SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
HTTP
public key
Secure Multipurpose Mail Extension (S/MIME)
Virus Hoax
2. Microsoft SID 500
Media Access Control (MAC)
The automated process of proactively identifying vulnerabilities of computing systems present in a network
ping sweep
Local Administrator
3. A defined measure of service within a network system
security bulletins
quality of service (QoS)
Time Bomb
Routing Information Protocol (RIP)
4. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
payload
Certificate
Droppers
Minimum acceptable level of risk
5. ACK Scan
Mandatory access control (MAC)
-sA
sniffer
Electronic serial number
6. The lack of clocking (imposed time ordering) on a bit stream.
Boot Sector Virus
Asynchronous
replay attack
Information Technology (IT) infrastructure
7. Black box test
Secure Sockets Layer (SSL)
No previous knowledge of the network
Virtual Private Network (VPN)
HTTP tunneling
8. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
Zone transfer
Time Bomb
spam
Trusted Computer Base (TCB)
9. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Confidentiality
Buffer Overflow
Asymmetric Algorithm
separation of duties
10. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
false negative
ring topology
XOR Operation
symmetric algorithm
11. Literally - 'not balanced or the same.' In computing - asymmetric refers to a difference in networking speeds upstream to downstream. In cryptography - it's the use of more than one key for encryption/authentication purposes.
POST
Covert Channel
Digital Signature
Asymmetric
12. Any item of value or worth to an organization - whether physical or virtual.
Port Address Translation (PAT)
smart card
Asset
Adware
13. White box test
Application Layer
Cloning
Internal access to the network
Interior Gateway Protocol (IGP)
14. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
Hacks with permission
NetBSD
stateful packet filtering
White Box Testing
15. An Application layer protocol for managing devices on an IP network.
remote access
Data Link layer
Simple Network Management Protocol (SNMP)
-sV
16. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
Password Authentication Protocol (PAP)
Tunnel
Syslog
private network address
17. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.
Trojan Horse
Filter
heuristic scanning
Tunneling Virus
18. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
Dumpster Diving
--randomize_hosts -O OS fingerprinting
port redirection
Level II assessment
19. FTP Bounce Attack
-sP
-b
enumeration
Level I assessment
20. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.
Cryptographic Key
Warm Site
Time exceeded
Trusted Computer System Evaluation Criteria (TCSEC)
21. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.
SNMP
Password Authentication Protocol (PAP)
Trojan Horse
OpenBSD
22. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
Information Technology (IT) asset criticality
intrusion prevention system (IPS)
TACACS
SYN flood attack
23. An unknown deficiency in software or some other product that results in a security vulnerability being identified.
security defect
sheepdip
key exchange protocol
Bastion host
24. The process of using easily accessible DNS records to map a target network's internal hosts.
Authentication Header (AH)
A procedure for identifying active hosts on a network.
serialize scans & 0.4 sec wait
DNS enumeration
25. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu
intrusion prevention system (IPS)
remote procedure call (RPC)
Vulnerability Management
Accountability
26. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
Data Link layer
serial scan & 300 sec wait
security by obscurity
halo effect
27. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.
Defense in Depth
intrusion prevention system (IPS)
GET
reverse social engineering
28. Computer software or hardware that can intercept and log traffic passing over a digital network.
Ethical Hacker
A
Brute-Force Password Attack
sniffer
29. Nmap grepable output
Whois
-oG
rootkit
nslookup
30. The process of recording activity on a system for monitoring and later review.
Auditing
-oA
Tunnel
Wi-Fi
31. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
packet filtering
RxBoot
node
false rejection rate (FRR)
32. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
Wireless Local Area Network (WLAN)
phishing
Collision
Threat
33. The monetary loss that can be expected for an asset due to risk over a one-year period. ALE is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as ALE = ARO
spyware
Virtual Private Network (VPN)
Annualized Loss Expectancy (ALE)
Internet Control Message Protocol (ICMP)
34. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
risk transference
keylogger
-P0
Directory Traversal
35. ICMP Type/Code 11
Time exceeded
Request for Comments (RFC)
FreeBSD
Simple Network Management Protocol (SNMP)
36. An informed decision to accept the potential for damage to or loss of an IT asset.
Secure Sockets Layer (SSL)
security controls
Exposure Factor
risk acceptance
37. Hex 14
Simple Object Access Protocol (SOAP)
Eavesdropping
spoofing
A R
38. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
promiscuous mode
Countermeasures
shoulder surfing
quantitative risk assessment
39. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
Internet Assigned Number Authority (IANA)
Certificate Authority (CA)
polymorphic virus
SSH
40. An API that provides services related to the OSI model's Session layer - allowing applications on separate computers to communicate over a LAN.
hacktivism
Network Basic Input/Output System (NetBIOS)
ad hoc mode
network access server
41. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.
private key
Echo Reply
passive attack
piggybacking
42. LM Hash for short passwords (under 7)
Simple Object Access Protocol (SOAP)
802.11
Port Address Translation (PAT)
404EE
43. Paranoid scan timing
Trapdoor Function
Malware
serial scan & 300 sec wait
OpenBSD
44. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.
Hypertext Transfer Protocol Secure (HTTPS)
Bluetooth
polymorphic virus
Due Diligence
45. A term representing the responsibility managers and their organizations have to provide information security to ensure the type of control - the cost of control - and the deployment of control are appropriate for the system being managed.
network interface card (NIC)
POP 3
Due Care
Web Spider
46. Directory Transversal
Address Resolution Protocol (ARP) table
Ethernet
sheepdip
Finding a directory listing and gaining access to a parent or root file for access to other files
47. Aggressive scan timing
phishing
ECHO reply
Zero Subnet
parallel scan & 300 sec timeout & 1.25 sec/probe
48. Sneaky scan timing
serialize scans & 15 sec wait
DNS enumeration
Active Fingerprinting
-PB
49. Whether purposeful or the result of malware or other attack - a backdoor is a hidden capability in a system or program for bypassing normal computer authentication systems.
reverse lookup; reverse DNS lookup
Backdoor
Audit Data
security bulletins
50. A software or hardware application or device that captures user keystrokes.
Cloning
keylogger
-sO
serial scan & 300 sec wait
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests