Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm - the length of the input block is the same as the length of the output block.
Corrective Controls
Block Cipher
reverse lookup; reverse DNS lookup
Ethernet

2. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
Web Spider
security breach or security incident
nslookup
-PI

3. A social-engineering attack that manipulates the victim into calling the attacker for help.
Malicious code
reverse social engineering
Third Party
shoulder surfing

4. An anonymous connection to an administrative share (IPC$) on a Windows machine. Null sessions allow for enumeration of Windows machines - among other attacks.
POST
Virus
Level II assessment
null session

5. A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
service level agreements (SLAs)
SYN flood attack
Acknowledgment (ACK)
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks

6. ICMP Type/Code 11
Time exceeded
Address Resolution Protocol (ARP) table
Google hacking
serial scan & 300 sec wait

7. don't ping
-P0
Asymmetric
Zone transfer
Zombie

8. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
Simple Network Management Protocol (SNMP)
Authentication Header (AH)
802.11 i
sidejacking

9. A program designed to execute at a specific time to release malicious code onto the computer system or network.
Hacks without permission
Kerberos
Time Bomb
risk transference

10. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Due Diligence
RPC-DCOM
Eavesdropping
SAM

11. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
Trusted Computer Base (TCB)
Wireless Local Area Network (WLAN)
signature scanning
public key

12. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
Address Resolution Protocol (ARP)
Hypertext Transfer Protocol (HTTP)
Trusted Computer System Evaluation Criteria (TCSEC)
Post Office Protocol 3 (POP3)

13. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
false rejection rate (FRR)
Internet Protocol Security (IPSec) architecture
Tunneling
Availability

14. Looking over an authorized user's shoulder in order to steal information (such as authentication information).
shoulder surfing
Transmission Control Protocol (TCP)
Backdoor
non-repudiation

15. A protocol defining packets that are able to be routed by a router.
routed protocol
router
Ciphertext
Hypertext Transfer Protocol Secure (HTTPS)

16. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
ECHO reply
Exposure Factor
Bluetooth
node

17. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Wide Area Network (WAN)
Cache
File Allocation Table (FAT)
Availability

18. A systematic process for the assessment of security vulnerabilities.
INFOSEC Assessment Methodology (IAM)
Cryptographic Key
security incident response team (SIRT)
private key

19. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Port Address Translation (PAT)
Data Link layer
Hierarchical File System (HFS)
Written Authorization

20. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
Warm Site
Cache
Internet Assigned Number Authority (IANA)
SID

21. A group of people - gathered together by a business entity - working to address a specific problem or goal.
-PI
null session
Tiger Team
port scanning

22. Port 137/138/139
SMB
Confidentiality
Syslog
Vulnerability Assessment

23. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
Virus
Wireless Local Area Network (WLAN)
Open System Interconnection (OSI) Reference Model
Virtual Private Network (VPN)

24. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
reverse lookup; reverse DNS lookup
Videocipher II Satellite Encryption System
integrity
-oG

25. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
red team
Request for Comments (RFC)
port redirection
firewall

26. A denial-of-service attack where the attacker sends a ping to the network's broadcast address from the spoofed IP address of the target. All systems in the subnet then respond to the spoofed address - eventually flooding the device.
-PP
Trapdoor Function
sniffer
Smurf attack

27. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
limitation of liability and remedies
Data Link layer
Media Access Control (MAC)
Possession of access devices

28. Hashing algorithm that results in a 128-bit output.
HTTP
MD5
Boot Sector Virus
port scanning

29. A virus written in a macro language and usually embedded in document or spreadsheet files.
Lightweight Directory Access Protocol (LDAP)
Macro virus
forwarding
FTP

30. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.
Open System Interconnection (OSI) Reference Model
Methodology
protocol stack
rogue access point

31. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
false rejection rate (FRR)
Request for Comments (RFC)
smart card
source routing

32. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
Archive
inference attack
Information Technology (IT) asset valuation
False Acceptance Rate (FAR)

33. A computer process that requests a service from another computer and accepts the server's responses.
NOP
Request for Comments (RFC)
Client
Target Of Engagement (TOE)

34. Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information.
-sV
Google hacking
Anonymizer
CIA triangle

35. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
War Driving
Possession of access devices
Audit Trail
NetBus

36. A data encryption/decryption program often used for e-mail and file storage.
steganography
Pretty Good Privacy (PGP)
DNS
File Transfer Protocol (FTP)

37. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
RID Resource identifier
queue
port knocking
Man-in-the-middle attack

38. Ports 20/21
Detective Controls
hardware keystroke logger
Information Technology (IT) infrastructure
FTP

39. 18 U.S.C. 1030
net use \[target ip]IPC$ '' /user:''
Whois
RxBoot
Fraud and related activity in connection with computers

40. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Black Box Testing
HIDS
security incident response team (SIRT)
Copyright

41. An early network application that provides information on users currently logged on to a machine.
rule-based access control
personal identification number (PIN)
Finger
Application-Level Attacks

42. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
Corrective Controls
Console Port
DNS
Active Fingerprinting

43. Computer software or hardware that can intercept and log traffic passing over a digital network.
ad hoc mode
Copyright
sniffer
Uniform Resource Locator (URL)

44. A network deployed as a trap to detect - deflect - or deter unauthorized use of information systems.
-PI
polymorphic virus
honeynet
Kerberos

45. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
impersonation
HTTP
Network Address Translation (NAT)
service level agreements (SLAs)

46. Controls to detect anomalies or undesirable events occurring on a system.
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
honeypot
network interface card (NIC)
Detective Controls

47. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.
site survey
limitation of liability and remedies
Internet Protocol Security (IPSec) architecture
Archive

48. An electronic version of junk mail. Unsolicited commercial e-mail sent to numerous recipients.
Zenmap
parallel scan & 300 sec timeout & 1.25 sec/probe
CIA triangle
spam

49. A backlog of packets stored in buffers and waiting to be forwarded over an interface.
-oX
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
queue
Console Port

50. Insane scan timing
Collision Domain
Accountability
Secure Sockets Layer (SSL)
parallel scan & 75 sec timeout & 0.3 sec/probe