Exam (elaborations)
CEH V12 Exam Questions and Answers
- Course
- Institution
CEH V12 Exam Questions and Answers
[Show more]
Content preview
CEH V12 Exam Questions and AnswersEnglish
XSS
Enables attackers to inject malicious client-side scripts into the web pages viewed by other users.
Read More
Cross-site request forgery (CSRF)
Is an attack in which the attacker exploits the victim's active session with a trusted site to
perform malicious activities such as item purchases and the modification or retrieval of account
information.
Forbidden Attack
A type of man-in-the-middle attack used to hijack HTTPS sessions. It exploits the reuse of
cryptographic nonce during the TLS handshake. After hijacking the HTTPS session, the
attackers inject malicious code and forged content that prompts the victim to disclose sensitive
information, such as bank account numbers, passwords, and social security numbers
Session Donation Attack
An attacker donates his/her own session identifier (SID) to the target user. The attacker first
obtains a valid SID by logging into a service and later feeds the same SID to the target user. This
SID links a target user back to the attacker's account page without any information to the victim
Compression Ratio Info-Leak Made Easy (CRIME)
Is a client-side attack that exploits the vulnerabilities present in the data compression feature of
protocols, such as SSL/TLS, SPDY, and HTTPS. Attackers hijack the session by decrypting
secret session cookies. The authentication information obtained from the session cookies is used
to establish a new session with the web application
Entrance Phase
In this phase, the attacker waits for the victim to log in to the target web server using the trap
session ID and then enters the victim's session.
Brute forcing: In the brute-force technique, an attacker obtains session IDs by attempting all
possible permutations of session ID values until finding one that works.
Application Level Hijacking
Invokes gaining control over HTTP's user session by obtaining the session IDs. Network level
hijacking invokes the interception of the packets during transmission in a TCP and UDP session
between a server and client communication.
Cross-site Request Forgery Attack
, Also known as a one-click attack or session riding, is an attack in which the attacker exploits the
victim's active session with a trusted site to perform malicious activities such as item purchases
and the modification or retrieval of account information.
Session Fixation
Is an attack that allows an attacker to hijack a valid user session. An attacker attempts to lure a
user to authenticate himself or herself with a known session ID and then hijacks the user-
validated session with the knowledge of the used session ID.
Trojan
Which of the following is a client-side attack where an attacker changes the proxy settings in the
user's browser to send all the sessions via the attacker's machine?
Blind hijacking
An attacker can inject malicious data or commands into intercepted communications in a TCP
session, even if the victim disables source routing. For this purpose, the attacker must correctly
guess the next ISN of a computer attempting to establish a connection. Although the attacker can
send malicious data or a command, such as a password setting to allow access from another
location on the network, the attacker cannot view the response.
Network-level hijacking
Is the interception of packets during transmission between the client and server in a TCP and
UDP session.
TCP/IP hijacking
An attacker intercepts an established connection between two communicating parties using
spoofed packets, and then pretends to be one of them. In this approach, the attacker uses spoofed
packets to redirect the TCP traffic to his/her own machine. Once this is successful, the victim's
connection hangs and the attacker is able to communicate with the host's machine on behalf of
the victim.
Internet control message protocol (ICMP)
Which of the following protocols is an extension of IP to send error messages? An attacker can
use it to send messages to fool the client and the server
Hetty
Is an HTTP toolkit for security research. It provides the following features:
Machine-in-the-middle (MITM) HTTP proxy with logs and advanced search
HTTP client for manually creating/editing requests and replaying proxied requests
Intercepting requests and responses for a manual review (edit, send/receive, and cancel)
Token Binding
When a user logs on to a web application, it generates a cookie with an SID, called a token.
Token binding protects client-server communications against session hijacking attacks.
HTTP Public Key Pinning (HPKP)
Allows a web client to associate a specific public key certificate with a particular server to
minimize the risk of MITM attacks.
Oakley
A protocol that uses the Diffie-Hellman algorithm to create a master key and a key that is
specific to each session in IPsec data transfer
HTTP Referrer Header
Fingerprinting the referrer header of each request will help in identifying the changes in the
HTTP headers. When the attacker tries to hijack the session using a valid session ID, the HTTP
header differs. Consequently, the intrusion gets detected and the session is terminated.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller millyphilip. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73091 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now