SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Port 88
Kerberos
Packet Internet Groper (ping)
Tunneling
-sU
2. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
rule-based access control
Hierarchical File System (HFS)
National Security Agency
security controls
3. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
Macro virus
Bit Flipping
Temporal Key Integrity Protocol (TKIP)
Possession of access devices
4. An Application layer protocol for sending electronic mail between servers.
Simple Mail Transfer Protocol (SMTP)
nslookup
Bug
XOR Operation
5. Controls internal to a system designed to resolve vulnerabilities and errors soon after they arise.
Corrective Controls
Information Technology (IT) security architecture and framework
Last In First Out (LIFO)
protocol stack
6. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination
packet filtering
False Acceptance Rate (FAR)
Presentation layer
Redundant Array of Independent Disks (RAID)
7. A storage buffer that transparently stores data so future requests for the same data can be served faster.
Level III assessment
Cache
spoofing
Virus Hoax
8. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
segment
-sA
quantitative risk assessment
Eavesdropping
9. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
Bluejacking
Wi-Fi Protected Access (WPA)
keylogger
Possession of access devices
10. A business - government agency - or educational institution that provides access to the Internet.
false rejection rate (FRR)
Internet service provider (ISP)
flood
Competitive Intelligence
11. The science or study of protecting information - whether in transit or at rest - by using techniques to render the information unusable to anyone who does not possess the means to decrypt it.
operating system attack
Simple Object Access Protocol (SOAP)
integrity
Cryptography
12. Incremental Substitution
RPC-DCOM
Domain Name System (DNS) lookup
Block Cipher
Replacing numbers in a url to access other files
13. A computer virus that infects and spreads in multiple ways.
Defines legal email marketing
Multipartite virus
rootkit
single loss expectancy (SLE)
14. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
hardware keystroke logger
Challenge Handshake Authentication Protocol (CHAP)
Level I assessment
Hypertext Transfer Protocol Secure (HTTPS)
15. Port 110
Transmission Control Protocol (TCP)
POP 3
flood
single loss expectancy (SLE)
16. The combination of all IT assets - resources - components - and systems.
Information Technology (IT) infrastructure
Web Spider
Audit Data
Replacing numbers in a url to access other files
17. The steps taken to gather evidence and information on the targets you wish to attack.
parallel scan
reconnaissance
Computer Emergency Response Team (CERT)
Interior Gateway Protocol (IGP)
18. A group of people - gathered together by a business entity - working to address a specific problem or goal.
-PM
Tiger Team
security by obscurity
Vulnerability Assessment
19. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
No previous knowledge of the network
Back orifice
patch
promiscuous mode
20. Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or eight-digit hexadecimal number.
Antivirus (AV) software
LDAP
Electronic serial number
Electronic Code Book (ECB)
21. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory
RxBoot
Console Port
Port Address Translation (PAT)
reconnaissance
22. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
Black Box Testing
ISO 17799
Bluejacking
parallel scan
23. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.
private key
Blowfish
false negative
protocol stack
24. An attack where the hacker positions himself between the client and the server - to intercept (and sometimes alter) data traveling between the two.
Simple Mail Transfer Protocol (SMTP)
Man-in-the-middle attack
Algorithm
symmetric algorithm
25. ICMP Timestamp
Due Care
parallel scan
-PP
DNS enumeration
26. A proprietary - open - wireless technology used for transferring data from fixed and mobile devices over short distances.
A
Bluetooth
Ethical Hacker
War Dialing
27. An HTTP command to transmit text to a web server for processing. The opposite of an HTTP GET.
footprinting
-sT
Three-Way (TCP) Handshake
POST
28. A protocol used for sending and receiving log information for nodes on a network.
Syslog
National Security Agency
public key
out-of-band signaling
29. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Demilitarized Zone (DMZ)
Whois
script kiddie
Virtual Local Area Network (VLAN)
30. A routing protocol developed to be used within a single organization.
Interior Gateway Protocol (IGP)
routed protocol
Directory Traversal
404EE
31. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.
Banner Grabbing
protocol
SOA record
Packet Internet Groper (ping)
32. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
reverse lookup; reverse DNS lookup
Zombie
Certificate
Mandatory access control (MAC)
33. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
Rijndael
Post Office Protocol 3 (POP3)
-sW
-sU
34. A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information. The EDGAR database performs automated collection - validation - indexing - acceptance - and forwarding of submiss
quality of service (QoS)
EDGAR database
audit
hacktivism
35. In a classful IPv4 subnet - this is the network number with all binary 0s in the subnet part of the number. When written in decimal - the zero subnet has the same number as the classful network number.
fully qualified domain name (FQDN)
pattern matching
Zero Subnet
Brute-Force Password Attack
36. The act of dialing all numbers within an organization to discover open modems.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
War Dialing
Tunnel
Temporal Key Integrity Protocol (TKIP)
37. Port 22
SSH
EDGAR database
Multipurpose Internet Mail Extensions (MIME)
-oA
38. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.
Covert Channel
-sP
out-of-band signaling
private key
39. White hat
Hacks with permission
fully qualified domain name (FQDN)
service level agreements (SLAs)
Application-Level Attacks
40. A social-engineering attack that manipulates the victim into calling the attacker for help.
Acknowledgment (ACK)
War Driving
port scanning
reverse social engineering
41. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.
network operations center (NOC)
Access Control List (ACL)
Defines legal email marketing
enumeration
42. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
gray box testing
Community String
Access Creep
Access Control List (ACL)
43. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.
security kernel
Overwhelm CAM table to convert switch to hub mode
footprinting
Level II assessment
44. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
Wide Area Network (WAN)
hacktivism
Packet Internet Groper (ping)
flood
45. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Master boot record infector
serial scan & 300 sec wait
Dumpster Diving
46. Weakness in an information system - system security procedures - internal controls - or implementation that could be exploited or triggered by a threat source.
Redundant Array of Independent Disks (RAID)
Virus Hoax
Vulnerability
security defect
47. A security protocol used in IEEE 802.11i to replace WEP without the requirement to replace legacy hardware.
A procedure for identifying active hosts on a network.
initial sequence number (ISN)
Temporal Key Integrity Protocol (TKIP)
human-based social engineering
48. Hex 12
Community String
War Chalking
Videocipher II Satellite Encryption System
A S
49. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
FTP
risk
security by obscurity
Archive
50. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
Client
Virtual Private Network (VPN)
port knocking
Institute of Electrical and Electronics Engineers (IEEE)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests