Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






2. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






3. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






4. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






5. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.






6. Evaluation in which testers attempt to penetrate the network.






7. A tool that helps a company to compare its actual performance with its potential performance.






8. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.






9. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).






10. Nmap ml output






11. A protocol used for sending and receiving log information for nodes on a network.






12. A storage buffer that transparently stores data so future requests for the same data can be served faster.






13. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






14. Insane scan timing






15. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie






16. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






17. Set of tools (applications or code) that enables administrator-level accessto a computer or computer network and is designed to obscure the fact that the system has been compromised. Rootkits are dangerous malware entities that provide administrator






18. A social-engineering attack that manipulates the victim into calling the attacker for help.






19. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






20. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.






21. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.






22. A protocol defining packets that are able to be routed by a router.






23. The transmission of digital signals without precise clocking or synchronization.






24. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






25. Polite scan timing






26. An Application layer protocol used primarily by Microsoft Windows to provide shared access to printers - files - and serial ports. It also provides an authenticated interprocess communication mechanism.






27. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






28. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






29. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely






30. White box test






31. Formal description and evaluation of the vulnerabilities in an information system






32. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






33. Normal scan timing






34. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






35. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






36. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






37. A group of experts that handles computer security incidents.






38. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra






39. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






40. A type of encryption where the same key is used to encrypt and decrypt the message.






41. SYN Ping






42. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






43. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.






44. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






45. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






46. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






47. A defined measure of service within a network system






48. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






49. Port 389






50. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori