Certified Ethical Hacker (CEH) v12 with complete verified solutions 2024

TCP 143 IMAP Port TCP 443 HTTPS Port Brainpower Read More UDP 123 NTP Port TCP 389, 636 LDAP Ports TCP 110 POP3 Port UDP 69 TFTP Port SLE x EF x ARO = ALE Quantitative Risk Analysis Formula. Risk = Likelihood x Impact Qualitative Risk Analysis Formula. Residual Risk The remaining risk after analysis and controls are put in place. whisker A popular tool used for session splicing. Boot Sector Virus A virus type that moves the Master Boot Record (MBR) to another location on the hard disk and copies itself to the original location of the MBR. Macro Virus A virus type that targets Microsoft Office programs. Metric A standard of measurement that is recorded over time to show improvement. Open Source Intelligence (OSINT) A type of passive reconnaissance that collects information from publicly available sources. salt A random string added to a password to defeat rainbow tables. TCP 25 The open port used by an email relay for spam and phishing attacks. TCP 9100 The most common network printer port black box A penetration test type in which the tester has no prior knowledge of the internal systems. detective control A control type that discovers events after they happen. social engineering A hacking technique used on people to determine if they need more training. hashing A one-way encryption that is used to see if files have maintained their integrity. WHOIS A system that consists of a publicly available set of databases that contain domain name registration and contact information. netcat 80 The simplest netcat command for grabbing the banner from preventive control The type of control that seeks to disallow an attack from happening in the first place. administrative control The type of control that must be enforced through policing by management. least privilege A security concept that requires a user be granted just enough permissions to do their job. technical or logical control A type of control that can be implemented through software. stateful The type of firewall that tracks whole connections, from start to finish. circuit-level The type of firewall that only monitors TCP handshaking. symmetric An encryption type that uses the same key to encrypt and decrypt. dictionary A password cracking method in which an automated tool tests a list of popular passwords in the hopes that one of them is correct. Tailgating A type of social engineering in which the attacker follows behind an employee to get into a restricted area. Retina scan A type of biometric scan that is used to measure blood vessels at the back of the eye. Blind SQL Injection The type of SQL injection used when you cannot depend on errors to tell you if your attack is working or not. Packet filtering The type of firewall that inspects each packet individually, with no memory of previous packets. asymmetric An encryption type in which one key encrypts, and its "partner" decrypts. rubber hose attack The use of force or coercion to extract information from a person. Encrypt the hard drive The recommended way to mitigate data theft from a laptop that a user travels with. covert channel A type of communication channel within an operating system that is neither designed nor intended to transfer information. zero day A newly discovered flaw in a software application that has no patch. Alice's public key The asymmetric key that Bob must use to send Alice a message only she can read. application-level firewall The type of firewall that can filter specific commands such as http:post. -A, -sV The two nmap switches that perform service detection and fingerprinting. -O The nmap switch that performs OS detection. UDP 514 The port that syslog uses. Sniffer, Packet Logger, NIDS The three Snort modes. C, C++ The two programming languages that are most vulnerable to buffer overflow attacks. SHA-1 A popular hashing algorithm that produces 160-bit output. Lan Manager (LM) Hash A password hashing algorithm in which all passwords are exactly 14 characters long. SQL injection A web app attack type that uses commands such as "SELECT * FROM USERS WHERE username = '$user' AND password = '$pass'"; honeypot A solution that emulates computer services in order to distract a hacker or obtain information about their activities. -Pn The nmap switch that will scan a host without first trying to ping it. -sn The nmap switch that only attempts to perform host discovery. Cloud Hopping An attack against a Managed Service Provider's (MSP) infrastructure to gain access to other tenants' sensitive data.