CEH v12 Flashcards Questions with Answers
Simple Object Access Protocol (SOAP) - Answer-is a messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on applicat...
Simple Object Access Protocol (SOAP) - Answer-is a messaging protocol specification
for exchanging structured information in the implementation of web services in computer
networks. It uses XML Information Set for its message format, and relies on application
layer protocols, most often Hypertext Transfer Protocol (HTTP)
DNS Sinkhole - Answer-is a DNS server that has been configured to hand out non-
routable addresses for a certain set of domain names.
Slowloris Attack - Answer-is a type of denial of service attack tool which allows a single
machine to take down another machine's web server with minimal bandwidth and side
effects on unrelated services and ports. It tries to keep many connections to the target
web server open and hold them open as long as possible. It accomplishes this by
opening connections to the target web server and sending a partial request.
Periodically, it will send subsequent HTTP headers, adding to, but never completing, the
request.
Snort - Answer-a free open source network intrusion detection system and intrusion
prevention system created in 1998 by Martin Roesch, founder and former CTO of
Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013.
Source Routing/Path Addressing - Answer-allows a sender of a packet to partially or
completely specify the route the packet takes through the network.
Split DNS - Answer-is the facility of a Domain Name System (DNS) implementation to
provide different sets of DNS information, usually selected by the source address of the
DNS request.
Sublist3r - Answer-a python tool designed to enumerate subdomains of websites using
OSINT.
Sybil Attack - Answer-is an attack against peer-to-peer networks in which a single
attacker creates many fake identities to gain an advantage in the network. Other users
do not recognize these identities as fictitious, which gives the attacker a
disproportionately large influence over the network.
TheHarvester - Answer-a simple to use, yet powerful tool designed to be used during
the reconnaissance stage of a red team assessment or penetration test. It performs
,open source intelligence (OSINT) gathering to help determine a domain's external threat
landscape.
Tor - Answer-is free and open-source software for enabling anonymous communication.
It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting
of more than seven thousand relays, to conceal a user's location and usage from
anyone performing network surveillance or traffic analysis.
Traceroute (Linux) / Tracert (Windows) - Answer-are computer network diagnostic
commands for displaying possible routes (paths) and measuring transit delays of
packets across an Internet Protocol (IP) network. The history of the route is recorded as
the round-trip times of the packets received from each successive host (remote node) in
the route (path); the sum of the mean times in each hop is a measure of the total time
spent to establish the connection. Uses ICMP
Boot Sector Virus - Answer-a type of malware that infects a system's boot partition or
the Master Boot Record (MBR) of a hard disk. During startup and before security
software can be executed, the virus executes malicious code.
Metamorphic Virus - Answer-is code that when run outputs a logically equivalent version
of its own code under some interpretation.
VulDB - Answer-Number one vulnerability management and threat intelligence platform
documenting and explaining vulnerabilities since 1970.
Wardriving - Answer-is the act of searching for Wi-Fi wireless networks, usually from a
moving vehicle, using a laptop or smartphone.
Watering Hole Attack - Answer-is a computer attack strategy in which an attacker
guesses or observes which websites an organization often uses and infects one or
more of them with malware. Eventually, some member of the targeted group will
become infected.
ALTEr Attack - Answer-an attacker pretends to be a real cell tower to the victim, while at
the same time also pretending to be the victim to the real network, and then intercepts
the communications between the victim and the real network.
Android Package Kit - Answer-with the file extension apk is the file format used by the
Android operating system, and a number of other Android-based operating systems for
distribution and installation of mobile apps, mobile games and middleware. It can be
written in either Java or Kotlin.
Archive Org - Answer-is an American digital library with the stated mission of "universal
access to all knowledge".
, Armitage - Answer-is a graphical cyber attack management tool for the Metasploit
Project that visualizes targets and recommends exploits. It is a free and open source
network security tool notable for its contributions to red team collaboration allowing for:
shared sessions, data, and communication through a single Metasploit instance.
Auth0 - Answer-Rapidly integrate authentication and authorization for web, mobile, and
legacy applications so you can focus on your core business.
BeEF - Answer-is short for The Browser Exploitation Framework. It is a penetration
testing tool that focuses on the web browser.
Birthday Attack - Answer-This attack can be used to abuse communication between two
or more parties. The attack depends on the higher likelihood of collisions found between
random attack attempts and a fixed degree of permutations (pigeonholes).
Block Chain - Answer-is a type of distributed ledger technology (DLT) that consists of
growing list of records, called blocks, that are securely linked together using
cryptography.
Block Cipher Mode of Operation - Answer-an algorithm that uses a block cipher to
provide information security such as confidentiality or authenticity.
Electronic code book mode - Answer-The simplest (and not to be used anymore) of the
encryption modes (named after conventional physical codebooks). The message is
divided into blocks, and each block is encrypted separately.
BlueBorne - Answer-is a type of security vulnerability with Bluetooth implementations in
Android, iOS, Linux and Windows. It affects many electronic devices such as laptops,
smart cars, smartphones and wearable gadgets.
Bluto - Answer-is a Python-based tool for DNS recon, DNS zone transfer testing, DNS
wild card checks, DNS brute forcing, e-mail enumeration and more.
Brute Force Attack - Answer-consists of an attacker submitting many passwords or
passphrases with the hope of eventually guessing correctly.
Buffer Overflow - Answer-is an anomaly whereby a program, while writing data to a
buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
Burp Suite - Answer-is an integrated platform/graphical tool for performing security
testing of web applications.
Carrier Cloud - Answer-is a class of cloud that integrates wide area networks (WAN)
and other attributes of communications service providers' carrier grade networks to
enable the deployment of highly complex applications in the cloud.
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur Scholarsstudyguide. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €14,64. Vous n'êtes lié à rien après votre achat.
