SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
Trusted Computer Base (TCB)
Kerberos
TACACS
SOA record
2. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.
Written Authorization
Rijndael
Open System Interconnection (OSI) Reference Model
Baseline
3. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
Detective Controls
security kernel
infrastructure mode
inference attack
4. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
iris scanner
net use \[target ip]IPC$ '' /user:''
Biometrics
Bit Flipping
5. Two or more LANs connected by a high-speed line across a large geographical area.
Finger
suicide hacker
Bluetooth
Wide Area Network (WAN)
6. A mode of operation in a wireless LAN in which clients send data directly to one another without utilizing a wireless access point (WAP) - much like a point-to-point wired connection.
ad hoc mode
route
Port Address Translation (PAT)
Wrapper
7. ICMP Type/Code 3-13
Bastion host
Finding a directory listing and gaining access to a parent or root file for access to other files
Administratively Prohibited
Banner Grabbing
8. Attacks on the actual programming code of an application.
White Box Testing
Point-to-Point Protocol (PPP)
Application-Level Attacks
risk
9. Phases of an attack
Third Party
Domain Name
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Asymmetric
10. An Application layer protocol for sending electronic mail between servers.
Simple Mail Transfer Protocol (SMTP)
-sL
Demilitarized Zone (DMZ)
SYN attack
11. Looking over an authorized user's shoulder in order to steal information (such as authentication information).
shoulder surfing
-PT
Ciphertext
scope creep
12. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.
red team
Ethical Hacker
physical security
hardware keystroke logger
13. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
Request for Comments (RFC)
ring topology
patch
Pretty Good Privacy (PGP)
14. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Adware
-sT
security defect
15. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.
impersonation
Simple Mail Transfer Protocol (SMTP)
Vulnerability Management
Trusted Computer Base (TCB)
16. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.
Due Diligence
Challenge Handshake Authentication Protocol (CHAP)
spoofing
pattern matching
17. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Man-in-the-middle attack
Replacing numbers in a url to access other files
Console Port
Rijndael
18. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.
HTTP tunneling
Wired Equivalent Privacy (WEP)
-sF
personal identification number (PIN)
19. A protocol that allows a client computer to request services from a server and the server to return the results.
Digital Signature
Overwhelm CAM table to convert switch to hub mode
risk avoidance
remote procedure call (RPC)
20. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.
Bluetooth
Bastion host
Hypertext Transfer Protocol Secure (HTTPS)
Multipartite virus
21. Normal scan timing
-PB
Address Resolution Protocol (ARP) table
piggybacking
parallel scan
22. All measures and techniques taken to gather information about an intended target. Footprinting can be passive or active.
footprinting
DNS enumeration
CIA triangle
sniffer
23. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Cryptographic Key
-sF
Droppers
false negative
24. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.
session splicing
Buffer
Hypertext Transfer Protocol Secure (HTTPS)
network tap
25. Nmap grepable output
Hacks with permission
-oG
network interface card (NIC)
Audit Data
26. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
security by obscurity
serial scan & 300 sec wait
Threat
Annualized Loss Expectancy (ALE)
27. The monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as single loss expectancy (SLE) = asset value (AV)
port knocking
single loss expectancy (SLE)
heuristic scanning
Malware
28. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
802.11 i
-sL
SOA record
Computer Emergency Response Team (CERT)
29. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
-oA
Wired Equivalent Privacy (WEP)
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
parallel scan & 300 sec timeout & 1.25 sec/probe
30. Policy stating what users of a system can and cannot do with the organization's assets.
router
encryption
Acceptable Use Policy (AUP)
MAC filtering
31. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.
polymorphic virus
routed protocol
Vulnerability Management
packet filtering
32. A protocol for exchanging packets over a serial line.
security defect
Overwhelm CAM table to convert switch to hub mode
identity theft
Serial Line Internet Protocol (SLIP)
33. ex 02
S
flood
Echo Reply
Possession of access devices
34. An attack that exploits the common mistake many people make when installing operating systems
operating system attack
Possession of access devices
Active Fingerprinting
Collision
35. Shifting responsibility from one party to another
Daisy Chaining
risk transference
Whois
honeypot
36. A type of denial-of-service attack where a hacker sends thousands of SYN packets to the target with spoofed IP addresses.
Denial of Service (DoS)
Extensible Authentication Protocol (EAP)
security bulletins
SYN attack
37. A free and popular version of the Unix operating system.
FreeBSD
Cryptography
Telnet
Wireless Local Area Network (WLAN)
38. A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster.
ad hoc mode
hot site
Simple Network Management Protocol (SNMP)
parallel scan & 75 sec timeout & 0.3 sec/probe
39. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
security by obscurity
Hierarchical File System (HFS)
-sO
Cracker
40. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
Electronic serial number
Possession of access devices
scope creep
Filter
41. The process of systematically testing each port on a firewall to map rules and determine accessible ports.
firewalking
Database
Application-Level Attacks
White Box Testing
42. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information
nslookup
Data Link layer
self encrypting
phishing
43. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
security bulletins
DNS enumeration
infrastructure mode
RxBoot
44. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.
null session
SYN flood attack
Interior Gateway Protocol (IGP)
RxBoot
45. Hex 10
SID
A
flood
Mandatory access control (MAC)
46. The conveying of official access or legal power to a person or entity.
Authorization
Bluesnarfing
Syslog
Tunneling
47. CAN-SPAM
Wide Area Network (WAN)
Network Basic Input/Output System (NetBIOS)
Level I assessment
Defines legal email marketing
48. A communications protocol used for browsing the Internet.
Hypertext Transfer Protocol (HTTP)
Information Technology (IT) asset valuation
NetBus
hacktivism
49. SYN Ping
proxy server
-sF
-PS
Fraud and related activity in connection with computers
50. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
Ethernet
hacktivism
--randomize_hosts -O OS fingerprinting
Wiretapping
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests