Test your basic knowledge |

CEH: Certified Ethical Hacker

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.






2. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p






3. don't ping






4. Idlescan






5. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.






6. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.






7. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col






8. The change or growth of a project's scope






9. A denial-of-service technique that uses numerous hosts to perform the attack.






10. The art and science of creating a covert message or image within another message - image - audio - or video file.






11. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori






12. Black hat






13. An unknown deficiency in software or some other product that results in a security vulnerability being identified.






14. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.






15. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.






16. Port 88






17. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).






18. Black box test






19. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.






20. A documented process for a procedure designed to be consistent - repeatable - and accountable.






21. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.






22. Port Scanning

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


23. ICMP Timestamp






24. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.






25. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.






26. A group of people - gathered together by a business entity - working to address a specific problem or goal.






27. SYN Ping






28. Ports 20/21






29. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra






30. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.






31. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.






32. A social-engineering attack using computer resources - such as e-mail or IRC.






33. Incremental Substitution






34. Shifting responsibility from one party to another






35. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.






36. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr






37. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi






38. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public






39. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.






40. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.






41. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.






42. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.






43. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.






44. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination






45. A software or hardware application or device that captures user keystrokes.






46. Cracking Tools






47. A routing protocol developed to be used within a single organization.






48. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private






49. The monetary loss that can be expected for an asset due to risk over a one-year period. ALE is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as ALE = ARO






50. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests