Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A means of exchanging information from one entity to another using a process that does not provide an attacker the opportunity to reorder - delete - insert - or read information.






2. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.






3. ex 02






4. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.






5. A wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator - or has been created to allow a hacker to conduct a man-in-the-middle attack.






6. The directory service created by Microsoft for use on itsnetworks. Provides a variety of network services using Lightweight Directory Access Protocol (LDAP) - Kerberos-based authentication - and single sign-on for user access to network-based resourc






7. Metamorphic Virus






8. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.






9. A step-by-step method of solving a problem. In computing security - an algorithm is a set of mathematical rules (logic) for the process of encryption and decryption






10. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






11. Host-based IDS. An IDS that resides on the host - protecting against file and folder manipulation and other host-based attacks and actions.






12. Malware designed to install some sort of virus - backdoor - and so on - on a target system.






13. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.






14. Describes practices in production and development that promote access to the end product's source materials.






15. A portion of memory used to temporarily store output or input data.






16. A utility that sends an ICMP Echo message to determine if a specific IP address is accessible; if the message receives a reply - the address is reachable.






17. Self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal.






18. SYN Ping






19. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






20. A backup facility with the electrical and physical components of a computer facility - but with no computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user has to move from his main






21. Black hat






22. A computer network confined to a relatively small area - such as a single building or campus - in which devices connect through high-frequency radio waves using IEEE standard 802.11.






23. Monitoring of telephone or Internet conversations - typically by covert means.






24. A protocol that allows a client computer to request services from a server and the server to return the results.






25. A pen testing method where the attacker knows all information about the internal network. It is designed to simulate an attack by a disgruntled systems administrator - or similar level.






26. A cryptographic attack where bits are manipulated in the ciphertext itself to generate a predictable outcome in the plaintext once it is decrypted.






27. Microsoft SID 500






28. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.






29. Xmas Tree scan






30. A protocol for transporting data packets across a packet switched internetwork (such as the Internet). IP is a routed protocol.






31. An Internet Protocol Security (IPSec) header used to verify that the contents of a packet have not been modified while the packet was in transit.






32. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






33. The act of dialing all numbers within an organization to discover open modems.






34. A biometric device that uses pattern-recognition techniques based on images of the irises of an individual's eyes.






35. Text or data in its encrypted form; the result of plaintext being input into a cryptographic algorithm.






36. Insane scan timing






37. A method of evaluating the security of a computer system or network by simulating an attack from a malicious source.






38. In regard to hash algorithms - this occurs when two or more distinct inputs produce the same output.






39. The process of using an application to remotely identify open ports on a system (for example - whether systems allow connections through those ports).






40. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.






41. Wireless LAN standards created by IEEE. 802.11a runs at up to 54Mbps at 5GHz - 802.11b runs at 11Mbps at 2.4GHz - 802.11g runs at 54Mbps at 2.4GHz - and 802.11n can run upwards of 150MBps.






42. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.






43. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.






44. A method of network traffic filtering that monitors the entire communications process - including the originator of the session and from which direction it started.






45. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






46. A small space having two sets of interlocking doors; the first set of doors must close before the second set opens. Typically authentication is required for each door - often using different factors. For example - a smart card may open the first door






47. Phases of an attack






48. Paranoid scan timing






49. Hex 14






50. A simple PPP authentication mechanism in which the user name and password are transmitted in clear text to prove identity. PAP compares the user name and password to a table listing authorized users.