CEH v10 Exam Questions with A Grade Solutions
NTFS File Streaming - Answer-System Hacking/Covering Tracks. Allows data to be stored in hidden files that are linked to a normal visible file. Streams are not limited in size and there can be more than one stream linked to a normal file. Streams can e...
CEH v10 Exam Questions with A
Grade Solutions
NTFS File Streaming - Answer-System Hacking/Covering Tracks. Allows data to be
stored in hidden files that are linked to a normal visible file. Streams are not limited in
size and there can be more than one stream linked to a normal file. Streams can easily
be created/written to/read from, allowing any trojan or virus author to take advantage of
a hidden file area. Streams are easily be used, and only found with specialized
software.
Rootkit - Answer-A set of software tools used by an attacker to hide the actions or
presence of other types of malicious software.
6 Types of Rootkits - Answer-Hypervisor Level: Modify the boot sequence of a host
system to load a virtual machine at the host OS.
Hardware (Firmware) Hide in hardware devices or firmware.
Boot Loader Level: Replace the boot loader with one controlled by the hacker.
Kernel Level: Attack the boot sectors and kernel level of the OS themselves, replacing
the kernel code with back door code. Most Dangerous
Library Level: Use system level calls to hide their existence.
National Computer Security Center - Answer-A group that created a variety security
manuals and steps, and published them in a book known as the "Rainbow Series."
TCSEC (Orange Book) - Answer-The past U.S. military accepted set of standards and
processes for computer systems evaluation and assurance, which combines function
and assurance requirements
TOE - Answer-Target of Evaluation - what is being evaluated by the Common Criteria
(EAL)
ST - Answer-Security target: The documentation describing the TOE and security
requirements.
PP - Answer-Protection Profile A set of security requirements specifically for the type of
product being tested
Access Control - Answer-restricts access to secure areas
MAC - Answer-Media Access Control A method of access control where security policy
is controlled by a security administrator: users can't set access controls themselves
, DAC - Answer-Discretionary Access Control. An access control model where all objects
have owners and owners can modify permissions for the objects (files and folders).
Microsoft's NTFS uses the DAC model. Other access control models are MAC and
RBAC.
Types of Policies - Answer-Access Control Policy
Information Security Policy
Information Protection Policy
Password Policy
Email Policy
Information Audit Policy
Protection rings - Answer-Level 0 Security Kernel; reference monitor; level 1 and 2;
device drivers; level 3 user mode
OWASP Top 10 - Answer-The Open Web Application Security Project (OWASP) is a
non-profit organization dedicated to providing unbiased, practical information about
application security.
1. Injection
Injection flaws, such as SQL injection, LDAP injection, and CRLF injection, occur when
an attacker sends untrusted data to an interpreter that is executed as a command
without proper authorization.
* Application security testing can easily detect injection flaws. Developers should use
parameterized queries when coding to prevent injection flaws.
2. Broken Authentication and Session Management
Incorrectly configured user and session authentication could allow attackers to
compromise passwords, keys, or session tokens, or take control of users' accounts to
assume their identities.
* Multi-factor authentication, such as FIDO or dedicated apps, reduces the risk of
compromised accounts.
3. Sensitive Data Exposure
Applications and APIs that don't properly protect sensitive data such as financial data,
usernames and passwords, or health information, could enable attackers to access
such information to commit fraud or steal identities.
* Encryption of data at rest and in transit can help you comply with data protection
regulations.
4. XML External Entity
Los beneficios de comprar resúmenes en Stuvia estan en línea:
Garantiza la calidad de los comentarios
Compradores de Stuvia evaluaron más de 700.000 resúmenes. Así estas seguro que compras los mejores documentos!
Compra fácil y rápido
Puedes pagar rápidamente y en una vez con iDeal, tarjeta de crédito o con tu crédito de Stuvia. Sin tener que hacerte miembro.
Enfócate en lo más importante
Tus compañeros escriben los resúmenes. Por eso tienes la seguridad que tienes un resumen actual y confiable.
Así llegas a la conclusión rapidamente!
Preguntas frecuentes
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
100% de satisfacción garantizada: ¿Cómo funciona?
Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for 12,79 €. You're not tied to anything after your purchase.
