CEH V11 Chapter 1 Exam | Questions And Answers Latest {2024- 2025} A+ Graded |
100% Verified
Authenticity - Characteristic of communications, data, messages that ensures the quality of being
genuine or uncorrupted.
Confidentiality - Assurance that the information is accessible only to authorized individuals.
Integrity - Trustworthiness of data, protection against unauthorized changes. Ensures data accuracy.
Non-Repudiation - Way to guarantee the sender or receiver of a message cannot deny it later.
Attacks = - motive (goal) + method + vulnerability
Passive Attack - Monitoring network traffic and data flow on the target but not tampering with the data.
Examples of Passive Attacks - Footprinting, Sniffing, Eavesdropping, Network Traffic Analysis, Decryption
of weakly encrypted traffic.
Active Attack - Tamper with the data in transit or disrupt communication or services between systems to
bypass or break into security systems
Examples of Active Attacks - DoS (Denial of Service), Modification of information, spoofing, replay
attacks, by-passing protection mechanisms, malware attacks, privilege escalation, backdoors, sql
injection, dns and arp poisoning, session hijacking, more.
Close in Attacks - Close proximity with the target system or network.
Example of Close-In Attacks - Social Engineering: Eavesdropping, shoulder surfing, dumpster diving, and
others
, Insider Attacks - Performed by trusted persons who have physical access to the critical assets of the
target.
Examples of Insider Attacks - Eaves dropping, wiretapping, theft of physical devices, social engineering,
data theft, pod slurping, planting keyloggers.
Distribution Attacks - Attackers tamper with hardware or software prior to installation. Attacking
hardware or software at its source.
Command and Control Warfare - C2 warfare refers to the impact an attacker posesses over a
compromised system or network they control.
Intelligence Based Warfare - Sensor-Based technology that directly corrupts technological systems.
Electronic Based Warfare - uses radio-electronic and cryptographic techniques to degrade
communications.
Psychological Warfare - Use of various techniques, as in propaganda and terror to demoralize the
adversary.
Hacker Warfar - Vary from shut down systems, data errors, theft of information, theft of services,
system monitoring, false messaging, and access to data
Economic Warfare - Effects economy of business by blocking flow of information.
Cyberwarfare - use of information systems against the virtual personas of individuals or groups.
Defensive Information Warfare - Involves all strategies and actions to defend against attacks on ICT
Assets.
Offensive Information Warfare - Attacks against the ICT assets of an opponent.
100% Verified
Authenticity - Characteristic of communications, data, messages that ensures the quality of being
genuine or uncorrupted.
Confidentiality - Assurance that the information is accessible only to authorized individuals.
Integrity - Trustworthiness of data, protection against unauthorized changes. Ensures data accuracy.
Non-Repudiation - Way to guarantee the sender or receiver of a message cannot deny it later.
Attacks = - motive (goal) + method + vulnerability
Passive Attack - Monitoring network traffic and data flow on the target but not tampering with the data.
Examples of Passive Attacks - Footprinting, Sniffing, Eavesdropping, Network Traffic Analysis, Decryption
of weakly encrypted traffic.
Active Attack - Tamper with the data in transit or disrupt communication or services between systems to
bypass or break into security systems
Examples of Active Attacks - DoS (Denial of Service), Modification of information, spoofing, replay
attacks, by-passing protection mechanisms, malware attacks, privilege escalation, backdoors, sql
injection, dns and arp poisoning, session hijacking, more.
Close in Attacks - Close proximity with the target system or network.
Example of Close-In Attacks - Social Engineering: Eavesdropping, shoulder surfing, dumpster diving, and
others
, Insider Attacks - Performed by trusted persons who have physical access to the critical assets of the
target.
Examples of Insider Attacks - Eaves dropping, wiretapping, theft of physical devices, social engineering,
data theft, pod slurping, planting keyloggers.
Distribution Attacks - Attackers tamper with hardware or software prior to installation. Attacking
hardware or software at its source.
Command and Control Warfare - C2 warfare refers to the impact an attacker posesses over a
compromised system or network they control.
Intelligence Based Warfare - Sensor-Based technology that directly corrupts technological systems.
Electronic Based Warfare - uses radio-electronic and cryptographic techniques to degrade
communications.
Psychological Warfare - Use of various techniques, as in propaganda and terror to demoralize the
adversary.
Hacker Warfar - Vary from shut down systems, data errors, theft of information, theft of services,
system monitoring, false messaging, and access to data
Economic Warfare - Effects economy of business by blocking flow of information.
Cyberwarfare - use of information systems against the virtual personas of individuals or groups.
Defensive Information Warfare - Involves all strategies and actions to defend against attacks on ICT
Assets.
Offensive Information Warfare - Attacks against the ICT assets of an opponent.
