Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Injecting traffic into the network to identify the operating system of a device.






2. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






3. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






4. A computer virus that infects and spreads in multiple ways.






5. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption






6. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.






7. CAN-SPAM






8. RPC Scan






9. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






10. Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event.






11. An attack where the hacker repeats a portion of a cryptographic exchange in hopes of fooling the system into setting up a communications channel.






12. IP Protocol Scan






13. Hex 12






14. Calculations of two components of risk: R - the magnitude of the potential loss (L) - and the probability - p - that the loss will occur.






15. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.






16. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is






17. A social-engineering attack using computer resources - such as e-mail or IRC.






18. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






19. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.






20. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






21. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa






22. An adapter that provides the physical connection to send and receive data between the computer and the network media.






23. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.






24. The act of using numerous electronic serial numbers on a cell phone until a valid number is located.






25. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






26. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






27. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information






28. A Canonical Name record within DNS - used to provide an alias for a domain name.






29. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.






30. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.






31. A communications path - such as the Internet - authorized for data transmission within a computer system or network.






32. The basis of this kind of security is that an individual user - or program operating on the user's behalf - is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the use






33. 18 U.S.C. 1029






34. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.






35. An international organization composed of national standards bodies from over 75 countries. Developed the OSI reference model.






36. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.






37. A person or entity indirectly involved in a relationship between two principles.






38. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the






39. Cracking Tools






40. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






41. Port 88






42. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.






43. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.






44. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






45. ICMP Ping






46. TCP connect() scan






47. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.






48. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.






49. A computer network confined to a relatively small area - such as a single building or campus.






50. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests