Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.






2. An evaluation conducted to determine the potential for damage to or loss of an IT asset.






3. A string that represents the location of a web resource






4. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






5. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.






6. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.






7. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra






8. A partially protected zone on a network - not exposed to the full fury of the Internet - but not fully behind the firewall. This technique is typically used on parts of the network that must remain open to the public (such as a web server) but must a






9. A brand name of analog scrambling and de-scrambling equipment for cable and satellite television - invented primarily to keep consumer Television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.






10. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).






11. The process of embedding information into a digital signal in a way that makes it difficult to remove.






12. A limited-function version of the Internetworking Operating System (IOS) - held in read-only memory in some earlier models of Cisco devices - capable of performing several seldom-needed low-level functions such as loading a new IOS into Flash memory






13. A set of related communications protocols operating together as a group to address communication at some or all of the seven layers of the OSI reference model.






14. IP Protocol Scan






15. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.






16. A hybrid of the HTTP and SSL/TLS protocols that provides encrypted communication and secure identification of a web server.






17. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response






18. Content Addressable Memory table. Holds all the MAC-address-to-port mappings on a switch.






19. Attacks on the actual programming code of an application.






20. A type 0 ICMP message used to reply to ECHO requests. Used with ping to verify network layer connectivity between hosts.






21. ICMP Type/Code 8






22. nmap






23. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






24. White hat






25. Safeguards or countermeasures to avoid - counteract - or minimize security risks.






26. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points






27. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.






28. Xmas Tree scan






29. Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality - integrity - or availability of an information system. A virus - worm - Trojan horse - or other code-based entity that infects a






30. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






31. Another term for firewalking






32. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.






33. A value assigned to uniquely identify a single wide area network (WAN) in wireless LANs. SSIDs are broadcast by default - and are sent in the header of every packet. SSIDs provide no encryption or security.






34. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.






35. An outdated symmetric cipher encryption algorithm - previously U.S. government-approved and used by business and civilian government agencies. DES is no longer considered secure due to the ease with which the entire keyspace can be attempted using mo






36. Hashing algorithm that results in a 128-bit output.






37. The process of a system providing a fully qualified domain name (FQDN) to a local name server - for resolution to its corresponding IP address.






38. Hex 12






39. TCP connect() scan






40. A host designed to collect data on suspicious activity.






41. Normal scan timing






42. Malicious code that uses a polymorphic engine to mutate while keeping the original algorithm intact; the code changes itself each time it runs - but the function of the code will not change.






43. A data encryption/decryption program often used for e-mail and file storage.






44. A type of encryption where the same key is used to encrypt and decrypt the message.






45. An attack in which the hacker can derive information from the ciphertext without actually decoding it. Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.






46. Terminal Access Controller Access-Control System. A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.






47. A free and popular version of the Unix operating system.






48. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).






49. A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).






50. A small Trojan program that listens on port 777.