Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr






2. The change or growth of a project's scope






3. Looking over an authorized user's shoulder in order to steal information (such as authentication information).






4. The exploitation of a security vulnerability






5. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






6. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss






7. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.






8. A Canonical Name record within DNS - used to provide an alias for a domain name.






9. In computer security - this is an algorithm that uses separate keys for encryption and decryption.






10. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






11. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






12. TCP SYN Scan






13. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






14. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






15. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






16. A denial-of-service technique that uses numerous hosts to perform the attack.






17. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






18. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.






19. Wrapper or Binder






20. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.






21. A limit on the amount of time or number of iterations or transmissions in computer and network technology a packet can experience before it will be discarded.






22. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.






23. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.






24. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption






25. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are






26. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the






27. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).






28. 18 U.S.C. 1030






29. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere






30. A derogatory term used to describe an attacker - usually new to the field - who uses simple - easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.






31. A file system used by the Mac OS.






32. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.






33. ICMP Type/Code 3-13






34. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






35. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






36. The act of checking some sequence of tokens for the presence of the constituents of some pattern.






37. Network Scanning






38. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.






39. Layer 7 of the OSI reference model. The Application layer provides services to applications - which allow them access to the network. Protocols such as FTP and SMTP reside here.






40. A computer security expert who performs security audits and penetration tests against systems or network segments - with the owner's full knowledge and permission - in an effort to increase security.






41. Port 53






42. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.






43. A device on a network.






44. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






45. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






46. Hex 12






47. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.






48. A symmetric key cipher where plaintext bits are combined with a pseudo-random cipher bit stream (keystream) - typically by an exclusive-or (XOR) operation. In a stream cipher the plaintext digits are encrypted one at a time - and the transformation o






49. A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. This suite includes protocols for establishing mutual authentication between agents at the sessio






50. ICMP Type/Code 8