Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.






2. Nmap grepable output






3. A unique numerical string - created by a hashing algorithm on a given piece of data - used to verify data integrity. Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download)






4. A command that instructs the system processor to do nothing. Many overflow attacks involve stringing several NOP operations together (known as a NOP sled).






5. Monitoring of telephone or Internet conversations - typically by covert means.






6. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.






7. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






8. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






9. Two or more LANs connected by a high-speed line across a large geographical area.






10. A mathematical operation requiring two binary inputs: If the inputs match - the output is a 0 - otherwise it is a 1.






11. A point of reference used to mark an initial state in order to manage change.






12. Access by information systems (or users) communicating from outside the information system security perimeter.






13. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






14. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






15. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.






16. Any network incident that prompts some kind of log entry or other notification.






17. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






18. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






19. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.






20. A nontechnical method of hacking. Social engineering is the art of manipulating people - whether in person (human-based) or via computing methods (computer-based) - into providing sensitive information.






21. Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs - administrative passwords to APs - and other information.






22. A computer system that performs tasks dictated by an attacker from a remote location. Zombies may be active or idle - and owners of the systems generally do not know their systems are compromised.






23. PI and PT Ping






24. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.






25. A protocol used for sending and receiving log information for nodes on a network.






26. The conveying of official access or legal power to a person or entity.






27. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






28. A business - government agency - or educational institution that provides access to the Internet.






29. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it






30. A social-engineering attack that manipulates the victim into calling the attacker for help.






31. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






32. ex 02






33. A denial-of-service technique that uses numerous hosts to perform the attack.






34. Polite scan timing






35. Any item of value or worth to an organization - whether physical or virtual.






36. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.






37. Incremental Substitution






38. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.






39. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






40. Controls to detect anomalies or undesirable events occurring on a system.






41. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






42. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






43. An organized collection of data.






44. ICMP Type/Code 8






45. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks






46. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.






47. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






48. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U






49. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






50. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.