Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.
Collision
Hacks without permission
Web Spider
-p <port ranges>

2. Policy stating what users of a system can and cannot do with the organization's assets.
Timestamping
Point-to-Point Protocol (PPP)
Acceptable Use Policy (AUP)
White Box Testing

3. A protocol used to pass control and error messages between nodes on the Internet.
service level agreements (SLAs)
Internet Control Message Protocol (ICMP)
gray hat
Data Link layer

4. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.
Antivirus (AV) software
Virus
limitation of liability and remedies
encapsulation

5. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
non-repudiation
No previous knowledge of the network
Lightweight Directory Access Protocol (LDAP)
Request for Comments (RFC)

6. Normal scan timing
parallel scan
logic bomb
false rejection rate (FRR)
SOA record

7. Used for exchanging structured information - such as XML-based messages - in the implementation of web services
service level agreements (SLAs)
Simple Object Access Protocol (SOAP)
Time Bomb
identity theft

8. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.
Authentication Header (AH)
Trapdoor Function
gray box testing
War Dialing

9. A security objective that ensures a resource can be accessed only by authorized users. This is also the property that sensitive information is not disclosed to unauthorized individuals - entities - or processes.
-sF
Database
Confidentiality
honeynet

10. A sublayer of layer 2 of the OSI model - the Data Link layer. It provides addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network.
Media Access Control (MAC)
nslookup
encryption
Acceptable Use Policy (AUP)

11. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
Fast Ethernet
Routing Protocol
CNAME record
Echo request

12. The transmission of digital signals without precise clocking or synchronization.
-sR
Biometrics
-sA
asynchronous transmission

13. Idlescan
steganography
-sI
local area network (LAN)
enumeration

14. Confidentiality - Integrity - and Availability are the three aspects of security and make up the triangle.
Application Layer
CIA triangle
Routing Information Protocol (RIP)
Interior Gateway Protocol (IGP)

15. A document describing information security guidelines - policies - procedures - and standards.
port scanning
Droppers
Demilitarized Zone (DMZ)
Information Technology (IT) security architecture and framework

16. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
Digital Certificate
enumeration
qualitative analysis
Computer Emergency Response Team (CERT)

17. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
physical security
MAC filtering
risk avoidance
Worm

18. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
Countermeasures
-oA
symmetric encryption
Vulnerability Management

19. The result of using a private key to encrypt a hash value for identification purposes within a PKI system. The signature can be decoded by the originator's public key - verifying his identity and providing non-repudiation. A valid digital signature g
segment
identity theft
Digital Signature
Fast Ethernet

20. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
Certificate
Traceroute
Syslog
route

21. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.
Trojan Horse
Request for Comments (RFC)
Temporal Key Integrity Protocol (TKIP)
rogue access point

22. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
penetration testing
Macro virus
Authentication Header (AH)
nslookup

23. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
Tiger Team
security by obscurity
Timestamping
risk acceptance

24. A fully qualified domain name consists of a host and domain name - including a top-level domain such as .com - .net - .mil - .edu -and so on.
Asymmetric Algorithm
fully qualified domain name (FQDN)
NetBus
Decryption

25. A device providing temporary - on-demand - point-to-point network access to users.
network access server
security incident response team (SIRT)
Self Replicating
rogue access point

26. A protocol that uses a private key to encrypt data before transmitting confidential documents over the Internet; widely used on e-commerce - banking - and other sites requiring privacy.
Secure Sockets Layer (SSL)
Network Address Translation (NAT)
False Acceptance Rate (FAR)
Syslog

27. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Vulnerability Management
Digital Certificate
POST
Access Creep

28. Hex 10
A
Community String
impersonation
Discretionary Access Control (DAC)

29. A business - government agency - or educational institution that provides access to the Internet.
Information Technology (IT) security architecture and framework
Simple Mail Transfer Protocol (SMTP)
Internet service provider (ISP)
Console Port

30. A Windows-based GUI version of nmap.
Zenmap
Community String
segment
proxy server

31. The process of determining if a network entity (user or service) is legitimate
Authentication
Zone transfer
site survey
GET

32. Name given to expert groups that handle computer security incidents.
Computer Emergency Response Team (CERT)
Asymmetric
rootkit
Archive

33. Using conversation or some other interaction between people to gather useful information.
Directory Traversal
human-based social engineering
Ethernet
network access server

34. 18 U.S.C. 1029
Challenge Handshake Authentication Protocol (CHAP)
Data Encryption Standard (DES)
Possession of access devices
ISO 17799

35. Ping Scan
parallel scan
Tumbling
Defense in Depth
-sP

36. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
stateful packet filtering
proxy server
security kernel
Open System Interconnection (OSI) Reference Model

37. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.
Application-Level Attacks
-sO
Point-to-Point Tunneling Protocol (PPTP)
HIDS

38. A network administration command-line tool available for many operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mappings or any other specific DNS record.
Bluesnarfing
nslookup
local area network (LAN)
-PS

39. UDP Scan
spyware
-sU
Virtual Private Network (VPN)
DNS enumeration

40. Sneaky scan timing
FreeBSD
Anonymizer
Brute-Force Password Attack
serialize scans & 15 sec wait

41. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
Biometrics
Competitive Intelligence
ISO 17799
NT LAN Manager (NTLM)

42. SYN Ping
-PS
Directory Traversal
single loss expectancy (SLE)
honeynet

43. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
hardware keystroke logger
Routing Protocol
network interface card (NIC)
Electronic Code Book (ECB)

44. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
symmetric algorithm
802.11 i
Availability
service level agreements (SLAs)

45. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
Anonymizer
Level I assessment
White Box Testing
Methodology

46. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Filter
Asymmetric Algorithm
No previous knowledge of the network
Zombie

47. A social-engineering attack using computer resources - such as e-mail or IRC.
Traceroute
self encrypting
Computer-Based Attack
Open System Interconnection (OSI) Reference Model

48. The monetary value assigned to an IT asset.
Asymmetric
Information Technology (IT) asset valuation
keylogger
-PT

49. The default network authentication suite of protocols for Windows NT 4.0
Event
Directory Traversal
NT LAN Manager (NTLM)
Baseline

50. A point of reference used to mark an initial state in order to manage change.
Baseline
identity theft
Cracker
SID