SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A networking configuration where all nodes are connected in a circle with no terminated ends on the cable.
remote procedure call (RPC)
Fast Ethernet
false rejection rate (FRR)
ring topology
2. Physical socket provided on routers and switches for cable connections between a computer and the router/switch. This connection enables the computer to configure - query - and troubleshoot the router/switch by use of a terminal emulator and a comman
audit
parallel scan
Eavesdropping
Console Port
3. Normal scan timing
risk
Finger
parallel scan
404EE
4. Authentication confirms the identity of the user or device. Authorization determines the privileges (rights) of the user or device. Accounting records the access attempts - both successful and unsuccessful.
hardware keystroke logger
spoofing
Local Administrator
Authentication - Authorization - and Accounting (AAA)
5. Hashing algorithm that results in a 128-bit output.
MD5
Simple Mail Transfer Protocol (SMTP)
node
Archive
6. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Certificate Authority (CA)
Rijndael
SAM
DNS
7. A security protocol for wireless local area networks defined in the 802.11b standard; intended to provide the same level of security as a wired LAN. WEP is not considered strong security - although it does authenticate clients to access points - encr
scope creep
steganography
Wired Equivalent Privacy (WEP)
Domain Name System (DNS) cache poisoning
8. Using conversation or some other interaction between people to gather useful information.
human-based social engineering
SYN attack
hot site
Domain Name
9. The central part of a computer or communications system hardware firmware - and software that implements the basic security procedures for controlling access to system resources.
hybrid attack
Uniform Resource Locator (URL)
-sX
security kernel
10. The act of searching for Wi-Fi wireless networks by a person in a moving vehicle - using a portable device.
War Driving
-sX
Computer Emergency Response Team (CERT)
Covert Channel
11. Black box test
No previous knowledge of the network
serialize scans & 0.4 sec wait
NT LAN Manager (NTLM)
Wide Area Network (WAN)
12. The last portion of the SID that identifies the user to the system in Windows. A RID of 500 identifies the administrator account.
risk avoidance
RID Resource identifier
Replacing numbers in a url to access other files
parallel scan & 75 sec timeout & 0.3 sec/probe
13. ICMP Type/Code 11
Target Of Engagement (TOE)
Time exceeded
site survey
keylogger
14. A business - government agency - or educational institution that provides access to the Internet.
Multipurpose Internet Mail Extensions (MIME)
Echo Reply
MAC filtering
Internet service provider (ISP)
15. A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions.
Zenmap
Cryptography
Collision Domain
initial sequence number (ISN)
16. don't ping
-P0
Zenmap
intrusion prevention system (IPS)
Information Technology (IT) infrastructure
17. The use of deceptive computer-based means to trick individuals into disclosing sensitive personal information
hash
phishing
limitation of liability and remedies
Hypertext Transfer Protocol Secure (HTTPS)
18. A U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system.
-PM
Trusted Computer System Evaluation Criteria (TCSEC)
Bit Flipping
NetBus
19. Any circumstance or event with the potential to adversely impact organizationaloperations - organizational assets - or individuals through an information system via unauthorized access - destruction - disclosure - modification of information - and/or
End User Licensing Agreement (EULA)
Macro virus
Threat
Blowfish
20. A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.
Bit Flipping
Time Bomb
Copyright
Open System Interconnection (OSI) Reference Model
21. A series of documents and notes on standards used or proposed for use on the Internet; each is identified by a number.
INFOSEC Assessment Methodology (IAM)
encryption
Request for Comments (RFC)
Ethernet
22. RPC Scan
-sR
remote procedure call (RPC)
Fraud and related activity in connection with computers
initial sequence number (ISN)
23. A measurable - physical characteristic used to recognize the identity - or verify the claimed identity - of an applicant. Facial images - fingerprints - and handwriting samples are all examples of biometrics.
Biometrics
Active Fingerprinting
Port Address Translation (PAT)
protocol stack
24. A query and response protocol widely used for querying databases that store the registered users or assignees of an Internet resource - such as a domain name - an IP address - or an autonomous system.
Whois
Virtual Local Area Network (VLAN)
Cryptographic Key
Covert Channel
25. The security property that data is not modified in an unauthorized and undetected manner. Also - the principle and measures taken to ensure that data received is in the exact same condition and state as when it was originally transmitted.
personal identification number (PIN)
Virus Hoax
integrity
Accountability
26. A software or hardware application or device that captures user keystrokes.
Ethernet
overt channel
keylogger
ad hoc mode
27. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.
Simple Object Access Protocol (SOAP)
sniffer
Fast Ethernet
Domain Name
28. Port 161/162
Network Basic Input/Output System (NetBIOS)
social engineering
Cache
SNMP
29. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
S
Echo Reply
File Transfer Protocol (FTP)
hacktivism
30. Port 22
Domain Name System (DNS) cache poisoning
SSH
Droppers
key exchange protocol
31. The organization that governs the Internet's top-level domains - IP address allocation - and port number assignments.
Telnet
Countermeasures
Internet Assigned Number Authority (IANA)
Extensible Authentication Protocol (EAP)
32. Baseband LAN specification developed by Xerox Corporation - Intel - and Digital Equipment Corporation. One of the least expensive - most widely deployed networking standards; uses the CSMA/CD method of media access control.
Routing Protocol
risk transference
Contingency Plan
Ethernet
33. Software used to bind a Trojan and a legitimate program together so the Trojan will be installed when the legitimate program is executed.
Interior Gateway Protocol (IGP)
Interior Gateway Protocol (IGP)
Wrapper
security defect
34. A security tool designed to protect a system or network against attacks by comparing traffic patterns against a list of both known attack signatures and general characteristics of how attacks may be carried out. Threats are rated and protective measu
Tunneling Virus
Overwhelm CAM table to convert switch to hub mode
intrusion prevention system (IPS)
Access Point (AP)
35. Nmap grepable output
-oG
Cracker
sniffer
A
36. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
encryption
rogue access point
Destination Unreachable
No previous knowledge of the network
37. ICMP Type/Code 8
net use \[target ip]IPC$ '' /user:''
Internet Control Message Protocol (ICMP)
session splicing
Echo request
38. A social-engineering effort in which the attacker pretends to be an employee - a valid user - or even an executive to elicit information or access.
SNMP
SAM
impersonation
Trusted Computer Base (TCB)
39. A protocol used for sending and receiving log information for nodes on a network.
NT LAN Manager (NTLM)
Syslog
-sV
ISO 17799
40. A tool that helps a company to compare its actual performance with its potential performance.
open source
limitation of liability and remedies
gap analysis
Written Authorization
41. A standard for encrypting e-mail - web pages - and other stream-oriented information transmitted over the Internet.
-p <port ranges>
Transport Layer Security (TLS)
Archive
Baseline
42. A function that is easy to compute in one direction - yet believed to be difficult to compute in the opposite direction (finding its inverse) without special information - called the 'trapdoor.' Widely used in cryptography.
Mantrap
Trapdoor Function
Institute of Electrical and Electronics Engineers (IEEE)
Tunneling
43. The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network. Occurs at layer 2 of the OSI reference model.
Trapdoor Function
private network address
encapsulation
Domain Name System (DNS) lookup
44. Port Scanning
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. A software license agreement; a contract between the 'licensor' and purchaser establishing the right to use the software.
open source
End User Licensing Agreement (EULA)
smart card
public key infrastructure (PKI)
46. MAC Flooding
Telnet
promiscuous mode
Overwhelm CAM table to convert switch to hub mode
Information Technology (IT) asset valuation
47. A Unix-like computer operating system descending from the BSD. Open-BSD includes a number of security features absent or optional in other operating systems.
OpenBSD
End User Licensing Agreement (EULA)
CIA triangle
risk assessment
48. An inspection of a place where a company or individual proposes to work - to gather the necessary information for a design or risk assessment.
Wireless Local Area Network (WLAN)
site survey
steganography
symmetric algorithm
49. Unauthorized access to information such as a calendar - contact list - e-mails - and text messages on a wireless device through a Bluetooth connection.
intrusion detection system (IDS)
Bluesnarfing
null session
HTTP
50. ICMP Timestamp
-PS
-PP
Hypertext Transfer Protocol (HTTP)
SMB