Exam (elaborations)
CEH v11 Terms | Questions And Answers Latest {} A+ Graded | 100% Verified
- Course
- Institution
CEH v11 Terms | Questions And Answers Latest {} A+ Graded | 100% Verified
[Show more]
Content preview
CEH v11 Terms | Questions And Answers Latest {2024- 2025} A+ Graded | 100% VerifiedAvailability - Assurance that the systems responsible for delivering, storing, and processing information
are accessible when required by the authorized users.
Authenticity - Refers to the characteristic of a communication, document, or any data that ensures the
quality of being genuine.
Active Attacks - These attacks tamper with the data in transit or disrupt communication or services
between the systems to bypass or break into secured systems.
Adversary Behavioral Identification - involves the identification of the common methods or techniques
followed by an adversary to launch attacks on or to penetrate an organization's network.
Active Footprinting - involves gathering information about the target with direct interaction.
ARP Ping Scan - Attackers send ARP request probes to target hosts, and an ARP response indicates that
the host is active.
ACK Flag Probe Scan - Attackers send TCP probe packets set with an ACK flag to a remote device, and
then analyze the header information (TTL and WINDOW field) of received RST packets to determine if
the port is open or closed.
Anonymizer - an intermediate server placed between you as the end user and the website to access the
website on your behalf and make your web surfing activities untraceable
Audio Steganography - refers to hiding secret information in audio files such as .MP3, .RM, and .WAV
Advanced Persistent Threats - defined as a type of network attack, where an attacker gains
unauthorized access to a target network and remains undetected for a long period of time.
,Antivirus Sensor System - An antivirus sensor system is a collection of computer software that detects
and analyzes malicious code threats such as viruses, worms, and Trojans.
Active Sniffing - involves injecting Address Resolution Packets (ARP) into the network to flood the
switch's Content Addressable Memory (CAM) table, which keeps track of host-port connections.
Address Resolution Protocol (ARP) - a stateless protocol used for resolving IP addresses to machine
(MAC) addresses.
ARP Spoofing Attack - involves constructing many forged ARP request and reply packets to overload the
switch.
Application Level Hijacking - refers to gaining control over the HTTP's user session by obtaining the
session IDs.
Anomaly Detection - It detects the intrusion based on the fixed behavioral characteristics of the users
and components in a computer system.
Application-Level Firewall - Application-level gateways (proxies) can filter packets at the application
layer of the OSI model (or the application layer of TCP/IP
Application Proxy - works as a proxy server and filters connections for specific services.
API DDoS Attack - involves saturating an API with a huge volume of traffic from multiple infected
computers (botnet) to delay API services to legitimate users.
Automated Web App Security Testing - It is a technique employed for automating the testing process.
These testing methods and procedures are incorporated into each stage of development to report
feedback constantly.
Application Whitelisting - contains a list of application components such as software libraries, plugins,
extensions, and configuration files, which can be permitted to execute in the system.
,Application Blacklisting - Application blacklisting contains a list of malicious applications or software that
are not permitted to be executed in the system or the network.
Access point (AP) - used to connect wireless devices to a wireless/wired network.
Association - It refers to the process of connecting a wireless device to an AP.
Agent Smith Attack - attacks carried out by luring victims into downloading and installing malicious apps
designed and published by attackers in the form of games, photo editors, or other attractive tools from
third-party app stores such as 9Apps.
Android Rooting - process involves exploiting security vulnerabilities in the device firmware and copying
the SU binary to a location in the current process's PATH (e.g., /system/xbin/su) and granting it
executable permissions with the chmod command.
Asymmetric Encryption - (public-key) uses different encryption keys, which are called public and private
keys for encryption and decryption, respectively.
Advanced Encryption Standard (AES) - a National Institute of Standards and Technology (NIST)
specification for the encryption of electronic data.
Behavioral Indicators - used to identify specific behavior related to malicious activities.
Black Hats - individuals who use their extraordinary computing skills for illegal or malicious purposes
Border Gateway Protocol (BGP) - a routing protocol used to exchange routing and reachability
information between different autonomous systems (AS) present on the Internet.
Brute-Force Attack - attackers try every combination of characters until the password is broken.
Buffer Overflow - A common vulnerability in an applications or programs that accepts more data than
the allocated buffer.
, Baiting - a technique in which attackers offer end users something alluring in exchange for important
information such as login details and other sensitive data.
Botnet - a huge network of compromised systems and can be used by an attacker to launch denial-of-
service attacks.
Broken Access Control - a method in which an attacker identifies a flaw related to access control and
bypasses the authentication, which allows them to compromise the network.
Base64 Encoding - A scheme represents any binary data using only printable ASCII characters.
Bug Bounty Program - a challenge hosted by organizations, websites, or software developers to tech-
savvy individuals or ethical hackers to participate and break into their security to report the latest bugs
and vulnerabilities.
Blind SQL injection - an attacker poses a true or false question to the database to determine whether
the application is vulnerable to SQL injection.
Blacklist Validation - rejects all the malicious inputs that have been disapproved for protected access.
Bandwidth - describes the amount of information that may be broadcast over a connection
Basic service set identifier (BSSID) - It is the media access control (MAC) address of an access point (AP)
or base station that has set up a basic service set (BSS).
Bluetooth - a short-range wireless communication technology that replaces the cables connecting
portable or fixed devices while maintaining high levels of security.
Bluesmacking - An attack that occurs when an attacker sends an oversized ping packet to a victim's
device, causing a buffer overflow.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73314 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now