SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
Blowfish
Black Box Testing
Distributed DoS (DDoS)
Cryptography
2. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Institute of Electrical and Electronics Engineers (IEEE)
quantitative risk assessment
Defense in Depth
Lightweight Directory Access Protocol (LDAP)
3. The process of using easily accessible DNS records to map a target network's internal hosts.
Mantrap
reconnaissance
Routing Protocol
DNS enumeration
4. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.
Bug
SNMP
symmetric algorithm
social engineering
5. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.
Pretty Good Privacy (PGP)
Third Party
heuristic scanning
replay attack
6. A virus designed to infect the master boot record.
parameter tampering
encryption
Google hacking
Master boot record infector
7. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.
NT LAN Manager (NTLM)
gateway
Point-to-Point Tunneling Protocol (PPTP)
Information Technology (IT) security architecture and framework
8. ICMP Netmask
Open System Interconnection (OSI) Reference Model
-PM
Digital Signature
sniffer
9. Originally an extension of PPP - this is a protocol for authentication used within wireless networks. Works with multiple authentication measures.
Ciphertext
impersonation
heuristic scanning
Extensible Authentication Protocol (EAP)
10. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
Cracker
operating system attack
false negative
Fiber Distributed Data Interface (FDDI)
11. The monetary value assigned to an IT asset.
Information Technology (IT) asset valuation
Rijndael
asynchronous transmission
Auditing
12. A point of reference used to mark an initial state in order to manage change.
Cloning
Computer-Based Attack
Baseline
Corrective Controls
13. Xmas Tree scan
piggybacking
Cold Site
-sX
Tumbling
14. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Service Set Identifier (SSID)
risk acceptance
fully qualified domain name (FQDN)
Web Spider
15. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
hacktivism
encryption
TACACS
User Datagram Protocol (UDP)
16. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
Temporal Key Integrity Protocol (TKIP)
-sF
source routing
security by obscurity
17. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
hot site
Domain Name
Network Basic Input/Output System (NetBIOS)
steganography
18. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.
security controls
Dumpster Diving
footprinting
FTP
19. nmap all output
Copyright
The automated process of proactively identifying vulnerabilities of computing systems present in a network
A S
-oA
20. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
-sL
Wireless Local Area Network (WLAN)
XOR Operation
Virus Hoax
21. Port 110
Ethernet
POP 3
security by obscurity
Confidentiality
22. A method of external testing whereby several systems or resources are used together to effect an attack.
Active Attack
Internal access to the network
Daisy Chaining
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
23. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
Zombie
-sI
out-of-band signaling
Trusted Computer System Evaluation Criteria (TCSEC)
24. The process of embedding information into a digital signal in a way that makes it difficult to remove.
Possession of access devices
Target Of Engagement (TOE)
Annualized Loss Expectancy (ALE)
Digital Watermarking
25. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Whois
role-based access control
Trusted Computer Base (TCB)
piggybacking
26. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
Banner Grabbing
Secure Sockets Layer (SSL)
Multipartite virus
service level agreements (SLAs)
27. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
ring topology
Tunneling
Data Link layer
Last In First Out (LIFO)
28. Polymorphic Virus
Crossover Error Rate (CER)
-b
Wired Equivalent Privacy (WEP)
self encrypting
29. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
site survey
Countermeasures
reverse social engineering
Self Replicating
30. LM Hash for short passwords (under 7)
fully qualified domain name (FQDN)
User Datagram Protocol (UDP)
404EE
Console Port
31. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
proxy server
Certificate
phishing
Active Fingerprinting
32. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Man-in-the-middle attack
reverse social engineering
S
Possession of access devices
33. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.
Asymmetric
gray hat
fragmentation
source routing
34. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
Back orifice
Discretionary Access Control (DAC)
-oX
Adware
35. A non-self-replicating program that appears to have a useful purpose - but in reality has a different - malicious purpose.
Syslog
routed protocol
Cryptographic Key
Trojan Horse
36. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.
Password Authentication Protocol (PAP)
Multipurpose Internet Mail Extensions (MIME)
session hijacking
Brute-Force Password Attack
37. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
Multipurpose Internet Mail Extensions (MIME)
role-based access control
GET
Virtual Local Area Network (VLAN)
38. Transmitting one protocol encapsulated inside another protocol.
Tunneling
Malicious code
Replacing numbers in a url to access other files
impersonation
39. ICMP Ping
firewall
A
Active Directory (AD)
-PI
40. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.
Tumbling
Crossover Error Rate (CER)
logic bomb
ISO 17799
41. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
Man-in-the-middle attack
Trusted Computer System Evaluation Criteria (TCSEC)
-PB
Backdoor
42. Port 137/138/139
SMB
Temporal Key Integrity Protocol (TKIP)
Address Resolution Protocol (ARP)
A R
43. A group of experts that handles computer security incidents.
OpenBSD
Secure Multipurpose Mail Extension (S/MIME)
RPC-DCOM
security incident response team (SIRT)
44. Port 161/162
SNMP
reverse social engineering
impersonation
Echo request
45. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
Asynchronous
reverse lookup; reverse DNS lookup
Discretionary Access Control (DAC)
infrastructure mode
46. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
Bluesnarfing
footprinting
public key
Threat
47. A Windows-based GUI version of nmap.
encryption
Pretty Good Privacy (PGP)
quality of service (QoS)
Zenmap
48. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.
Wide Area Network (WAN)
forwarding
piggybacking
Biometrics
49. Network Scanning
personal identification number (PIN)
DNS
Address Resolution Protocol (ARP) table
A procedure for identifying active hosts on a network.
50. A software or hardware defect that often results in system vulnerabilities.
RPC-DCOM
out-of-band signaling
Bug
CIA triangle
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests