Exam (elaborations)
CEH v11 EXAM | Questions And Answers Latest {} A+ Graded | 100% Verified
- Course
- Institution
CEH v11 EXAM | Questions And Answers Latest {} A+ Graded | 100% Verified
[Show more]
Content preview
CEH v11 EXAM | Questions And Answers Latest {2024- 2025} A+ Graded | 100% VerifiedConfidentiality - the assurance that messages and information are available only to those who are
authorized to view them. Method of assurance is encryption
integrity - Data has not been changed or modified (in an unauthorized way). True to what it should be.
Done with hashin algortihms
Availability - Ability to access the data or information systems when you need to access it
Authenticity - Everything is as it says it was in the metadata (i.e: the private key of a user that accessed
the data actually belongs to that user)
Non-repudiation - The security principle of providing proof that a transaction occurred between
identified parties. Repudiation occurs when one party in a transaction denies that the transaction took
place. Relates to the sender of information. They cannot deny that they sent it based on a variety of
factors.
Motives/Goals/Objectives - Curiosity, bragging rights, disruption of business, hacktivism (campion a
cause), political, religious, terrorism (impact critical infrastructure that cases human casualties), revenge,
cyber crime ($$)
Passive Attack - Attack Classification - Attack where the attacker does not interact with processing or
communication activities, but only carries out observation and data collection, as in network sniffing.
Sensitive information in clear text on the network. Think Wireshark. HARD TO DETECT
Active Attack - Attack Classification - Manipulation of data, disruption of services, compromising
individual systems or network at large. Easier to detect (e.x.: DoS, DDoS, password attacks, session
hijacking, privilege escalation, SQL injection, remote code execution)
Close-In Attack - Attack Classification - Through proximity (typically physical) you gather sensitive
information. Shoulder surfing is an example.
,Insider Attack - Attack Classification - Trusted individual who abuses their trust on a network to gain
information. More devastating. (e.x.: pod slurping where you exfil incognito on a digital storage device)
Distribution Attacks - Attack Classification - Supply chain attacks. Access to software or hardware of a
vendor an attacker's target is going to use. Install malware onto a device the end target will use.
Typically nation state actors, APTs
Information Warfare - An attacker trying to gain a competitive edge over opponents or adversaries.
C2 warfare - Command and control warfare is the control over compromised targets or their systems
and you have some sort of centralized management to control those compromised systems.
Intelligence-Based Warfare - Design and protection of systems that seek knowledge to dominate the
battlespace and denial of knowledge to adversaries. Stopping adversaries from also gaining the same
knowledge as you.
Electronic Warfare - Signal jamming, radar jamming. Stop communications of an adversary talking to
each other
psychological warfare - The use of propaganda, threats and other psychological techniques to mislead,
intimidate, demoralize, or otherwise influence the thinking or behavior of an opponent. Disinformation
campaign, scare tactics. Attack morale and mental resolve
Hacker Warfare - This type of InfoWar varies from shutdown of systems, data errors, theft of
information, theft of services, system monitoring, false messaging, and access to data.
Economic Warfare - Financially disrupt and adversaries economy. Can be in terms of bringing down
information systems so people can't use their business or harming reputation so people choose another
source for service.
cyber warfare - information terrorism and semantic attacks where an attacker takes over a target
system but the appearance of normalcy is maintained.
,Offensive Information Warfare - web-based attacked system hacking, MITM
Defensive Information Warfare - Techniques we use to try and stop attacked. Detection (IDS),
prevention (IPS), alerting
Cyber Kill Chain - Reconnaissance (1) - Gathering and putting information together about the target.
Getting public info (email accounts, technologies used, DNS spaces)
Cyber Kill Chain - Weaponization (2) - Finding possible exploitable vulnerabilities in target system Create
malicious deliverable payloads
Cyber Kill Chain - Delivery (3) - Handing malicious payload to target (e.x.: email spearphishing, USB,
website watering hole)
Cyber Kill Chain - Exploitation (4) - Target actually interacts with the deliverable
Cyber Kill Chain - Installation (5) - Delivered malicious code will download more "dirty" code. More
functionality downloaded. Maintaining access.
Cyber Kill Chain - Command and Control (6) - Ability of attacker to control target. Use encryption to hide
communication, privilege escalation. Hide presence.
Cyber Kill Chain - Actions & Objectives (7) - Why did he attacker care to gain access to the system? What
do they want? Doing the thing that led them to want to get on to the network.
TTP - Tactics
Techniques
Procedures
Tactics - Guiding principles. Objective attacker is initially going for. Gather networking information,
finding out running services. What do I do as a threat actor? What vulnerabilities do i want to exploit?
, Techniques - How do you do it. Execution of guiding principle. If tactic is looking for vulnerabilities,
technique will be use a vulnerability scanner. Ways to achieve objective.
Procedures - Couple of steps to achieve end goal. Method by which they employ (scan against particular
web vulnerability, specific scanner, scan a certain way)
Adversarial Behaviors - Internal Recon - Once an attacker gains access they want to figure out what else
than can get to. Looking for hosts, services, configurations, pivoting & lateral movement, scanning
internally, stange bash files, PowerShell commands, changing config files
Adversarial Behaviors - PowerShell Use - Living off the land because it is already installed. Scripting,
explore systems with it, connect to external resources, exfil data. Lock down to admin only. Alerting
when regular users attempt to use it. Log and monitor all use.
Adversarial Behaviors - CLI/Terminal - Use of command line and what is in bash. Log commands
executed
Adversarial Behaviors - HTTP User Agent - Header inside web requests. Contains what browser you are
using. Can be manipulated with Burp Suite or ZAP. Modify string to contain a certain command & web
app might not know what to do with it so it will execute to command. Defend against with firewalls and
blacklisting and whitelisting strings.
Adversarial Behaviors - Web Shell Use - Once gained access to a system, have the ability to upload or
insert certain pieces of information. Attacker can interact with the target system through a web
browser.
Adversarial Behaviors - C2 Use - Central area for control over bots owning a network. Issue command or
interact with specific bots and they report back. Block IPs and commands known for C2
Adversarial Behaviors - DNS tunneling - Popular because DNS is allowed by most firewalls. Register a
domain that points to an attackers server where tunneling malware program is installed. Someone
requests the site & C2 server is resolved where tunneling program is installed. Connection is established
through DNS resolver. Monitor for more DNS traffic than normal.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78998 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now