SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Freely and readily available information on an organization that can be gathered by a business entity about its competitor's customers - products - and marketing - and can be used by an attacker to build useful information for further attacks.
Man-in-the-middle attack
Hacks with permission
Competitive Intelligence
penetration testing
2. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).
port scanning
File Transfer Protocol (FTP)
-sX
Detective Controls
3. The level of importance assigned to an IT asset
Defense in Depth
infrastructure mode
Finding a directory listing and gaining access to a parent or root file for access to other files
Information Technology (IT) asset criticality
4. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption
promiscuous mode
-sT
Algorithm
GET
5. An attack that exploits the common mistake many people make when installing operating systems
Simple Object Access Protocol (SOAP)
operating system attack
Real application encompassing Trojan
Interior Gateway Protocol (IGP)
6. Traffic-passing technique used by bridges and switches in which traffic received on an interface is sent out all interfaces on the device except the interface on which the information was originally received. Traffic on a switch is flooded when it is
-sI
Black Box Testing
Auditing
flood
7. A NAT method in which multiple internal hosts - using private IP addressing - can be mapped through a single public IP address using the session IDs and port numbers. An internal global IP address can support in excess of 65 -000 concurrent TCP and U
Telnet
Port Address Translation (PAT)
SYN attack
Detective Controls
8. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main
Cold Site
Vulnerability Management
Tumbling
Detective Controls
9. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Cookie
suicide hacker
Brute-Force Password Attack
gray box testing
10. Polite scan timing
Information Technology (IT) infrastructure
-PP
Acceptable Use Policy (AUP)
serialize scans & 0.4 sec wait
11. Hex 14
ring topology
Block Cipher
A R
Asynchronous
12. An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier - but does not alter the data (in other words - eavesdropping).
passive attack
Virus Hoax
Authorization
Simple Mail Transfer Protocol (SMTP)
13. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Fraud and related activity in connection with computers
-PM
HTTP
Multipurpose Internet Mail Extensions (MIME)
14. A card with a built-in microprocessor and memory used for identification or financial transactions. The card transfers data to and from a central computer when inserted into a reader.
Availability
XOR Operation
smart card
parameter tampering
15. A class of algorithms for cryptography that use the same cryptographic key for both decryption and encryption.
Tunneling
private key
self encrypting
symmetric algorithm
16. A computer file system architecture used in Windows - OS/2 - and most memory cards.
CAM table
File Allocation Table (FAT)
-PT
Common Internet File System/Server Message Block
17. A self-replicating malicious program that attempts installation beneath antivirus software by directly intercepting the interrupt handlers of the operating system to evade detection.
Bluejacking
Tunneling Virus
Address Resolution Protocol (ARP) table
rule-based access control
18. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Dumpster Diving
network operations center (NOC)
Cracker
Decryption
19. A free and popular version of the Unix operating system.
FreeBSD
impersonation
hash
heuristic scanning
20. Establish Null Session
net use \[target ip]IPC$ '' /user:''
hashing algorithm
Institute of Electrical and Electronics Engineers (IEEE)
Community String
21. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
physical security
Collision
risk
22. ACK Scan
Internet service provider (ISP)
-sA
Algorithm
Written Authorization
23. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
LDAP
payload
404EE
Vulnerability Management
24. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Time Bomb
Digital Watermarking
SID
Address Resolution Protocol (ARP)
25. A device that provides access between two or more networks. Gateways are typically used to connect dissimilar networks.
gateway
Warm Site
Mantrap
Time exceeded
26. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.
Bit Flipping
Audit Data
SID
Exposure Factor
27. A method for detecting malicious code on a computer where the files are compared to signatures of known viruses stored in a database.
signature scanning
role-based access control
reconnaissance
-P0
28. Nmap normal output
-oN
A R
Bug
Detective Controls
29. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
Copyright
-p <port ranges>
proxy server
A R
30. The monetary value assigned to an IT asset.
Transmission Control Protocol (TCP)
spoofing
Information Technology (IT) asset valuation
Active Fingerprinting
31. Policy stating what users of a system can and cannot do with the organization's assets.
Acceptable Use Policy (AUP)
Zenmap
security defect
risk transference
32. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.
Google hacking
White Box Testing
logic bomb
Malicious code
33. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
Bit Flipping
gap analysis
Simple Mail Transfer Protocol (SMTP)
Asymmetric Algorithm
34. A group of experts that handles computer security incidents.
security incident response team (SIRT)
suicide hacker
Brute-Force Password Attack
Zero Subnet
35. The software product or system that is the subject of an evaluation.
-oA
rootkit
Target Of Engagement (TOE)
net use \[target ip]IPC$ '' /user:''
36. An international encoding standard - working within multiple languages and scripts - that represents each letter - digit - or symbol with a unique numeric value that applies across different platforms.
red team
Written Authorization
identity theft
Unicode
37. Hex 12
A S
MAC filtering
Audit Data
Trusted Computer Base (TCB)
38. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Smurf attack
CAM table
Lightweight Directory Access Protocol (LDAP)
proxy server
39. The art and science of creating a covert message or image within another message - image - audio - or video file.
Droppers
Whois
steganography
pattern matching
40. The act of dialing all numbers within an organization to discover open modems.
Media Access Control (MAC)
War Dialing
Tunneling Virus
A procedure for identifying active hosts on a network.
41. An announcement - typically from a software vendor - of a known security vulnerability in a program; often the bulletin contains instructions for the application of a software patch.
-sW
Level II assessment
network access server
security bulletins
42. A file system used by the Mac OS.
inference attack
Hierarchical File System (HFS)
Methodology
firewall
43. A connection-oriented - layer 4 protocol for transporting data over network segments. TCP is considered reliable because it guarantees delivery and the proper reordering of transmitted packets. This protocol is used for most long-haul traffic on the
SAM
symmetric algorithm
Transmission Control Protocol (TCP)
Pretty Good Privacy (PGP)
44. Port 88
Overwhelm CAM table to convert switch to hub mode
Asymmetric Algorithm
Kerberos
Level I assessment
45. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
spam
Collision Domain
Echo request
Trapdoor Function
46. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
Blowfish
source routing
--randomize_hosts -O OS fingerprinting
Finding a directory listing and gaining access to a parent or root file for access to other files
47. Ports 20/21
Active Attack
Vulnerability Assessment
promiscuous mode
FTP
48. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
forwarding
hacktivism
proxy server
Level I assessment
49. A standard developed to enable routers to exchange messages containing information about routes to reach subnets in the network.
Tumbling
serialize scans & 15 sec wait
Level II assessment
Routing Protocol
50. Computer software or hardware that can intercept and log traffic passing over a digital network.
Packet Internet Groper (ping)
sniffer
promiscuous mode
Biometrics
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests