100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CEH v12 Study Guide-Questions and Answers 100% Solved $15.99   Add to cart

Exam (elaborations)

CEH v12 Study Guide-Questions and Answers 100% Solved

 6 views  0 purchase
  • Course
  • CEH v12
  • Institution
  • CEH V12

CEH v12 Study Guide-Questions and Answers 100% Solved

Preview 4 out of 51  pages

  • September 23, 2024
  • 51
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CEH v12
  • CEH v12
avatar-seller
TheeGrades
CEH v12 Study Guide-Questions and Answers 100%
Solved
fuzz testing (fuzzing) Correct Ans-A software testing technique that deliberately provides


invalid, unexpected, or random data as inputs to a computer program.




Concolic Testing Correct Ans-Concolic testing is a hybrid software verification technique


that performs symbolic execution, a classical technique that treats program variables as


symbolic variables along a concrete execution path. Symbolic execution is used in conjunction


with an automated theorem prover or constaraint solver based on constraint logic


programming to generate new concrete inputs (test cases) to maximize code coverage. Its


main focus is finding bugs in real-world software rather than demonstrating program


correctness.




Monkey Testing Correct Ans-Monkey testing is a technique where the user tests the


application or system by providing random inputs and checking the behavior, or seeing


whether the application or system will crash. Monkey testing is usually implemented as


random, automated unit tests.

, CEH v12 Study Guide-Questions and Answers 100%
Solved
Security Testing Correct Ans-a process intended to reveal flaws in the security mechanisms


of an information system that protect data and maintain functionality as intended.




Firewalking Correct Ans-the method of determining the movement of a data packet from


an untrusted external host to a protected internal host through a firewall.




Session Hijacking Correct Ans-An attack in which an attacker attempts to impersonate the


user by using his session token.




Network Sniffing Correct Ans-theft or interception of data by capturing the network traffic


using a sniffer (an application aimed at capturing network packets).




MITM (Man-in-the-Middle) Correct Ans-a cyberattack where the attacker secretly relays


and possibly alters the communications between two parties who believe that they are


directly communicating with each other.

, CEH v12 Study Guide-Questions and Answers 100%
Solved


digital signature Correct Ans-Unforgeable and authentic




How to avoid NIDS? Correct Ans-Encryption




Slowloris Correct Ans-Attempts to monopolize by sending HTTP requests that never


complete


Eventually consumes Web server's connection capacity


Utilizes legitimate HTTP traffic


Existing intrusion detection and prevention solutions that rely on signatures to detect attacks


will generally not recognize this attack




HTTP Flood Correct Ans-a type of Distributed Denial of Service (DDoS) attack in which the


attacker manipulates HTTP and POST unwanted requests in order to attack a web server or


application.

, CEH v12 Study Guide-Questions and Answers 100%
Solved


Spoofed Session Flood Attack Correct Ans-Attackers create fake or spoofed TCP sessions by


carrying multiple SYN, ACK, and RST or FIN packets.




Fragmentation Correct Ans-a process used to partition messages (the service data unit


(SDU); typically a packet) from one layer of a network into multiple smaller payloads that can


fit within the lower layer's protocol data unit (PDU).




Reconissance Stage Correct Ans-attackers act like detectives, gathering information to


understand their target truly. From examining email lists to open source information, their


goal is to know the network better than those who run and maintain it. They hone in on the


technology's security aspect, study the weaknesses, and use any vulnerability to their


advantage.




Compromised Data Integrity Correct Ans-As SQL statements are also used to modify or add


the record, an attacker can use SQL injection to modify or add data stored in a database.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller TheeGrades. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $15.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75632 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$15.99
  • (0)
  Add to cart