CEH v11 Terms with Complete Solutions
Graded A+
Medium-interaction Honeypots - Answer-simulate a real OS as well as applications and
services of a target network.
Malware Honeypots - Answer-used to trap malware campaigns or malware attempts
over the network infrastructure.
MarioNet Attack - Answer-a browser-based attack that runs malicious code inside the
browser, and the infection persists even after closing or browsing away from the
malicious webpage through which infection has spread.
Manual Web App Security Testing - Answer-It involves testing a web application using
manually designed data, customized code, and some browser extension tools to detect
vulnerabilities and weaknesses associated with the applications.
Mobile Spam - Answer-also known as SMS spam, text spam, or m-spam, refers to
unsolicited messages sent in bulk form to known/unknown phone numbers/email IDs to
target mobile phones.
Mobile Device Management (MDM) - Answer-provides platforms for over-the-air or
wired distribution of applications and data and configuration settings for all types of
mobile devices, including mobile phones, smartphones, and tablet computers.
Multi Cloud - Answer-It is a dynamic heterogeneous environment that combines
workloads across multiple cloud vendors that are managed via one proprietary interface
to achieve long-term business goals.
Microservices - Answer-Monolithic applications are broken down into cloud-hosted sub-
applications that work together, each performing a unique task.
MD5 - Answer-An algorithm that takes a message of arbitrary length as the input and
then outputs a 128-bit fingerprint or message digest of the input.
Man-in-the-Cloud (MITC) Attack - Answer-attacks that are performed by abusing cloud
file synchronization services such as Google Drive or Drop Box for Data compromise,
command and control (C&C), data exfiltration, and remote access.
MD6 - Answer-uses a Merkle-tree-like structure to allow for large-scale parallel
computation of hashes for very long inputs.
,Non-Repudiation - Answer-A guarantee that the sender of a message cannot later deny
having sent the message and that the recipient cannot deny having received the
message.
Network Indicators - Answer-useful for command and control, malware delivery,
identifying the operating system, and other tasks.
Network Scanning - Answer-refers to a set of procedures used for identifying hosts,
ports, and services in a network.
NTP - Answer-designed to synchronize the clocks of networked computers.
National Vulnerability Database (NVD) - Answer-A U.S. government repository of
standards-based vulnerability management data represented using the Security Content
Automation Protocol (SCAP).
NTFS Data Stream - Answer-a Windows hidden stream, which contains metadata for
the file, such as attributes, word count, author name and access, and modification time
of the files.
Negligent Insider - Answer-Insiders who are uneducated on potential security threats or
who simply bypass general security procedures to meet workplace efficiency.
Network Level Hijacking - Answer-defined as the interception of packets during the
transmission between a client and the server in a TCP or UDP session.
Network Address Translation (NAT) - Answer-separates IP addresses into two sets and
enables the LAN to use these addresses for internal and external traffic separately.
Availability - Answer-Assurance that the systems responsible for delivering, storing, and
processing information are accessible when required by the authorized users.
Authenticity - Answer-Refers to the characteristic of a communication, document, or any
data that ensures the quality of being genuine.
Active Attacks - Answer-These attacks tamper with the data in transit or disrupt
communication or services between the systems to bypass or break into secured
systems.
Adversary Behavioral Identification - Answer-involves the identification of the common
methods or techniques followed by an adversary to launch attacks on or to penetrate an
organization's network.
Active Footprinting - Answer-involves gathering information about the target with direct
interaction.
,ARP Ping Scan - Answer-Attackers send ARP request probes to target hosts, and an
ARP response indicates that the host is active.
ACK Flag Probe Scan - Answer-Attackers send TCP probe packets set with an ACK
flag to a remote device, and then analyze the header information (TTL and WINDOW
field) of received RST packets to determine if the port is open or closed.
Anonymizer - Answer-an intermediate server placed between you as the end user and
the website to access the website on your behalf and make your web surfing activities
untraceable
Audio Steganography - Answer-refers to hiding secret information in audio files such as
.MP3, .RM, and .WAV
Advanced Persistent Threats - Answer-defined as a type of network attack, where an
attacker gains unauthorized access to a target network and remains undetected for a
long period of time.
Antivirus Sensor System - Answer-An antivirus sensor system is a collection of
computer software that detects and analyzes malicious code threats such as viruses,
worms, and Trojans.
Active Sniffing - Answer-involves injecting Address Resolution Packets (ARP) into the
network to flood the switch's Content Addressable Memory (CAM) table, which keeps
track of host-port connections.
Address Resolution Protocol (ARP) - Answer-a stateless protocol used for resolving IP
addresses to machine (MAC) addresses.
ARP Spoofing Attack - Answer-involves constructing many forged ARP request and
reply packets to overload the switch.
Application Level Hijacking - Answer-refers to gaining control over the HTTP's user
session by obtaining the session IDs.
Anomaly Detection - Answer-It detects the intrusion based on the fixed behavioral
characteristics of the users and components in a computer system.
Application-Level Firewall - Answer-Application-level gateways (proxies) can filter
packets at the application layer of the OSI model (or the application layer of TCP/IP
Application Proxy - Answer-works as a proxy server and filters connections for specific
services.
API DDoS Attack - Answer-involves saturating an API with a huge volume of traffic from
multiple infected computers (botnet) to delay API services to legitimate users.
, Automated Web App Security Testing - Answer-It is a technique employed for
automating the testing process. These testing methods and procedures are
incorporated into each stage of development to report feedback constantly.
Application Whitelisting - Answer-contains a list of application components such as
software libraries, plugins, extensions, and configuration files, which can be permitted to
execute in the system.
Application Blacklisting - Answer-Application blacklisting contains a list of malicious
applications or software that are not permitted to be executed in the system or the
network.
Access point (AP) - Answer-used to connect wireless devices to a wireless/wired
network.
Association - Answer-It refers to the process of connecting a wireless device to an AP.
Agent Smith Attack - Answer-attacks carried out by luring victims into downloading and
installing malicious apps designed and published by attackers in the form of games,
photo editors, or other attractive tools from third-party app stores such as 9Apps.
Android Rooting - Answer-process involves exploiting security vulnerabilities in the
device firmware and copying the SU binary to a location in the current process's PATH
(e.g., /system/xbin/su) and granting it executable permissions with the chmod
command.
Asymmetric Encryption - Answer-(public-key) uses different encryption keys, which are
called public and private keys for encryption and decryption, respectively.
Advanced Encryption Standard (AES) - Answer-a National Institute of Standards and
Technology (NIST) specification for the encryption of electronic data.
Behavioral Indicators - Answer-used to identify specific behavior related to malicious
activities.
Black Hats - Answer-individuals who use their extraordinary computing skills for illegal
or malicious purposes
Border Gateway Protocol (BGP) - Answer-a routing protocol used to exchange routing
and reachability information between different autonomous systems (AS) present on the
Internet.
Brute-Force Attack - Answer-attackers try every combination of characters until the
password is broken.
