Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c
Buffer Overflow
Fraud and related activity in connection with computers
Threat
Redundant Array of Independent Disks (RAID)

2. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.
integrity
security defect
Hierarchical File System (HFS)
Audit Data

3. A principle in security engineering that attempts to use anonymity and secrecy (of design - implementation - and so on) to provide security; the footprint of the organization - entity - network - or system is kept as small as possible to avoid intere
Simple Network Management Protocol (SNMP)
SMB
Assessment
security by obscurity

4. A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.
risk acceptance
Exploit
Vulnerability
limitation of liability and remedies

5. Layer 2 of the OSI reference model. This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing - network topology - access to the network medium - error detection - sequential delive
Data Link layer
Filter
Internet Protocol (IP)
SID

6. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
encapsulation
ring topology
fully qualified domain name (FQDN)
Collision Domain

7. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.
-oN
POP 3
protocol stack
Audit Trail

8. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
encryption
reverse lookup; reverse DNS lookup
Covert Channel
Macro virus

9. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).
Digital Certificate
Zone transfer
DNS
EDGAR database

10. A group of penetration testers that assess the security of an organization - which is often unaware of the existence of the team or the exact assignment.
role-based access control
social engineering
Detective Controls
red team

11. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
Banner Grabbing
parallel scan
Biometrics
Whois

12. A section or subset of the network. Often a router or other routing device provides the end point of the segment.
Malware
OpenBSD
Level III assessment
segment

13. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
The automated process of proactively identifying vulnerabilities of computing systems present in a network
Console Port
Eavesdropping
Whois

14. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
local area network (LAN)
Boot Sector Virus
Request for Comments (RFC)
Vulnerability Assessment

15. A term trademarked by the Wi-Fi Alliance - used to define a standard for devices to use to connect to a wireless network.
Wi-Fi
CNAME record
security kernel
Information Technology (IT) asset valuation

16. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
Tiger Team
fragmentation
Transport Layer Security (TLS)
MD5

17. A computer process that requests a service from another computer and accepts the server's responses.
Client
FTP
Daisy Chaining
Electronic Code Book (ECB)

18. Hex 12
Dumpster Diving
reverse lookup; reverse DNS lookup
gap analysis
A S

19. The secret portion of an asymmetric key pair typically used to decrypt or digitally sign data. The private key is never shared and is always used for decryption - with one notable exception: The private key is used to encrypt the digital signature.
Written Authorization
Post Office Protocol 3 (POP3)
private key
Wi-Fi

20. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a
Demilitarized Zone (DMZ)
-sR
Secure Multipurpose Mail Extension (S/MIME)
MD5

21. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.
FreeBSD
Time To Live (TTL)
Wireless Local Area Network (WLAN)
script kiddie

22. A wireless LAN device that acts as a central point for all wireless traffic. The AP is connected to both the wireless LAN and the wired LAN - providing wireless clients access to network resources.
Access Point (AP)
packet filtering
Vulnerability Scanning
Packet Internet Groper (ping)

23. A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is - clearance) of users to access information of such sensi
Countermeasures
Mandatory access control (MAC)
Dumpster Diving
fully qualified domain name (FQDN)

24. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
Open System Interconnection (OSI) Reference Model
security by obscurity
private network address
shrink-wrap code attacks

25. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
Authentication Header (AH)
NetBSD
Collision
local area network (LAN)

26. Black hat
Asymmetric
Simple Mail Transfer Protocol (SMTP)
Ciphertext
Hacks without permission

27. The lack of clocking (imposed time ordering) on a bit stream.
Asynchronous
Malicious code
risk
Wrapper

28. A person or entity indirectly involved in a relationship between two principles.
Third Party
Echo Reply
-sR
Backdoor

29. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
Interior Gateway Protocol (IGP)
Bug
Information Technology (IT) asset valuation
ISO 17799

30. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Routing Protocol
-oA
false rejection rate (FRR)
Demilitarized Zone (DMZ)

31. An Application layer protocol for sending electronic mail between servers.
Extensible Authentication Protocol (EAP)
802.11
personal identification number (PIN)
Simple Mail Transfer Protocol (SMTP)

32. A Canonical Name record within DNS - used to provide an alias for a domain name.
fully qualified domain name (FQDN)
CNAME record
-sS
International Organization for Standardization (ISO)

33. A configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just frames addressed to it
promiscuous mode
Wired Equivalent Privacy (WEP)
sidejacking
ECHO reply

34. A string used for authentication in SNMP. The public community string is used for read-only searches - whereas the private community string is used for read/write. Community strings are transmitted in clear text in SNMPv1. SNMPv3 provides encryption
Presentation layer
Community String
Ciphertext
reverse social engineering

35. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.
Zenmap
Network Basic Input/Output System (NetBIOS)
Information Technology (IT) asset criticality
Collision

36. Independent review and examination of records and activities to assess the adequacy of system controls - to ensure compliance with established policies and operational procedures - and to recommend necessary changes.
audit
XOR Operation
role-based access control
Internal access to the network

37. don't ping
SNMP
Time To Live (TTL)
-P0
key exchange protocol

38. Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones - PDAs - or laptop computers.
SYN flood attack
proxy server
separation of duties
Bluejacking

39. Port 137/138/139
security breach or security incident
false rejection rate (FRR)
SMB
human-based social engineering

40. ICMP Type/Code 3
--randomize_hosts -O OS fingerprinting
Destination Unreachable
stream cipher
hardware keystroke logger

41. A method of permitting only MAC addresses in a preapproved list network access. Addresses not matching are blocked.
Network Address Translation (NAT)
Sign in Seal
limitation of liability and remedies
MAC filtering

42. Name given to expert groups that handle computer security incidents.
Hacks with permission
public key
Virtual Local Area Network (VLAN)
Computer Emergency Response Team (CERT)

43. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
Annualized Loss Expectancy (ALE)
Cracker
Console Port
Copyright

44. A program designed to browse websites in an automated - methodical manner. Sometimes these programs are used to harvest information from websites - such as e-mail addresses.
footprinting
public key infrastructure (PKI)
Web Spider
Internal access to the network

45. ICMP Netmask
Administratively Prohibited
-PM
Address Resolution Protocol (ARP)
White Box Testing

46. Port 53
serialize scans & 0.4 sec wait
DNS
Due Care
Back orifice

47. The process of recording activity on a system for monitoring and later review.
single loss expectancy (SLE)
Auditing
Web Spider
U P F

48. The default network authentication suite of protocols for Windows NT 4.0
Destination Unreachable
Lightweight Directory Access Protocol (LDAP)
NT LAN Manager (NTLM)
suicide hacker

49. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Lightweight Directory Access Protocol (LDAP)
Institute of Electrical and Electronics Engineers (IEEE)
Service Set Identifier (SSID)
asynchronous transmission

50. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
Uniform Resource Locator (URL)
Fraud and related activity in connection with computers
security defect
SYN flood attack