SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
hashing algorithm
Collision Domain
404EE
Wired Equivalent Privacy (WEP)
2. A piece of software - provided by the vendor - intended to update or fix known - discovered problems in a computer program or its supporting data.
SOA record
serial scan & 300 sec wait
security defect
patch
3. A text file stored within a browser by a web server that maintains information about the connection. Cookies are used to store information to maintain a unique but consistent surfing experience - but can also contain authentication parameters. Cookie
quality of service (QoS)
Audit Data
Dumpster Diving
Cookie
4. A connectionless - layer 4 transport protocol. UDP is faster than TCP - but offers no reliability. A best effort is made to deliver the data - but no checks and verifications are performed to guarantee delivery. Therefore - UDP is termed a 'connectio
Droppers
Domain Name System (DNS) cache poisoning
User Datagram Protocol (UDP)
ring topology
5. An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.
Warm Site
false rejection rate (FRR)
promiscuous mode
Anonymizer
6. Provides data encryption for IEEE 802.11 wireless networks so data can only be decrypted by the intended recipients.
SYN flood attack
Anonymizer
Wi-Fi Protected Access (WPA)
-sV
7. Security measures - such as a locked door - perimeter fence - or security guard - to prevent or deter physical access to a facility - resource - or information stored on physical media.
Point-to-Point Tunneling Protocol (PPTP)
parallel scan
physical security
-PS
8. A Windows-based GUI version of nmap.
ISO 17799
Event
Zenmap
source routing
9. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Syslog
Hypertext Transfer Protocol Secure (HTTPS)
Daemon
Cryptography
10. A penetration test in which the ethical hacker has limited knowledge of the intended target(s). Designed to simulate an internal - but non-systemadministrator-level attack.
Cookie
SMB
gray box testing
Application Layer
11. A virus designed to infect the master boot record.
Master boot record infector
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
POP 3
Warm Site
12. A social-engineering attack using computer resources - such as e-mail or IRC.
Computer-Based Attack
Replacing numbers in a url to access other files
Minimum acceptable level of risk
false rejection rate (FRR)
13. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
gray hat
Transmission Control Protocol (TCP)
Request for Comments (RFC)
Due Diligence
14. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p
Time exceeded
SOA record
heuristic scanning
symmetric algorithm
15. In computer security - this is an algorithm that uses separate keys for encryption and decryption.
MAC filtering
Filter
qualitative analysis
Asymmetric Algorithm
16. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.
Access Creep
Multipartite virus
Filter
integrity
17. A decision to reduce the potential for damage to or loss of an IT asset by taking some type of action
Minimum acceptable level of risk
Serial Line Internet Protocol (SLIP)
RID Resource identifier
risk avoidance
18. An attack technique that tricks your DNS server into believing it has received authentic information when - in reality - it has been provided fraudulent data. DNS cache poisoning affects user traffic by sending it to erroneous or malicious end points
Defense in Depth
International Organization for Standardization (ISO)
Domain Name System (DNS) cache poisoning
gap analysis
19. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
parallel scan
Level I assessment
hacktivism
-sX
20. Sending packets or requests to another system to gain information to be used to identify weaknesses and protect the system from attacks.
Vulnerability Scanning
Level I assessment
R
Corrective Controls
21. A type of DNS transfer - where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).
Zone transfer
impersonation
Access Creep
rule-based access control
22. A device on a network.
identity theft
node
pattern matching
security bulletins
23. A set of exclusive rights granted by the law of a jurisdiction to the author or creator of an original work - including the right to copy - distribute - and adapt the work.
network operations center (NOC)
Copyright
rootkit
LDAP
24. A type of malware that covertly collects information about a user.
Hacks without permission
-sA
spyware
Collision Domain
25. An approach to restricting system access to authorized users in which roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members of staff (or other system users) are assigned par
Data Link layer
Domain Name System (DNS)
role-based access control
Multipurpose Internet Mail Extensions (MIME)
26. A situation in which an IDS or other sensor triggers on an event as an intrusion attempt - when it was actually legitimate traffic.
Eavesdropping
false negative
firewall
replay attack
27. Any kind of connection that allows you to see all traffic passing by. Generally used in reference to a NIDS (network-based IDS) to monitor all traffic.
halo effect
network tap
A
hacktivism
28. An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.
parameter tampering
RID Resource identifier
remote access
Acknowledgment (ACK)
29. The public portion of an asymmetric key pair typically used to encrypt data or verify signatures. Public keys are shared and are used to encrypt messages.
passive attack
Auditing
public key
Active Attack
30. An attack in which a hacker steps between two ends of an already-established communication session and uses specialized tools to guess sequence numbers to take over the channel.
role-based access control
Address Resolution Protocol (ARP) table
Transmission Control Protocol (TCP)
session hijacking
31. A distance-vector routing protocol that employs the hop count as a routing metric. The 'hold down time -' used to define how long a route is held in memory - is 180 seconds. RIP prevents routing loops by implementing a limit on the number of hops all
Routing Information Protocol (RIP)
Back orifice
Audit Trail
identity theft
32. ICMP Type/Code 8
Echo request
Discretionary Access Control (DAC)
security defect
passive attack
33. An attacker who breaks into computer systems with malicious intent - without the owner's knowledge or permission.
Accountability
NOP
Black Hat
A R
34. A set of rules defined by a system administrator that indicates whether access is allowed or denied to resource objects.
Third Party
site survey
Domain Name System (DNS) lookup
rule-based access control
35. Start of Authority record. This record identifies the primary name server for the zone. The SOA record contains the host name of the server responsible for all DNS records within the namespace - as well as the basic properties of the domain.
Smurf attack
proxy server
RID Resource identifier
SOA record
36. As an identification device becomes more sensitive or accurate - its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal - or cross over.
rule-based access control
Authentication
Interior Gateway Protocol (IGP)
false rejection rate (FRR)
37. Hex 12
Redundant Array of Independent Disks (RAID)
A S
ad hoc mode
Database
38. The means by which a recipient of a message can ensure the identity of the sender and that neither party can deny having sent or received the message. The most common method is through digital certificates.
non-repudiation
integrity
-sV
R
39. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
War Driving
Competitive Intelligence
Request for Comments (RFC)
Mantrap
40. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
Institute of Electrical and Electronics Engineers (IEEE)
Authentication - Authorization - and Accounting (AAA)
Auditing
Target Of Engagement (TOE)
41. A set of hardware - software - people - policies - and procedures needed to create - manage - distribute - use - store - and revoke digital certificates.
public key infrastructure (PKI)
Asynchronous
Confidentiality
Common Internet File System/Server Message Block
42. nmap all output
Asset
sheepdip
-oA
Multipurpose Internet Mail Extensions (MIME)
43. A method of defining what rights and permissions an entity has to a given resource. In networking - Access Control Lists are commonly associated with firewall and router traffic filtering rules.
ping sweep
Virus
route
Access Control List (ACL)
44. A utility that traces a packet from your computer to an Internet host - showing how many hops the packet takes to reach the host and how long the packet requires to complete the hop.
Minimum acceptable level of risk
Traceroute
Internet Control Message Protocol (ICMP)
Ciphertext
45. Safeguards or countermeasures to avoid - counteract - or minimize security risks.
-sL
security controls
human-based social engineering
Kerberos
46. A computer network confined to a relatively small area - such as a single building or campus.
segment
Electronic serial number
Bluesnarfing
local area network (LAN)
47. A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.
Network Basic Input/Output System (NetBIOS)
Electronic Code Book (ECB)
Trapdoor Function
Last In First Out (LIFO)
48. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
separation of duties
Open System Interconnection (OSI) Reference Model
private network address
Password Authentication Protocol (PAP)
49. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Multipurpose Internet Mail Extensions (MIME)
Time Bomb
Cryptography
hot site
50. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
smart card
-PP
sidejacking
Timestamping
