SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A tool that helps a company to compare its actual performance with its potential performance.
passive attack
gap analysis
SYN attack
Vulnerability
2. The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.
Acknowledgment (ACK)
risk transference
SID
false rejection rate (FRR)
3. Defined in RFC 826 - ARP is a protocol used to map a known IP address to a physical (MAC) address.
Asset
Address Resolution Protocol (ARP)
security incident response team (SIRT)
network tap
4. The art and science of creating a covert message or image within another message - image - audio - or video file.
Google hacking
Access Control List (ACL)
steganography
A R
5. An Application layer protocol - using TCP - for transporting files across an Internet connection. FTP transmits in clear text.
port knocking
File Transfer Protocol (FTP)
Time exceeded
network interface card (NIC)
6. A program designed to execute at a specific time to release malicious code onto the computer system or network.
Asset
Time Bomb
Zombie
suicide hacker
7. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p
heuristic scanning
Acceptable Use Policy (AUP)
Certificate Authority (CA)
gap analysis
8. The act or actions of a hacker to put forward a cause or a political agenda - to affect some societal change - or to shed light on something he feels to be political injustice. These activities are usually illegal in nature.
Asymmetric
intrusion detection system (IDS)
false rejection rate (FRR)
hacktivism
9. A device set up to send a response on behalf of an end node to the requesting host. Proxies are generally used to obfuscate the host from the Internet.
reconnaissance
Wireless Local Area Network (WLAN)
proxy server
pattern matching
10. The contents of a packet. A system attack requires the attacker to deliver a malicious payload that is acted upon and executed by the system.
Time To Live (TTL)
Exposure Factor
asynchronous transmission
payload
11. A technology that establishes a tunnel to create a private - dedicated - leased-line network over the Internet. The data is encrypted so it's readable only by the sender and receiver. Companies commonly use VPNs to allow employees to connect securely
node
Virtual Private Network (VPN)
-oN
Lightweight Directory Access Protocol (LDAP)
12. A communications channel that is being used for a purpose it was not intended for - usually to transfer information secretly.
service level agreements (SLAs)
Community String
-sO
Covert Channel
13. A symmetric - block-cipher data-encryption standard that uses a variablelength key that can range from 32 bits to 448 bits.
Password Authentication Protocol (PAP)
Blowfish
International Organization for Standardization (ISO)
Vulnerability Assessment
14. White hat
Information Technology (IT) infrastructure
halo effect
Hacks with permission
Packet Internet Groper (ping)
15. A unique hostname that is used to identify resources on the Internet. Domain names start with a root (.) - then add a top level (.com - .gov - or .mil - for example) - and a given name space.
Domain Name
RxBoot
reverse social engineering
Local Administrator
16. A computer system that performs tasks dictated by an attacker from a remote location. Zombies may be active or idle - and owners of the systems generally do not know their systems are compromised.
Tunneling
Console Port
Zombie
qualitative analysis
17. An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.
Denial of Service (DoS)
-PI
private network address
Self Replicating
18. The cyclical practice of identifying - classifying - remediating - and mitigating vulnerabilities.
Presentation layer
Vulnerability Management
routed protocol
Information Technology (IT) asset criticality
19. An application that monitors a computer or network to identify - and prevent - malware. AV is usually signature-based - and can take multiple actions on defined malware files/activity.
Routing Information Protocol (RIP)
Antivirus (AV) software
hybrid attack
Man-in-the-middle attack
20. TCP Ping
-PT
Target Of Engagement (TOE)
Cookie
-oN
21. The set of all hardware - firmware - and/or software components critical to IT security. Bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
false rejection rate (FRR)
Timestamping
Trusted Computer Base (TCB)
patch
22. A mode of operation for a block cipher - with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value - and vice versa
Information Technology Security Evaluation Criteria (ITSEC)
LDAP
Local Administrator
Electronic Code Book (ECB)
23. A person or entity indirectly involved in a relationship between two principles.
shrink-wrap code attacks
social engineering
Finger
Third Party
24. An Ethernet networking system transmitting data at 100 million bits per second (Mbps) - 10 times the speed of an earlier Ethernet standard. Derived from the Ethernet 802.3 standard - it is also known as 100BaseT.
SSH
source routing
Fast Ethernet
Access Point (AP)
25. Microsoft SID 500
-oN
Local Administrator
No previous knowledge of the network
impersonation
26. Devices - connected to one or more switches - grouped logically into a single broadcast domain. VLANs enable administrators to divide the devices connected to the switches into multiple VLANs without requiring separate physical switches.
integrity
Cookie
Self Replicating
Virtual Local Area Network (VLAN)
27. Nmap grepable output
-PI
-oG
Wi-Fi Protected Access (WPA)
parallel scan & 300 sec timeout & 1.25 sec/probe
28. A structured set of criteria for evaluating computer security within products and systems produced by European countries; it has been largely replaced by the Common Criteria.
Secure Multipurpose Mail Extension (S/MIME)
Information Technology Security Evaluation Criteria (ITSEC)
Smurf attack
Written Authorization
29. Part of a service contract where the level of service is formally defined; may be required as part of the initial pen test agreements.
Bluejacking
Network Address Translation (NAT)
Backdoor
service level agreements (SLAs)
30. Monitoring of telephone or Internet conversations - typically by covert means.
-sR
Wiretapping
risk assessment
DNS enumeration
31. The process of embedding information into a digital signal in a way that makes it difficult to remove.
quality of service (QoS)
Mantrap
Digital Watermarking
Address Resolution Protocol (ARP)
32. A business - government agency - or educational institution that provides access to the Internet.
Tunnel
Temporal Key Integrity Protocol (TKIP)
Asymmetric
Internet service provider (ISP)
33. Used to find the domain name associated with an IP address; the opposite of a DNS lookup.
RxBoot
red team
reverse lookup; reverse DNS lookup
payload
34. 1. The path a packet travels to reach the intended destination. Each individual device along the path traveled is called a hop. 2. Information contained on a device containing instructions for reaching other nodes on the network. This information can
route
Level I assessment
Access Point (AP)
Trusted Computer System Evaluation Criteria (TCSEC)
35. Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
identity theft
encryption
hash
security kernel
36. A type of attack used to deny service to legitimate users of a network resource by intentionally overloading the network with illegitimate TCP connection requests. SYN packets are sent repeatedly to the target - but the corresponding SYN/ACK response
Secure Sockets Layer (SSL)
social engineering
reconnaissance
SYN flood attack
37. FTP Bounce Attack
Dumpster Diving
-b
FreeBSD
Defense in Depth
38. An extensible mechanism for e-mail. A variety of MIME types exist for sending content such as audio - binary - or video using the Simple Mail Transfer Protocol (SMTP).
Media Access Control (MAC)
Multipurpose Internet Mail Extensions (MIME)
Temporal Key Integrity Protocol (TKIP)
Authorization
39. Phases of an attack
Reconnaissance - Scanning - Gaining Access - Maintaining Access - Covering Tracks
source routing
Information Technology (IT) asset criticality
Methodology
40. The process of systematically testing each port on a firewall to map rules and determine accessible ports.
firewalking
OpenBSD
nslookup
Domain Name System (DNS) cache poisoning
41. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
Open System Interconnection (OSI) Reference Model
Event
Internal access to the network
Black Box Testing
42. A physical security attack where the attacker sifts through garbage and recycle bins for information that may be useful on current and future attacks
Denial of Service (DoS)
MAC filtering
Dumpster Diving
Post Office Protocol 3 (POP3)
43. An encryption standard designed by Joan Daemen and Vincent Rijmen. Chosen by a NIST contest to be the Advanced Encryption Standard (AES).
Rijndael
ISO 17799
steganography
MAC filtering
44. A protocol used for sending and receiving log information for nodes on a network.
Syslog
shoulder surfing
intrusion prevention system (IPS)
Application-Level Attacks
45. The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
False Acceptance Rate (FAR)
hot site
A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.
46. A software program for remotely controlling a Microsoft Windows computer system over a network. Generally considered malware.
Three-Way (TCP) Handshake
Level I assessment
private key
NetBus
47. ACK Scan
Wired Equivalent Privacy (WEP)
physical security
-sA
suicide hacker
48. Process of breaking a packet into smaller units when it is being transmitted over a network medium that's unable to support a transmission unit the original size of the packet.
suicide hacker
serial scan & 300 sec wait
fragmentation
Internet Protocol Security (IPSec) architecture
49. ICMP Timestamp
-PP
Overwhelm CAM table to convert switch to hub mode
ad hoc mode
honeypot
50. An evaluation consisting of a document review - interviews - and demonstrations. No hands-on testing is performed.
Cracker
Three-Way (TCP) Handshake
Level I assessment
Threat
