Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.






2. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.






3. ICMP Type/Code 11






4. Using conversation or some other interaction between people to gather useful information.






5. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






6. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p






7. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






8. A one-way mathematical function that generates a fixedlength numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.






9. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






10. ACK Scan






11. Software or hardware components that restrict access between a protected network and the Internet - or between other sets of networks - to block unwanted use or attacks.






12. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.






13. A computer placed outside a firewall to provide public services to other Internet sites - and hardened to resist external attacks.






14. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






15. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.






16. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






17. Software that has advertisements embedded within. Generally displays ads in the form of pop-ups.






18. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.






19. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






20. A social-engineering attack that manipulates the victim into calling the attacker for help.






21. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






22. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely






23. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu






24. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.






25. A file system used by the Mac OS.






26. Any network incident that prompts some kind of log entry or other notification.






27. A value used to control cryptographic operations - such as decryption -encryption - signature generation - and signature verification.






28. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






29. Nmap grepable output






30. A group of people - gathered together by a business entity - working to address a specific problem or goal.






31. Safeguards or countermeasures to avoid - counteract - or minimize security risks.






32. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.






33. Steps taken to identify and limit risks to an acceptable or reasonable level of exposure.






34. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.






35. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






36. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






37. A portion of memory used to temporarily store output or input data.






38. A unit of information formatted according to specific protocols that allows precise transmittal of data from one network node to another. Also called a datagram or data packet - a packet contains a header (container) and a payload (contents). Any IP






39. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






40. The exploitation of a security vulnerability






41. The process of determining if a network entity (user or service) is legitimate






42. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






43. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






44. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.






45. A firewall evasion technique whereby packets are wrapped in HTTP - as a covert channel to the target.






46. Insane scan timing






47. Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.






48. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






49. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






50. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests