CEH v10 Exam Questions with A Grade Solutions
NTFS File Streaming - Answer-System Hacking/Covering Tracks. Allows data to be stored in hidden files that are linked to a normal visible file. Streams are not limited in size and there can be more than one stream linked to a normal file. Streams can e...
CEH v10 Exam Questions with A
Grade Solutions
NTFS File Streaming - Answer-System Hacking/Covering Tracks. Allows data to be
stored in hidden files that are linked to a normal visible file. Streams are not limited in
size and there can be more than one stream linked to a normal file. Streams can easily
be created/written to/read from, allowing any trojan or virus author to take advantage of
a hidden file area. Streams are easily be used, and only found with specialized
software.
Rootkit - Answer-A set of software tools used by an attacker to hide the actions or
presence of other types of malicious software.
6 Types of Rootkits - Answer-Hypervisor Level: Modify the boot sequence of a host
system to load a virtual machine at the host OS.
Hardware (Firmware) Hide in hardware devices or firmware.
Boot Loader Level: Replace the boot loader with one controlled by the hacker.
Kernel Level: Attack the boot sectors and kernel level of the OS themselves, replacing
the kernel code with back door code. Most Dangerous
Library Level: Use system level calls to hide their existence.
National Computer Security Center - Answer-A group that created a variety security
manuals and steps, and published them in a book known as the "Rainbow Series."
TCSEC (Orange Book) - Answer-The past U.S. military accepted set of standards and
processes for computer systems evaluation and assurance, which combines function
and assurance requirements
TOE - Answer-Target of Evaluation - what is being evaluated by the Common Criteria
(EAL)
ST - Answer-Security target: The documentation describing the TOE and security
requirements.
PP - Answer-Protection Profile A set of security requirements specifically for the type of
product being tested
Access Control - Answer-restricts access to secure areas
MAC - Answer-Media Access Control A method of access control where security policy
is controlled by a security administrator: users can't set access controls themselves
, DAC - Answer-Discretionary Access Control. An access control model where all objects
have owners and owners can modify permissions for the objects (files and folders).
Microsoft's NTFS uses the DAC model. Other access control models are MAC and
RBAC.
Types of Policies - Answer-Access Control Policy
Information Security Policy
Information Protection Policy
Password Policy
Email Policy
Information Audit Policy
Protection rings - Answer-Level 0 Security Kernel; reference monitor; level 1 and 2;
device drivers; level 3 user mode
OWASP Top 10 - Answer-The Open Web Application Security Project (OWASP) is a
non-profit organization dedicated to providing unbiased, practical information about
application security.
1. Injection
Injection flaws, such as SQL injection, LDAP injection, and CRLF injection, occur when
an attacker sends untrusted data to an interpreter that is executed as a command
without proper authorization.
* Application security testing can easily detect injection flaws. Developers should use
parameterized queries when coding to prevent injection flaws.
2. Broken Authentication and Session Management
Incorrectly configured user and session authentication could allow attackers to
compromise passwords, keys, or session tokens, or take control of users' accounts to
assume their identities.
* Multi-factor authentication, such as FIDO or dedicated apps, reduces the risk of
compromised accounts.
3. Sensitive Data Exposure
Applications and APIs that don't properly protect sensitive data such as financial data,
usernames and passwords, or health information, could enable attackers to access
such information to commit fraud or steal identities.
* Encryption of data at rest and in transit can help you comply with data protection
regulations.
4. XML External Entity
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.09. You're not tied to anything after your purchase.
