SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CEH: Certified Ethical Hacker
Start Test
Study First
Subjects
:
certifications
,
ceh
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A set of rules defined to screen network packets based on source address - destination address - or protocol; these rules determine whether the packet will be forwarded or discarded.
honeypot
Filter
Fiber Distributed Data Interface (FDDI)
Cookie
2. Method used by antivirus software to detect new - unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program - looking for a sequence or sequences of instructions that differentiate the virus from 'normal' p
secure channel
heuristic scanning
Event
Internet Control Message Protocol (ICMP)
3. don't ping
Sign in Seal
-P0
Local Administrator
Echo request
4. Idlescan
Password Authentication Protocol (PAP)
-sI
Availability
sidejacking
5. In penetration testing - enumeration is the act of querying a device or network segment thoroughly and systematically for information.
enumeration
Bug
SYN attack
protocol
6. An authentication method on point-to-point links - using a three-way handshake and a mutually agreed-upon key.
private key
Challenge Handshake Authentication Protocol (CHAP)
Master boot record infector
social engineering
7. A domain composed of all the systems sharing any given physical transport media. Systems within a collision domain may collide with each other during the transmission of data. Collisions can be managed by CSMA/CD (collision detection) or CSMA/CA (col
Internet Assigned Number Authority (IANA)
Distributed DoS (DDoS)
Collision Domain
Fast Ethernet
8. The change or growth of a project's scope
scope creep
Denial of Service (DoS)
Replacing numbers in a url to access other files
polymorphic virus
9. A denial-of-service technique that uses numerous hosts to perform the attack.
Distributed DoS (DDoS)
role-based access control
Simple Object Access Protocol (SOAP)
Client
10. The art and science of creating a covert message or image within another message - image - audio - or video file.
steganography
ping sweep
security defect
sheepdip
11. Also known as a public key certificate - this is an electronic file that is used to verify a user's identity - providing non-repudiation throughout the sys-tem. Certificates contain the entity's public key - serial number - version - subject - algori
Digital Certificate
Collision
Virus
Internet Control Message Protocol (ICMP)
12. Black hat
gateway
Hacks without permission
SSH
Open System Interconnection (OSI) Reference Model
13. An unknown deficiency in software or some other product that results in a security vulnerability being identified.
security defect
hybrid attack
Black Hat
reconnaissance
14. Security identifier. The method by which Windows identifies user - group - and computer accounts for rights and permissions.
RPC-DCOM
honeynet
Simple Object Access Protocol (SOAP)
SID
15. A network traffic management technique designed to allow applications to specify the route a packet will take to a destination - regardless of what the route tables between the two systems say.
proxy server
security bulletins
source routing
TACACS
16. Port 88
security controls
Kerberos
red team
Covert Channel
17. In penetration testing - this is a method of testing the security of a system or subnet without any previous knowledge of the device or network. Designed to simulate an attack by an outside intruder (usually from the Internet).
gray hat
Black Box Testing
segment
Dumpster Diving
18. Black box test
Access Creep
Zero Subnet
No previous knowledge of the network
secure channel
19. A method of falsely identifying the source of data packets; often used by hackers to make it difficult to trace where an attack originated.
spoofing
Collision
HIDS
Cookie
20. A documented process for a procedure designed to be consistent - repeatable - and accountable.
Warm Site
Availability
Man-in-the-middle attack
Methodology
21. A widely used authentication protocol developed at the MassachusettsInstitute of Technology (MIT). Kerberos authentication uses tickets - Ticket Granting Service - and Key Distribution Center.
-PT
Kerberos
Ethical Hacker
Man-in-the-middle attack
22. Port Scanning
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
23. ICMP Timestamp
Virus
-p <port ranges>
packet
-PP
24. An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.
Exposure Factor
Lightweight Directory Access Protocol (LDAP)
impersonation
scope creep
25. An organization composed of engineers - scientists - and students who issue standards related to electrical - electronic - and computer engineering.
Web Spider
encapsulation
Institute of Electrical and Electronics Engineers (IEEE)
Minimum acceptable level of risk
26. A group of people - gathered together by a business entity - working to address a specific problem or goal.
Simple Object Access Protocol (SOAP)
intrusion detection system (IDS)
Ethernet
Tiger Team
27. SYN Ping
Cold Site
rootkit
-PS
SOA record
28. Ports 20/21
Redundant Array of Independent Disks (RAID)
Network Address Translation (NAT)
Time To Live (TTL)
FTP
29. A trusted entity that issues and revokes public key certificates. In a network - a CA is a trusted entity that issues - manages - and revokes security credentials and public keys for message encryption and/or authentication. Within a public key infra
spyware
Discretionary Access Control (DAC)
Certificate Authority (CA)
Redundant Array of Independent Disks (RAID)
30. A hacking method for stealing the cookies used during a session build and replaying them for unauthorized connection purposes.
sidejacking
node
Transmission Control Protocol (TCP)
Daisy Chaining
31. A malicious computer program with self-replication capabilities that attaches to another file and moves with the host from one computer to another.
Information Technology Security Evaluation Criteria (ITSEC)
Virus
net use \[target ip]IPC$ '' /user:''
Fiber Distributed Data Interface (FDDI)
32. A social-engineering attack using computer resources - such as e-mail or IRC.
session hijacking
Computer-Based Attack
SMB
Defines legal email marketing
33. Incremental Substitution
-PI
forwarding
rogue access point
Replacing numbers in a url to access other files
34. Shifting responsibility from one party to another
Vulnerability Scanning
enumeration
risk transference
-oG
35. A self-replicating - self-propagating - self-contained program that uses networking mechanisms to spread itself.
Black Hat
Man-in-the-middle attack
service level agreements (SLAs)
Worm
36. Formerly Redundant Array of Inexpensive Disks; a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit - where data is distributed acr
NOP
Redundant Array of Independent Disks (RAID)
serialize scans & 0.4 sec wait
Rijndael
37. A point-to-point connection between two endpoints created to exchangedata. Typically a tunnel is either an encrypted connection - or a connection using a protocol in a method for which it was not designed. An encrypted connection forms a point-to-poi
POP 3
local area network (LAN)
Tunnel
Event
38. Also known as a digital certificate - this is an electronic file used to verify a user's identity - providing non-repudiation throughout the system It is also a set of data that uniquely identifies an entity. Certificates contain the entity's public
serialize scans & 0.4 sec wait
Virus Hoax
Threat
Certificate
39. Also known as the dot-dot-slash attack. Using directory traversal - the attacker attempts to access restricted directories and execute commands outside intended web server directories by using the URL to redirect to an unintended folder location.
Wired Equivalent Privacy (WEP)
Directory Traversal
DNS enumeration
-PI
40. An Application layer protocol used by local email clients to retrieve e-mail from a remote server over a TCP/IP connection.
ad hoc mode
Post Office Protocol 3 (POP3)
network tap
parallel scan
41. A free - open source version of the Berkeley Software Distribution of Unix - often used in embedded systems.
security breach or security incident
role-based access control
NetBSD
Pretty Good Privacy (PGP)
42. Management policy and procedures designed to maintain or restore business operations - including computer operations - possibly at an alternate location - in the event of emergencies - system failures - or disaster.
serialize scans & 0.4 sec wait
gray hat
Contingency Plan
-sF
43. A background process found in Unix - Linux - Solaris - and other Unix-based operating systems.
Daemon
Digital Watermarking
protocol
-sT
44. Controlling access to a network by analyzing the headers of incoming and outgoing packets - and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination
packet filtering
Active Fingerprinting
Domain Name System (DNS) lookup
-sI
45. A software or hardware application or device that captures user keystrokes.
NT LAN Manager (NTLM)
smart card
keylogger
rootkit
46. Cracking Tools
Third Party
local area network (LAN)
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
SID
47. A routing protocol developed to be used within a single organization.
gray box testing
Timestamping
security incident response team (SIRT)
Interior Gateway Protocol (IGP)
48. The act of secretly listening to the private conversations of others without their consent. This can also be done over telephone lines (wiretapping) - e-mail - instant messaging - and other methods of communication considered private
Eavesdropping
encapsulation
Target Of Engagement (TOE)
iris scanner
49. The monetary loss that can be expected for an asset due to risk over a one-year period. ALE is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as ALE = ARO
Annualized Loss Expectancy (ALE)
HTTP tunneling
flood
Application-Level Attacks
50. A condition that occurs when more data is written to a buffer than it has space to store - and results in data corruption or other system errors. This is usually due to insufficient bounds checking - a bug - or improper configuration in the program c
parameter tampering
John the Ripper - LOphtcrack - Ophtcrack - Cain and Abel
Buffer Overflow
sidejacking
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests