Test your basic knowledge |

CEH: Certified Ethical Hacker

Subjects : certifications, ceh, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
Directory Traversal
Trusted Computer Base (TCB)
private key
Archive

2. A data encryption/decryption program often used for e-mail and file storage.
Pretty Good Privacy (PGP)
ring topology
integrity
single loss expectancy (SLE)

3. A software or hardware defect that often results in system vulnerabilities.
Domain Name System (DNS) lookup
Bug
-P0
network access server

4. An agreement between the penetration tester and the client detailing the activities the tester is permitted to perform.
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
--randomize_hosts -O OS fingerprinting
Kerberos
Written Authorization

5. Shifting responsibility from one party to another
Whois
halo effect
security incident response team (SIRT)
risk transference

6. A standard that provides best-practice recommendations on information security management for use by those responsible for initiating - implementing - or maintaining Information Security Management Systems (ISMS). Information security is defined with
ISO 17799
Blowfish
rule-based access control
Timestamping

7. A method of external testing whereby several systems or resources are used together to effect an attack.
Daisy Chaining
firewall
Internal access to the network
-sU

8. A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services. In this way - IP addresses of machines on your internal network are
Network Address Translation (NAT)
Real application encompassing Trojan
-sV
Domain Name

9. The process of transforming ciphertext into plaintext through the use of a cryptographic algorithm.
Decryption
intranet
Bug
Application Layer

10. ICMP Timestamp
intranet
-sT
-PP
Application-Level Attacks

11. Occurs when authorized users accumulate excess privileges on a system due to moving from position to position.
smart card
hardware keystroke logger
Access Creep
flood

12. The process of sending a packet or frame toward the destination. In a switch - messages are forwarded only to the port they are addressed to.
firewalking
proxy server
forwarding
Black Hat

13. TCP connect() scan
risk assessment
-sT
Backdoor
risk acceptance

14. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.
Contingency Plan
Hypertext Transfer Protocol (HTTP)
personal identification number (PIN)
symmetric encryption

15. A cyber attacker who acts without permission from - and gives prior notice to - the resource owner. Also known as a malicious hacker.
Cracker
Audit Trail
-b
gap analysis

16. Actions - devices - procedures - techniques - or other measures intended to reduce the vulnerability of an information system.
queue
shoulder surfing
script kiddie
Countermeasures

17. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
-sF
Ethernet
penetration testing
Internet Assigned Number Authority (IANA)

18. FIN Scan
Methodology
-sF
Hierarchical File System (HFS)
Malware

19. A network system of servers that translates numeric Internet Protocol (IP) addresses into human-friendly - hierarchical Internet addresses - and vice versa.
NetBSD
polymorphic virus
promiscuous mode
Domain Name System (DNS)

20. A secret - typically consisting of only decimal digits - that a claimant memorizes and uses to authenticate his identity
personal identification number (PIN)
Telnet
Finding a directory listing and gaining access to a parent or root file for access to other files
Audit Data

21. ICMP Type/Code 11
Time exceeded
Tunnel
Domain Name System (DNS) cache poisoning
impersonation

22. The condition of a resource being ready for use and accessible by authorized users.
MAC filtering
limitation of liability and remedies
Availability
Malware

23. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.
Computer-Based Attack
Routing Information Protocol (RIP)
Bluesnarfing
impersonation

24. ICMP Type/Code 3-13
Time exceeded
Administratively Prohibited
Virtual Local Area Network (VLAN)
Black Box Testing

25. The level of importance assigned to an IT asset
port knocking
Domain Name System (DNS)
integrity
Information Technology (IT) asset criticality

26. A protocol for exchanging packets over a serial line.
Discretionary Access Control (DAC)
-sT
Exploit
Serial Line Internet Protocol (SLIP)

27. List Scan
risk assessment
secure channel
-sL
Internet Assigned Number Authority (IANA)

28. A mode of operation in a wireless LAN in which clients send data directly to one another without utilizing a wireless access point (WAP) - much like a point-to-point wired connection.
Sign in Seal
Web Spider
inference attack
ad hoc mode

29. A nonroutable IP address range intended for use only within the confines of a single organization - falling within the predefined ranges of 10.0.0.0 - 172.16-31.0.0 - or 192.168.0.0.
private network address
Collision
Wi-Fi
Digital Certificate

30. A remote control program in which the client runs on a local computer and connects to a remote server on a network. Commands entered locally are executed on the remote system.
Telnet
A procedure for identifying active hosts on a network.
Access Creep
Point-to-Point Tunneling Protocol (PPTP)

31. When an authorized person allows (intentionally or unintentionally) someone to pass through a secure door - despite the fact that the intruder does not have a badge.
OpenBSD
piggybacking
Event
-sF

32. Phases of an attack
impersonation
hardware keystroke logger
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
Open System Interconnection (OSI) Reference Model

33. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.
Trapdoor Function
keylogger
Vulnerability Management
Database

34. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.
spoofing
Buffer Overflow
Buffer
gap analysis

35. An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
Simple Network Management Protocol (SNMP)
heuristic scanning
rule-based access control
Banner Grabbing

36. A well-known and studied phenomenon of human nature - whereby a single trait influences the perception of other traits.
Defense in Depth
halo effect
audit
Simple Object Access Protocol (SOAP)

37. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.
End User Licensing Agreement (EULA)
Demilitarized Zone (DMZ)
Mantrap
SMB

38. A business - government agency - or educational institution that provides access to the Internet.
Asymmetric
Internet service provider (ISP)
Asset
Authentication Header (AH)

39. A virus designed to infect the master boot record.
Master boot record infector
Traceroute
Daemon
Fast Ethernet

40. An e-mail message warning users of a nonexistent virus and encouraging them to pass on the message to other users.
Internet service provider (ISP)
Virus Hoax
Level III assessment
Service Set Identifier (SSID)

41. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
reconnaissance
Interior Gateway Protocol (IGP)
Directory Traversal
reverse lookup; reverse DNS lookup

42. A three-step process computers execute to negotiate a connection with one another. The three steps are SYN - SYN/ACK - ACK.
social engineering
Three-Way (TCP) Handshake
-oG
Media Access Control (MAC)

43. NSA
National Security Agency
Zenmap
separation of duties
security controls

44. Hex 29
Due Diligence
U P F
Daemon
Accountability

45. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Copyright
Multipurpose Internet Mail Extensions (MIME)
Due Diligence
Hacks with permission

46. A command used in HTTP and FTP to retrieve a file from a server.
GET
null session
port scanning
Bluejacking

47. The process of determining if a network entity (user or service) is legitimate
security defect
Pretty Good Privacy (PGP)
Authentication
White Box Testing

48. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
Bluesnarfing
Threat
Level II assessment
Challenge Handshake Authentication Protocol (CHAP)

49. A VPN tunneling protocol with encryption. PPTP connects two nodes in a VPN by using one TCP port for negotiation and authentication and one IP protocol for data transfer.
Droppers
Point-to-Point Tunneling Protocol (PPTP)
INFOSEC Assessment Methodology (IAM)
Access Control List (ACL)

50. An evaluation consisting of a document review - interviews - and demonstrations - as well as vulnerability scans and hands-on testing.
Denial of Service (DoS)
Level II assessment
honeypot
XOR Operation