FQDN)
Internal access to the network
Acceptable Use Policy (AUP)
6. An evaluation conducted to determine the potential for damage to or loss of an IT asset.
Hacks without permission
risk assessment
File Transfer Protocol (FTP)
SYN flood attack
7. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
Routing Information Protocol (RIP)
firewalking
single loss expectancy (SLE)
hot site
8. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
false negative
router
Point-to-Point Tunneling Protocol (PPTP)
Console Port
9. Safeguards or countermeasures to avoid - counteract - or minimize security risks.
-sL
security controls
single loss expectancy (SLE)
802.11 i
10. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a
network operations center (NOC)
Kerberos
Malicious code
Hierarchical File System (HFS)
11. A protocol used to pass control and error messages between nodes on the Internet.
802.11
limitation of liability and remedies
protocol
Internet Control Message Protocol (ICMP)
12. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
-PM
Data Link layer
POP 3
promiscuous mode
13. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
Wide Area Network (WAN)
Certificate Authority (CA)
intranet
Wired Equivalent Privacy (WEP)
14. Ports 20/21
Electronic Code Book (ECB)
Asset
FTP
POP 3
15. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
sheepdip
-PT
flood
National Security Agency
16. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
SOA record
-PS
signature scanning
Banner Grabbing
17. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
Finding a directory listing and gaining access to a parent or root file for access to other files
encapsulation
NetBSD
Defines legal email marketing
18. TCP Ping
Application Layer
security incident response team (SIRT)
risk
-PT
19. A virus written in a macro language and usually embedded in document or spreadsheet files.
Denial of Service (DoS)
security by obscurity
Macro virus
intrusion prevention system (IPS)
20. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Cracker
steganography
White Box Testing
intrusion detection system (IDS)
21. A virus that plants itself in a system's boot sector and infects the master boot record.
Cold Site
null session
Defense in Depth
Boot Sector Virus
22. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
Worm
false negative
SYN attack
War Driving
23. Describes practices in production and development that promote access to the end product's source materials.
Buffer Overflow
proxy server
-oA
open source
24. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and reported.
intrusion detection system (IDS)
port scanning
-PP
social engineering
25. Port 137/138/139
Echo Reply
Rijndael
SMB
reverse social engineering
26. The potential for damage to or loss of an IT asset
risk
No previous knowledge of the network
secure channel
SOA record
27. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
-sU
private network address
security by obscurity
-sP
28. Version Detection Scan
non-repudiation
-sV
ping sweep
Event
29. A record showing which user has accessed a given resource and what operations the user performed during a given period.
Cracker
Audit Trail
Availability
symmetric algorithm
30. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
MAC filtering
Zombie
Post Office Protocol 3 (POP3)
stream cipher
31. A skilled hacker that straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain). Gray hats sometime perform illegal acts to exploit technology with the intent of achi
Due Care
signature scanning
No previous knowledge of the network
gray hat
32. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
Transmission Control Protocol (TCP)
spam
network access server
Authorization
33. Nmap ml output
source routing
-sT
-oX
passive attack
34. A hacker who aims to bring down critical infrastructure for a 'cause' and does not worry about the penalties associated with his actions.
Transport Layer Security (TLS)
Wi-Fi
suicide hacker
impersonation
35. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Bluesnarfing
Antivirus (AV) software
Simple Object Access Protocol (SOAP)
--randomize_hosts -O OS fingerprinting
36. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.
Due Diligence
SMB
parallel scan
Trapdoor Function
37. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
Internet Assigned Number Authority (IANA)
Time exceeded
network tap
hashing algorithm
38. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.
Electronic Code Book (ECB)
Due Diligence
RID Resource identifier
session splicing
39. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.
patch
Audit Data
ISO 17799
intrusion detection system (IDS)
40. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
R
Hypertext Transfer Protocol Secure (HTTPS)
RxBoot
Fast Ethernet
41. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.
Time Bomb
Wrapper
Confidentiality
security controls
42. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo
Level II assessment
Data Encryption Standard (DES)
Interior Gateway Protocol (IGP)
Due Care
43. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
Extensible Authentication Protocol (EAP)
penetration testing
Unicode
promiscuous mode
44. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.
Fast Ethernet
private key
Transmission Control Protocol (TCP)
SAM
45. An Application layer protocol for sending electronic mail between servers.
Simple Mail Transfer Protocol (SMTP)
Digital Watermarking
CIA triangle
overt channel
46. Injecting traffic into the network to identify the operating system of a device.
Master boot record infector
Cold Site
Active Fingerprinting
private key
47. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
smart card
reconnaissance
key exchange protocol
Access Creep
48. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
Authentication - Authorization - and Accounting (AAA)
Information Technology Security Evaluation Criteria (ITSEC)
red team
penetration testing
49. A protocol defining packets that are able to be routed by a router.
Asset
routed protocol
Possession of access devices
out-of-band signaling
50. The process of using easily accessible DNS records to map a target network's internal hosts.
A procedure for identifying active hosts on a network.
Virtual Local Area Network (VLAN)
Time Bomb
DNS enumeration