Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Hex 12






2. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






3. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






4. A virus designed to infect the master boot record.






5. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






6. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra






7. White box test






8. CAN-SPAM






9. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






10. ICMP Ping






11. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.






12. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.






13. A small Trojan program that listens on port 777.






14. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.






15. UDP Scan






16. Port 389






17. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






18. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.






19. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.






20. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.






21. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.






22. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g






23. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






24. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






25. nmap all output






26. A host designed to collect data on suspicious activity.






27. Incremental Substitution






28. ICMP Timestamp






29. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.






30. TCP SYN Scan






31. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






32. Any item of value or worth to an organization - whether physical or virtual.






33. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.






34. Injecting traffic into the network to identify the operating system of a device.






35. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






36. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c






37. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.






38. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.






39. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






40. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.






41. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.






42. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






43. TCP connect() scan






44. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.






45. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)






46. A data encryption/decryption program often used for e-mail and file storage.






47. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






48. Port 110






49. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






50. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests