Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The act of dialing all numbers within an organization to discover open modems.






2. Another term for firewalking






3. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.






4. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






5. An early network application that provides information on users currently logged on to a machine.






6. A document describing information security guidelines - policies - procedures - and standards.






7. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.






8. An information assurance strategy in which multiple layers of defense are placed throughout an Information Technology system.






9. Idlescan






10. A nonnumerical - subjective risk evaluation. Used with qualitative assessment (an evaluation of risk that results in ratings of none - low - medium - and high for the probability.)






11. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.






12. ICMP Type/Code 3-13






13. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.






14. A communications protocol used for browsing the Internet.






15. A storage buffer that transparently stores data so future requests for the same data can be served faster.






16. A person or entity indirectly involved in a relationship between two principles.






17. The lack of clocking (imposed time ordering) on a bit stream.






18. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.






19. Controls to detect anomalies or undesirable events occurring on a system.






20. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






21. The process of pinging each address within a subnet to map potential targets. Ping sweeps are unreliable and easily detectable - but very fast.






22. Hex 12






23. The art and science of creating a covert message or image within another message - image - audio - or video file.






24. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






25. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.






26. FIN Scan






27. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can






28. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.






29. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.






30. A virus that plants itself in a system's boot sector and infects the master boot record.






31. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par






32. Network Scanning






33. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.






34. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






35. The combination of all IT assets - resources - components - and systems.






36. A collection of historical records or the place where they are kept. In computing - an archive generally refers to backup copies of logs and/or data.






37. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






38. An attack that exploits the common mistake many people make when installing operating systems






39. A section or subset of the network. Often a router or other routing device provides the end point of the segment.






40. 18 U.S.C. 1030






41. A device on a network.






42. LAN standard - defined by ANSI X3T9.5 - specifying a 100Mbps token-passing network using fiber-optic cable and a dualring architecture for redundancy - with transmission distances of up to two kilometers.






43. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






44. Port 135






45. A wireless networking mode where all clients connect to the wireless network through a central access point.






46. A method in cryptography by which cryptographic keys are exchanged between users - allowing use of a cryptographic algorithm (for example - the Diffie-Hellman key exchange).






47. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






48. Hex 10






49. ICMP Type/Code 3






50. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi