SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Certificate Authority (CA)
Dumpster Diving
Smurf attack
Trusted Computer Base (TCB)
2. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
parallel scan & 300 sec timeout & 1.25 sec/probe
smart card
Network Basic Input/Output System (NetBIOS)
SYN flood attack
3. White hat
HTTP tunneling
Videocipher II Satellite Encryption System
Whois
Hacks with permission
4. The Security Accounts Manager file in Windows stores all the password hashes for the system.
Simple Object Access Protocol (SOAP)
parallel scan
SAM
SMB
5. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.
Archive
Certificate Authority (CA)
pattern matching
Application Layer
6. Directory Transversal
-PP
Anonymizer
symmetric encryption
Finding a directory listing and gaining access to a parent or root file for access to other files
7. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
Collision Domain
No previous knowledge of the network
nslookup
Kerberos
8. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
remote procedure call (RPC)
firewall
Event
Routing Information Protocol (RIP)
9. Controls to detect anomalies or undesirable events occurring on a system.
Extensible Authentication Protocol (EAP)
Internet Control Message Protocol (ICMP)
Detective Controls
Malware
10. An Application layer protocol for managing devices on an IP network.
shrink-wrap code attacks
Certificate
Simple Network Management Protocol (SNMP)
OpenBSD
11. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
Wireless Local Area Network (WLAN)
fragmentation
hashing algorithm
Internet service provider (ISP)
12. Window Scan
ping sweep
-sW
intrusion detection system (IDS)
RxBoot
13. A protocol used to pass control and error messages between nodes on the Internet.
Echo request
Time exceeded
Internet Control Message Protocol (ICMP)
hot site
14. A documented process for a procedure designed to be consistent - repeatable - and accountable.
Methodology
Asset
risk avoidance
-PI
15. Sending packets or requests to another system to gain information to be used to identify weaknesses and protect the system from attacks.
A procedure for identifying active hosts on a network.
Open System Interconnection (OSI) Reference Model
Vulnerability Scanning
Hierarchical File System (HFS)
16. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
Computer Emergency Response Team (CERT)
Corrective Controls
Telnet
network interface card (NIC)
17. A software or hardware application or device that captures user keystrokes.
payload
Access Control List (ACL)
keylogger
operating system attack
18. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Virtual Local Area Network (VLAN)
payload
Daemon
-sO
19. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.
hashing algorithm
Possession of access devices
sniffer
ISO 17799
20. Phases of an attack
Console Port
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Accountability
War Chalking
21. A Windows-based GUI version of nmap.
gap analysis
-sF
Zenmap
Point-to-Point Tunneling Protocol (PPTP)
22. UDP Scan
Crossover Error Rate (CER)
encryption
-sU
NT LAN Manager (NTLM)
23. A point of reference used to mark an initial state in order to manage change.
overt channel
symmetric encryption
ad hoc mode
Baseline
24. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
logic bomb
Community String
Block Cipher
Wi-Fi
25. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa
Electronic Code Book (ECB)
Smurf attack
gray box testing
risk acceptance
26. The level of importance assigned to an IT asset
Level II assessment
Information Technology (IT) asset criticality
hot site
-oG
27. Provides router-to-router or host-to-network connections over asynchronous and synchronous circuits.
Point-to-Point Protocol (PPP)
node
spam
Banner Grabbing
28. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Virus Hoax
National Security Agency
User Datagram Protocol (UDP)
risk
29. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc
Active Directory (AD)
Event
RID Resource identifier
public key infrastructure (PKI)
30. A denial-of-service technique that uses numerous hosts to perform the attack.
Distributed DoS (DDoS)
Access Creep
Level II assessment
Trusted Computer Base (TCB)
31. ICMP Type/Code 8
segment
Common Internet File System/Server Message Block
Blowfish
Echo request
32. Another term for firewalking
Level I assessment
Due Diligence
Countermeasures
port knocking
33. A standard for encrypting and authenticating MIME data; used primarily for Internet e-mail.
red team
security bulletins
footprinting
Secure Multipurpose Mail Extension (S/MIME)
34. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Man-in-the-middle attack
Wi-Fi Protected Access (WPA)
Whois
Fraud and related activity in connection with computers
35. Ping Scan
Copyright
Ciphertext
-sP
Accountability
36. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door
red team
XOR Operation
Mantrap
Echo Reply
37. A data encryption/decryption program often used for e-mail and file storage.
Challenge Handshake Authentication Protocol (CHAP)
-P0
gap analysis
Pretty Good Privacy (PGP)
38. ICMP Type/Code 3-13
Cryptographic Key
Archive
Administratively Prohibited
Acknowledgment (ACK)
39. A computer network confined to a relatively small area - such as a single building or campus.
session hijacking
script kiddie
patch
local area network (LAN)
40. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
flood
Audit Data
Simple Object Access Protocol (SOAP)
hacktivism
41. Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information.
stream cipher
-oA
War Dialing
Google hacking
42. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.
fully qualified domain name (FQDN)
Interior Gateway Protocol (IGP)
reconnaissance
International Organization for Standardization (ISO)
43. The process of using easily accessible DNS records to map a target network's internal hosts.
reverse lookup; reverse DNS lookup
inference attack
DNS enumeration
role-based access control
44. Computer software or hardware that can intercept and log traffic passing over a digital network.
audit
-PP
sniffer
false rejection rate (FRR)
45. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
Access Creep
route
scope creep
Access Point (AP)
46. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
Self Replicating
Zero Subnet
Blowfish
source routing
47. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
Level I assessment
stateful packet filtering
-sU
shoulder surfing
48. The change or growth of a project's scope
scope creep
NetBSD
Console Port
Man-in-the-middle attack
49. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.
serial scan & 300 sec wait
private key
Wrapper
fragmentation
50. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.
Service Set Identifier (SSID)
-PT
Wireless Local Area Network (WLAN)
Worm
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests