Ceh Final Homemade Flash Cards 3x5
Transcript of Ceh Final Homemade Flash Cards 3x5
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 1/583
802.11 standard
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 2/583
The generic name of a family of protocols and standards
used for wireless networking .These standards define the rules for communication .Some, such as 802.11i, are relatively new, whereasothers, such as 802.11a, have been established for
sometime .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 3/583
802.11i standard
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 4/583
An amendment to the 802.11 standard .802.11i uses Wi-Fi Protected Access (WPA) and
Advanced Encryption Standard (AES) as a replacementfor RC4 encryption .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 5/583
Acceptable use policy (AUP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 6/583
A policy that defines what employees, contractors, andthird parties can and cannot do with the organization's IT
infrastructure and its assets . AUPs are common for access to IT resources, systems,applications, Internet access, email access, and so on .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 7/583
Access control lists
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 8/583
An access control list (ACL) is a table or list stored by arouter to control access to and from a network by helpingthe device determine whether to forward or drop packets
that are entering or exiting it .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 9/583
Access creep
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 10/583
Access creep is the result of employees moving from oneposition to another within an organization without losingthe privileges of the old position and at the same time
gaining the additional access privileges of the newposition .
Therefore over time, the employee builds up much moreaccess than he should have .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 11/583
Access point spoofing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 12/583
The act of pretending to be a legitimate access point withthe purpose of tricking individuals to pass traffic by the
fake connection so that it can be captured and analyzed .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 13/583
Accountability
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 14/583
The traceability of actions performed on a system to aspecific system entity or user .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 15/583
Active fingerprint
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 16/583
An active method of identifying the operating system (OS)of a targeted computer or device that involves injecting
traffic into the network .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 17/583
Activity blocker
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 18/583
Alerts the user to out of the ordinary or dangerouscomputer operations, but also it can block their activity .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 19/583
Address resolution protocol (ARP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 20/583
Protocol used to map a known Internet Protocol (IP)address to an unknown physical address on the local
network . As an example, IPv4 uses 32-bit addresses,whereas Ethernet uses 48-bit media access control (MAC)
addresses . The ARP process is capable of taking theknown IP address that is being passed down the stackand using it to resolve the unknown MAC address bymeans of a broadcast message . This information is
helpful in an ARP cache .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 21/583
Ad hoc mode
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 22/583
An individual wireless computer in ad hoc operation modeon a wireless LAN (WLAN) can communicate directly toother client units . No access point is required . Ad hocoperation is ideal for small networks of no more than two
to four computers .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 23/583
Adware
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 24/583
A software program that automatically forces pop-upwindows of Internet marketing messages to users'
browsers on their workstation devices Adware is differentfrom spyware in that adware does not examine a user's
individual browser usage and does not examine thisinformation on a user's browser .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 25/583
Algorithm
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 26/583
A mathematical procedure used for solving a problem .Used for the encryption and decryption of information and
data .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 27/583
Annualized loss expectancy (ALE)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 28/583
The ALE is an annual expected financial loss to anorganization's IT asset because of a particular threat being
realized within that same calendar year . Single lossexpectancy (SLE) x annualized rate of occurrence (ARO)
= ALE .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 29/583
Anomaly detection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 30/583
A type of intrusion detection that looks at behaviors thatare not normal or within standard activity . These unusualpatterns are identified as suspicious . Anomaly detection
has the capability of detecting all kinds of attacks,including ones that are unknown . Its vulnerability is that it
can produce a high rate of false positives .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 31/583
Appenders
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 32/583
A virus infection type that places the virus code at the endof the infected file .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 33/583
Assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 34/583
An evaluation and/or valuation of IT assets based onpredefined measurement or evaluation criteria . This
typically requires an accounting or auditing firm to conductan assessment, such as a risk or vulnerability assessment
.
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 35/583
Asset
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 36/583
Anything of value owned or possessed by an individual or business .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 37/583
Asymmetric algorithm
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 38/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 39/583
Audit
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 40/583
A professional examination and verification performed byeither an independent party or internal team to examine acompany's accounting documents and supporting data .
Audits conform to a specific and formal methodology andspecify how an investigation is to be conducted with
specific reporting elements and metrics being examined(such as a financial audit according to Public Accounting
and Auditing Guidelines and Procedures) .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 41/583
Authentication
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 42/583
A method that enables you to identify someone . Authentication verifies the identity and legitimacy of the
individual to access the system and its resources.Common authentication methods include passwords,
tokens, and biometric systems .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 43/583
Authorization
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 44/583
The process of granting or denying access to a networkresource based on the user's credentials .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 45/583
Availability
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 46/583
Ensures that the systems responsible for delivering,storing, and processing data are available and accessibleas needed by individuals who are authorized to use the
resources .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 47/583
Backdoor
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 48/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 49/583
Back orifice
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 50/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 51/583
Base64
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 52/583
A coding process used to encode data in some emailapplications . Because it is not true encryption, it can be
easily broken .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 53/583
Baseline
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 54/583
A consistent or established base that is used to build aminimum acceptable level of security .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 55/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 56/583
A method of verifying a person's identify for authenticationby analyzing a unique physical attribute of the individual,
such as a fingerprint, retinal scanning, or palm print .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 57/583
Blackbox testing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 58/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 59/583
Block cipher
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 60/583
An encryption scheme in which the data is divided intofixed-size blockseach of which is encrypted independently
of the others .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 61/583
Blowfish
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 62/583
Blowfish was designed as a replacement for DES or IDEA. Since its release in 1993, it has been gaining
acceptance as a fast strong encryption standard . It takesa variable length key that can range from 32 to 448 bits .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 63/583
Bluejacking
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 64/583
The act of sending unsolicited messages, pictures, or information to a Bluetooth user .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 65/583
Bluesnarfing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 66/583
The theft of information from a wireless device throughBluetooth connection .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 67/583
Bluetooth
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 68/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 69/583
Bollards
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 70/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 71/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 72/583
A term used to describe robot-controlled workstations thatare part of a collection of other robot-controlled
workstations . These have been created with a Trojan for the purpose of starting up an IRC client and connecting to
an IRC server . Once connected, these devices canlaunch huge amounts of spam or even cause a denial of
service against the IRC server .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 73/583
Brain virus
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 74/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 75/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 76/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 77/583
Buffer
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 78/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 79/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 80/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 81/583
Business continuity planning
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 82/583
A system or methodology to create a plan for how anorganization will resume partially or completely interrupted
critical functions within a predetermined time after adisaster or disruption occurs . The goal is to keep critical
business functions operational .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 83/583
Business impact analysis (BIA)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 84/583
A component of the business continuity plan . The BIAlooks at all the components that an organization relies onfor continued functionality . It seeks to distinguish which
are more crucial than others and requires a greater allocation of funds in the wake of a disaster .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 85/583
Catastrophe
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 86/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 87/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 88/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 89/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 90/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 91/583
Challenge handshake authentication protocol (CHAP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 92/583
A secure method for connecting to a system . CHAP is a form of authentication that functions by using
an authentication agent, usually a network server, to sendthe client an ID value and a random value that is used
only one time . Both the server and client share apredefined secret . The client concatenates the randomvalue, which is usually called a nonce, the ID, and the
secret and calculates a one-way hash using MD5 . Thisresulting hash value is sent to the server, which builds the
same string and compares the result with the valuereceived from the client . If the values match, the peer is
authenticated .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 93/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 94/583
Plain text or cleartext is what you have before encryption,and ciphertext is the encrypted result that is scrambled
into an unreadable form .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 95/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 96/583
The point at which an alarm threshold or trigger occurs. As an example, a clipping level of three logon attempts
might be set . After three attempted logons, you arelocked out. Therefore, the clipping level was three .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 97/583
Cloning
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 98/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 99/583
Closed-Circuit Television (CCTV)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 100/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 101/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 102/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 103/583
CNAMES
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 104/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 105/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 106/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 107/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 108/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 109/583
Combination locks
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 110/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 111/583
Computer emergency response team (CERT)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 112/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 113/583
Confidentiality
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 114/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 115/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 116/583
An agreement that employees, contractors, or third-partyusers must read and sign before being granted access
rights and privileges to the organization's IT infrastructureand its assets .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 117/583
Contingency planning
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 118/583
The process of preparing to deal with calamities and non-calamitous situations before they occur so that the effects
are minimized .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 119/583
Cookies
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 120/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 121/583
Copyright
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 122/583
The legal protection given to authors or creators thatprotects their expressions on a specific subject from
unauthorized copying . It is applied to books, paintings,movies, literary works, or any other medium of use .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 123/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 124/583
Internal controls designed to resolve problems soon after they arise .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 125/583
Covert channel
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 126/583
An unintended communication path that enables aprocess to transfer information in such a way that violates
a system's security policy .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 127/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 128/583
A term derived from "criminal hacker," indicating someonewho acts in an illegal manner .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 129/583
Criminal law
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 130/583
Laws pertaining to crimes against the state or conductdetrimental to society . These violations of criminal
statues are punishable by law and can include monetarypenalties and jail time .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 131/583
Criticality
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 132/583
The quality, state, degree, or measurement of the highestimportance .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 133/583
Crossover error rate (CER)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 134/583
The CER is a comparison measurement for different bio-metric devices and technologies to measure their accuracy . The CER is the point at which False
Acceptance Rate (FAR) and False Rejection Rate (FRR)are equal, or cross over. The lower the CER, the more
accurate the biometric system .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 135/583
Cryptographic key
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 136/583
The piece of information that controls the cryptographicalgorithm . The key specifies how the cleartext is turnedinto ciphertext or vice versa . For example, a DES key is
a 64-bit parameter consisting of 56 independent bits and 8bits that are used for parity .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 137/583
Data Encryption Standard (DES)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 138/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 139/583
Defense in depth
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 140/583
The process of multilayered security . The layers can beadministrative, technical, or logical . As an example of logical security, you might add a firewall, encryption,
packet filtering, IPSec, and a demilitarized zone (DMZ) tostart to build defense in depth .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 141/583
Demilitarized zone (DMZ)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 142/583
The middle ground between a trusted internal network andan untrusted, external network . Services that internal and
external users must use are typically placed there, suchas HTTP .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 143/583
Denial of service (DoS)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 144/583
The process of having network resources, services, andbandwidth reduced or eliminated because of unwanted or
malicious traffic . This attack's goal is to render thenetwork or system non-functional . Some examples
include ping of death, SYN flood, IP spoofing, and Smurf attacks .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 145/583
Destruction
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 146/583
Destroying data and information or depriving informationfrom the legitimate user .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 147/583
Detective controls
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 148/583
Controls that identify undesirable events that haveoccurred .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 149/583
Digital certificate
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 150/583
Usually issued by trusted third parties, a digital certificatecontains the name of a user or server, a digital signature,a public key, and other elements used in authentication
and encryption .X.509 is the most common type of digital certificate .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 151/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 152/583
An electronic signature that can be used to authenticatethe identity of the sender of a message . It is created by
encrypting a hash of a message or document with aprivate key . The message to be sent is passed through ahashing algorithm; the resulting message digest or hash
value is then encrypted using the sender private key .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 153/583
Digital watermark
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 154/583
A technique that adds hidden copyright information to adocument, picture, or sound file . This can be used toallow an individual working with electronic data to add
hidden copyright notices or other verification messages todigital audio, video, or image signals and documents .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 155/583
Disaster
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 156/583
A natural or man-made event that can include fire, flood,storm, and equipment failure that negatively affects an
industry or facility .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 157/583
Discretionary access control (DAC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 158/583
An access policy that allows the resource owner todetermine access .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 159/583
Distributed denial of service (DDoS)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 160/583
Similar to denial of service (DoS), except that the attack islaunched from multiple, distributed agent IP devices .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 161/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 162/583
A hierarchy of Internet servers that translate alphanumericdomain names into IP addresses and vice versa .
Because domain names are alphanumeric, it's easier toremember these names than IP addresses .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 163/583
Droppers
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 164/583
A Trojan horse or program designed to drop a virus to theinfected computer and then execute it .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 165/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 166/583
The standard of conduct taken by a reasonable andprudent person . When you see the term due care, thinkof the first letter of each word and remember "do correct"
because due care is about the actions that you take toreduce risk and keep it at that level .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 167/583
Due diligence
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 168/583
The execution of due care over time . When you see theterm due diligence, think of the first letter of each word
and remember "do detect" because due diligence is aboutfinding the threats an organization faces . This is
accomplished by using standards, best practices, andchecklists .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 169/583
Dumpster diving
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 170/583
The practice of rummaging through the trash of a potentialtarget or victim to gain useful information .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 171/583
Eavesdropping
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 172/583
The unauthorized capture and reading of network traffic or other type of network communication device .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 173/583
Echo reply
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 174/583
Used by the ping command to test networks . The secondpart of an Internet Control Message Protocol (ICMP) .
Ping, officially a type 0 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 175/583
Echo request
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 176/583
Makes use of an ICMP Echo request packet, which will beanswered to using an ICMP Echo Reply packet . The first
part of ICMP Ping, which is officially a type 8 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 177/583
EDGAR database
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 178/583
EDGAR is the Electronic Data Gathering, Analysis andRetrieval System used by the Securities and Exchange
Commission for storage of public company filings . It is apotential source of information by hackers .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 179/583
Electronic Code Book (ECB)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 180/583
A symmetric block cipher that is one of the modes of Dataencryption standard (DES) . ECB is considered the
weakest mode of DES . When used, the same plain-textinput will result in the same encrypted text output .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 181/583
Electronic serial number
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 182/583
A unique ID number embedded in a cell phone by themanufacturer to minimize chance of fraud and to identify aspecific cell phone when it is turned on and a request to
join a cellular network is sent over the air .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 183/583
Encryption
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 184/583
The science of turning plain text into cipher text .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 185/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 186/583
This is the software license that software vendors createto protect and limit their liability, as well as hold thepurchaser liable for illegal pirating of the software
application . The EULA typically contains language thatprotects the software manufacturer from software bugs
and flaws and limits the liability of the vendor .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 187/583
Enterprise vulnerability management
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 188/583
The overall responsibility and management of vulnerabilities within an organization and how that
management of vulnerabilities will be achieved throughdissemination of duties throughout the IT organization .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 189/583
Ethical hack
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 190/583
A term used to describe a type of hack that is done to helpa company or individual identify potential threats on the
organization's IT infrastructure or network . Ethicalhackers must obey rules of engagement, do no harm, and
stay within legal boundaries .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 191/583
Ethical hacker
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 192/583
A security professional who legally attempts to break in toa computer system or network to find its vulnerabilities .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 193/583
Evasion
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 194/583
The act of performing activities to avoid detection .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 195/583
Exploit
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 196/583
An attack on a computer system, especially one that takesadvantage of a particular vulnerability that the system
offers to intruders .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 197/583
Exposure factor
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 198/583
This is a value calculated by determining the percentageof loss to a specific asset because of a specific threat . Asan example, if a fire were to hit the Houston data center that has an asset value of $250,000, it is believed thatthere would be a 50% loss or exposure factor . Adding
additional fire controls could reduce this figure .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 199/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 200/583
A method of authentication that can support multipleauthentication methods, such as tokens, smart card,
certificates, and onetime passwords .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 201/583
F Fail safe
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 202/583
In the logical sense, fail safe means the process of discovering a system error, terminating the process, andpreventing the system from being compromised . In the
physical realm, it could be that an electrical powered door relay remains in the locked position if power is lost .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 203/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 204/583
This measurement evaluates the likelihood that abiometric access control system will wrongly accept an
unauthorized user .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 205/583
False rejection rate (FRR)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 206/583
This measurement evaluates the likelihood that abiometric access control system will reject a legitimate
user .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 207/583
Fast infection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 208/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 209/583
First in First Out (FIFO)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 210/583
A method of data and information storage in which thedata stored for the longest time will be retrieved first .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 211/583
File infector
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 212/583
A type of virus that copies itself into executable programs .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 213/583
Finger
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 214/583
On some UNIX systems, finger identifies who is logged onand active and sometimes provides personal information
about that individual .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 215/583
Firewall
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 216/583
Security system in hardware or software form that is usedto manage and control both network connectivity and
network services . Firewalls act as chokepoints for trafficentering and leaving the network, and prevent unrestricted
access . Firewalls can be stateful or stateless .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 217/583
Flooding
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 218/583
The process of overloading the network with traffic so thatno legitimate traffic or activity can occur .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 219/583
G Gap analysis
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 220/583
The analysis of the differences between two differentstates, often for the purpose of determining how to getfrom point A to point B; therefore, the aim is to look at
ways to bridge the gap . Used when performing auditsand risk assessments .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 221/583
Gentle scan
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 222/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 223/583
Graphical Identification and Authentication (GINA)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 224/583
Used by Microsoft during the login and authenticationprocess . GINA is a user-mode DLL that runs in the
Winlogon process and that Winlogon uses to obtain auser's name and password or smart card PIN .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 225/583
Graybox testing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 226/583
Testing that occurs with only partial knowledge of thenetwork or that is performed to see what internal users
have access to .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 227/583
Guidelines
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 228/583
Much like standards, these are recommendation actionsand operational guides for users .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 229/583
H Hardware keystroke logger
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 230/583
A form of key logger that is a hardware device . Onceplaced on the system, it is hard to detect without a
physical inspection .It can be plugged in to the keyboardconnector or built in to the keyboard .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 231/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 232/583
A mathematical algorithm used to ensure that atransmitted message has not been tampered with . Aone-way algorithm which maps or translates one set of
bits into a fixed length value that can be used to uniquelyidentify data .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 233/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 234/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 235/583
Heuristic scanning
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 236/583
A form of virus scanning that looks at irregular activity byprograms . As an example, a heuristic scanner would flaga word processing program that attempted to format the
hard drive, as that is not normal activity .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 237/583
Honeypot
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 238/583
An Internet-attached server that acts as a decoy, luring inpotential hackers to study their activities and monitor how
they are able to break in to a system .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 239/583
I Internet Assigned Number Authority (IANA)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 240/583
A primary governing body for Internet networking . IANAoversees three key aspects of the Internet: top-level
domains (TLDs), IP address allocation, and port number assignments . IANA is tasked with preserving the centralcoordinating functions of the Internet for the public good.Used by hackers and security specialists to track down
domain owners and their contact details .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 241/583
Identify theft
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 242/583
An attack in which an individual's personal, confidential,banking, and financial identify is stolen and compromised
by another individual or individuals . Use of your socialsecurity number without your consent or permission might
result in identify theft .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 243/583
Impact
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 244/583
This term can be best defined as an attempt to identify theextent of the consequences should a given event occur .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 245/583
Inference
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 246/583
The ability to deduce information about data or activities towhich the subject does not have access .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 247/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 248/583
This form of attack relies on the attacker's ability to makelogical connections between seemingly unrelated pieces
of information .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 249/583
Information technology security evaluation criteria(ITSEC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 250/583
A European standard that was developed in the 1980s toevaluate confidentiality, integrity, and availability of an
entire system .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 251/583
Infrastructure mode
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 252/583
A form of wireless networking in which wireless stationscommunicate with each other by first going through an
access point .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 253/583
Initial sequence number (ISN)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 254/583
A number defined during a Transmission Control Protocol(TCP) startup session . The ISN is used to keep track of
how much information has been moved and is of particular interest to hackers, as the sequence number is used in
session hijacking attacks .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 255/583
Insecure computing habits
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 256/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 257/583
Integrity
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 258/583
One of the three items considered part of the securitytriad; the others are confidentiality and availability .
Integrity is used to verify the accuracy and completenessof an item .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 259/583
Internet control message protocol (ICMP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 260/583
Part of TCP/IP that supports diagnostics and error control. ICMP echo request and ICMP echo reply are subtypes of
the ICMP protocol used within the PING utility .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 261/583
Intrusion detection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 262/583
A key component of security that includes prevention,detection, and response . It is used to detect anomalies or
known patterns of attack .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 263/583
Intrusion detection system (IDS)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 264/583
A network-monitoring device typically installed at Internetingress/egress points used to inspect inbound and
outbound network activity and identify suspicious patternsthat might indicate a network or system attack fromsomeone attempting to break in to or compromise a
system .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 265/583
Inverse SYN cookies
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 266/583
A method for tracking the state of a connection, whichtakes the source address and port, along with the
destination address and port, and then through a SHA-1hashing algorithm . This value becomes the initial
sequence number for the outgoing packet .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 267/583
ISO 17799
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 268/583
A comprehensive security standard that is divided into 10sections . It is considered a leading standard and a code
of practice for information security management .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 269/583
IPSec
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 270/583
Short for IP Security . An IETF standard used to secureTCP/IP traffic . It can be implemented to provide integrity
and confidentiality .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 271/583
IT asset criticality
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 272/583
The act of putting a criticality factor or importance value(Critical, Major, or Minor) in an IT asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 273/583
IT asset valuation
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 274/583
The act of putting a monetary value to an IT asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 275/583
IT infrastructure
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 276/583
A general term to encompass all information technologyassets (hardware, software, data), components, systems,
applications, and resources .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 277/583
IT security architecture and framework
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 278/583
A document that defines the policies, standards,procedures, and guidelines for information security .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 279/583
K Key exchange protocol
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 280/583
A protocol used to exchange secret keys for the facilitationof encrypted communication .Diffie-Hellman is an example
of a key exchange protocol .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 281/583
L Lehigh
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 282/583
An early file infector virus that only infected command.com. It didn't increase the size of the program, as it writes
information in slack space . It is a destructive virus in thatit destroys the disk when a counter reaches a specific
number of infections .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 283/583
Level I assessments
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 284/583
This type of vulnerability assessment examines thecontrols implemented to protect information in storage,
transmission, or being processed . It involves no hands-on testing . It is a review of the process and procedures in
place and focuses on interviews and demonstrations .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 285/583
Level II assessments
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 286/583
This type of assessment is more in depth than a level I .Level II assessments include vulnerability scans and
hands-on testing .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 287/583
Level III assessments
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 288/583
This type of assessment is adversarial in nature and isalso known as a penetration test or red team exercise . Itis an attempt to find and exploit vulnerabilities . It seeks to
determine what a malicious user or outsider could do if intent on damaging the organization . Level III
assessments are not focused on documentation or simplevulnerable scans; they are targeted on seeking how
hackers can break into a network .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 289/583
Last in First Out (LIFO)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 290/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 291/583
Limitation of liability and remedies
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 292/583
A legal term that limits the organization from the amount of financial liability and the limitation of the remedies the
organization is legally willing to take on .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 293/583
M MAC filtering
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 294/583
A method controlling access on a wired or wirelessnetwork by denying access to a device that has a MAC
address that does not match a MAC address in apreapproved list .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 295/583
MacMag
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 296/583
An early example of an Apple-Mac virus . MacMagdisplays a message of universal peace when triggered .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 297/583
Macro infector
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 298/583
A type of computer virus that infects macro files . I LoveYou and Melissa are both examples of macro viruses .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 299/583
Man-in-the-middle attack
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 300/583
A type of attack in which the attacker can read, insert, andchange information that is being passed between two
parties, without either party knowing that the informationhas been compromised .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 301/583
Man made threats
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 302/583
Threats that are caused by humans, such as hacker attack, terrorism, or destruction of property .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 303/583
Mandatory access control (MAC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 304/583
A means of restricting access to objects based on thesensitivity (as represented by a label) of the information
contained in the objects and the formal authorization (suchas clearance) of subjects to access information of such
sensitivity .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 305/583
Mantrap
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 306/583
A turnstile or other gated apparatus used to detain anindividual between a trusted state and an untrusted state
for authentication .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 307/583
Master boot record infector
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 308/583
A virus that infects a master boot record .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 309/583
The Matrix
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 310/583
A movie about a computer hacker who learns frommysterious rebels about the true nature of his reality and
his role in the Matrix machine .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 311/583
A favorite movie of hackers! Media access control(MAC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 312/583
The hard-coded address of the physical layer device thatis attached to the network . In an Ethernet network, the
address is 48-bits or 6-bytes long .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 313/583
MD5
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 314/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 315/583
Methodology
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 316/583
A set of documented procedures used for performingactivities in a consistent, accountable, and repeatable
manner .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 317/583
Minimum acceptable level of risk
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 318/583
The stake in the ground that an organization defines for the seven areas of information security responsibility .Depending on the goals and objectives for maintaining
confidentiality, integrity, and availability of the ITinfrastructure and its assets, the minimum level of
acceptable risk will dictate the amount of informationsecurity .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 319/583
Moore's law
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 320/583
The belief that processing power of computers will doubleabout every 18 months .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 321/583
Multipartite virus
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 322/583
A virus that attempts to attack both the boot sector andexecutable files .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 323/583
N Natural threats
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 324/583
Threats posed by Mother Nature, such as fire, floods, andstorms .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 325/583
NetBus
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 326/583
A backdoor Trojan that allows an attacker completecontrol of the victim's computer .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 327/583
Network address translation (NAT)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 328/583
A method of connecting multiple computers to the Internetusing one IP address so that many private addresses are
being converted to a single public address .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 329/583
Network operations center (NOC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 330/583
An organization's help desk or interface to its end users inwhich trouble calls, questions, and trouble tickets are
generated .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 331/583
NIST 800-42
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 332/583
The purpose of this document is to provide guidance onnetwork security testing . It deals mainly with techniques
and tools used to secure systems connected to theInternet .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 333/583
Non-attribution
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 334/583
The act of not providing a reference to a source of information .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 335/583
Non-repudiation
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 336/583
A system or method put in place to ensure that anindividual cannot deny his own actions .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 337/583
NSA IAM
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 338/583
The National Security Agency (NSA) Information Security Assessment Methodology (IAM) is a systematic processused by government agencies and private organizations
for the assessment of security vulnerabilities .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 339/583
nslookup
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 340/583
A standard UNIX, Linux, and Windows tool for queryingname servers .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 341/583
Null session
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 342/583
A Windows feature in which anonymous logon users canlist domain usernames, account information, and
enumerate share names .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 343/583
O One-time pad
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 344/583
An encryption mechanism that can be used only once,and this is, theoretically, unbreakable . One-time pads
function by combining plain text with a random pad that isthe same length as the plain text .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 345/583
Open source
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 346/583
Open-source software is based on the GNU GeneralPublic License . Software that is open source is released
under an open-source license or to the public domain .The source code can be seen and can be modified . Its
name is a recursive acronym for "GNU's Not UNIX."
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 347/583
OS (Operating System) identification
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 348/583
The practice of identifying the operating system of anetworked device through either passive or active
techniques .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 349/583
P Packet filter
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 350/583
A form of stateless inspection performed by some firewallsand routers . Packet filters limit the flow of traffic based onpredetermined access control lists (ACLs) . Parameters,
such as source, destination, or port, can be filtered or blocked by a packet filter .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 351/583
Paper shredders
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 352/583
A hardware device used for destroying paper anddocuments by shredding to prevent dumpster diving .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 353/583
Passive fingerprint
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 354/583
A passive method of identifying the operating system (OS)of a targeted computer or device . No traffic or packets
are injected into the network; attackers simply listen to andanalyze existing traffic .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 355/583
Password authentication protocol (PAP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 356/583
A form of authentication in which clear-text usernamesand passwords are passed .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 357/583
Pattern matching
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 358/583
A method of identifying malicious traffic used by IDSsystems . It is also called signature matching and works
by matching traffic against signatures stored in a database.
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 359/583
Penetration test
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 360/583
A method of evaluating the security of a network or computer system by simulating an attack by a malicious
hacker without doing harm and with the owner's consent .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 361/583
Personal area networks
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 362/583
Used when discussing Bluetooth devices . Refers to theconnection that can be made with Bluetooth between
these various devices .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 363/583
Phishing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 364/583
The act of misleading or conning an individual intoreleasing and providing personal and confidential
information to an attacker masquerading as a legitimateindividual or business . Typically, this is done by sendingsomeone an email that requests the victim to follow a link
to a bogus website .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 365/583
Piggybacking
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 366/583
A method of gaining unauthorized access into a facility byfollowing an authorized employee through a controlled
access point or door .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 367/583
Ping sweep
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 368/583
The process of sending ping requests to a series of devices or to the entire range of networked devices .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 369/583
Policy
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 370/583
A high-level document that dictates managementintentions toward security .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 371/583
Polymorphic virus
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 372/583
A virus capable of change and self mutation .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 373/583
POP
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 374/583
POP (Post Office Protocol) is a commonly implementedmethod of delivering email from the mail server to the
client machine . Other methods include Internet Message Access Protocol (IMAP) and Microsoft Exchange .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 375/583
Ports
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 376/583
Ports are used by protocols and applications . Portnumbers are divided into three ranges including: Well
Known Ports, Registered Ports, and the Dynamic and/or Private Ports . Well Known Ports are those from 01023 .
Registered Ports are those from 102449151, and Dynamicand/or Private Ports are those from 4915265535 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 377/583
Port knocking
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 378/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 379/583
Port redirection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 380/583
The process of redirecting one protocol from an existingport to another .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 381/583
Prependers
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 382/583
A virus type that adds the virus code to the beginning of existing executables .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 383/583
Preventative controls
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 384/583
Controls that reduce risk and are used to preventundesirable events from happening .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 385/583
Probability
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 386/583
The likelihood of an event happening .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 387/583
Procedure
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 388/583
A detailed, in-depth, step-by-step document that lays outexactly what is to be done and how it is to be
accomplished .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 389/583
Promiscuous mode
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 390/583
The act of changing your network adapter from its normalmode of examining traffic that only matches its address toexamining all traffic . Promiscuous mode enables a singledevice to intercept and read all packets that arrive at theinterface in their entirety; these packets may or may not
have been destined for this particular target .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 391/583
Proxy server
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 392/583
Proxy servers stand in place of, and are a type of, firewall. They are used to improve performance and for added
security . A proxy server intercepts all requests to the realserver to see if it can fulfill the requests itself . If not, it
forwards the request to the real server .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 393/583
Public key infrastructure (PKI)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 394/583
Infrastructure used to facilitate e-commerce and build trust. PKI is composed of hardware, software, people,
policies, and procedures; it is used to create, manage,store, distribute, and revoke public key certificates . PKI is
based on public-key cryptography .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 395/583
Q Qaz
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 396/583
A Trojan program that infects Notepad .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 397/583
Qualitative analysis
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 398/583
A weighted factor or non-monetary evaluation andanalysis based on a weighting or criticality factor valuation
as part of the evaluation or analysis .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 399/583
Qualitative assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 400/583
An analysis of risk that places the probability results intoterms such as none, low, medium, and high .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 401/583
Qualitative risk assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 402/583
A scenariobased assessment in which one scenario isexamined and assessed for each critical or major threat to
an IT asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 403/583
Quantitative analysis
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 404/583
A numerical evaluation and analysis based on monetaryor dollar valuation as part of the evaluation or analysis .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 405/583
Quantitative risk assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 406/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 407/583
R Redundant Array of Independent Disks (RAID)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 408/583
A type of fault tolerance and performance improvement for disk drives that employ two or more drives in combination
.
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 409/583
RAM resident infection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 410/583
A type of virus that spreads through RAM .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 411/583
Red team
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 412/583
A group of ethical hackers who help organizations toexplore network and system vulnerabilities by means of
penetration testing .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 413/583
Rijndael
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 414/583
A symmetric encryption algorithm chosen to be the Advanced Encryption Standard (AES) .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 415/583
Risk
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 416/583
The exposure or potential for loss or damage to IT assetswithin that IT infrastructure .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 417/583
Risk acceptance
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 418/583
An informed decision to suffer the consequences of likelyevents .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 419/583
Risk assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 420/583
A process for evaluating the exposure or potential loss or damage to the IT and data assets for an organization .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 421/583
Risk avoidance
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 422/583
A decision to take action to avoid a risk .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 423/583
Risk management
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 424/583
The overall responsibility and management of risk withinan organization . Risk management is the responsibility
and dissemination of roles, responsibilities, andaccountabilities for risk in an organization .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 425/583
Risk transference
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 426/583
Shifting the responsibility or burden to another party or individual .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 427/583
Rogue access point
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 428/583
A 802.11 access point that has been set up by an attacker for the purpose of diverting legitimate users so that their
traffic can be sniffed or manipulated .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 429/583
Routing Information Protocol (RIP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 430/583
A widely used distance-vector protocol that determines thebest route by hop count .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 431/583
Role-based access control
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 432/583
A type of discretionary access control in which users areplaced into groups to facilitate management . This type of
access control is widely used by Microsoft ActiveDirectory, Oracle DBMS, and SAP R/3 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 433/583
Rule-based access control
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 434/583
A type of mandatory access control that matches objectsto subjects . It dynamically assigns roles to subjects
based on their attributes and a set of rules defined by asecurity policy .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 435/583
S Scope creep
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 436/583
This is the uncontrolled change in the project's scope . Itcauses the assessment to drift away from its originalscope and results in budget and schedule overruns .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 437/583
Script kiddie
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 438/583
The lowest form of cracker who looks for easy targets or well-worn vulnerabilities .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 439/583
Security breach or security incident
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 440/583
The result of a threat or vulnerability being exploited by anattacker .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 441/583
Security bulletins
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 442/583
A memorandum or message from a software vendor or manufacturer documenting a known security defect in the
software or application itself . Security bulletins aretypically accompanied with instructions for loading a
software patch to mitigate the security defect or softwarevulnerability .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 443/583
Security by obscurity
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 444/583
The controversial use of secrecy to ensure security .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 445/583
Security controls
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 446/583
Policies, standards, procedures, and guideline definitionsfor various security control areas or topics .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 447/583
Security countermeasure
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 448/583
A security hardware or software technology solution that isdeployed to ensure the confidentiality, integrity, and
availability of IT assets that need protection .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 449/583
Security defect
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 450/583
A security defect is usually an unidentified andundocumented deficiency in a product or piece of software
that ultimately results in a security vulnerability beingidentified .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 451/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 452/583
A team of professionals who usually encompasses HumanResources, Legal, IT, and IT Security to appropriatelyrespond to critical, major, and minor security breaches
and security incidents that the organization encounters .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 453/583
Security kernel
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 454/583
A combination of software, hardware, and firmware thatmakes up the Trusted Computer Base (TCB) . The TCBmediates all access, must be verifiable as correct, and is
protected from modification .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 455/583
Security workflow definitions
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 456/583
Given the defense-in-depth, layered approach toinformation security roles, tasks, responsibilities, and
accountabilities, a security workflow definition is aflowchart that defines the communications, checks and
balances, and domain of responsibility and accountabilityfor the organization's IT and IT security staff .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 457/583
Separation of duties
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 458/583
Given the seven areas of information securityresponsibility, separation of duties defines the roles, tasks,
responsibilities, and accountabilities for informationsecurity uniquely for the different duties of the IT staff and
IT security staff .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 459/583
Service level agreements (SLAs)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 460/583
A contractual agreement between an organization and itsservice provider . SLAs define and protect the
organization with regard to holding the service provider accountable for the requirements as defined in an SLA .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 461/583
Service Set ID (SSID)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 462/583
The SSID is a sequence of up to 32 letters or numbersthat is the ID, or name, of a wireless local area network
and is used to differentiate networks .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 463/583
Session splicing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 464/583
Used to avoid detection by an Intrusion Detection System(IDS) by sending parts of the request in different packets .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 465/583
SHA-1
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 466/583
A hashing algorithm that produces a 160-bit output . SHA-1 was designed by the National Security Agency (NSA)
and is defined in RFC 3174 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 467/583
Sheepdip
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 468/583
The process of scanning for viruses on a standalonecomputer .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 469/583
Shoulder surfing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 470/583
The act of looking over someone's shoulder to steal their password, capturing a phone pin, card number, and other
type of information as well .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 471/583
Signature scanning
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 472/583
One of the most basic ways of scanning for computer viruses, it works by comparing suspect files and programs
to signatures of known viruses stored in a database .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 473/583
Simple Network Monitoring Protocol (SNMP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 474/583
An application layer protocol that facilitates the exchangeof management information between network devices .
The first version of SNMP, V1, uses well-knowncommunity strings of public and private . Version 3 offers
encryption .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 475/583
Single loss expectancy (SLE)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 476/583
A dollar-value figure that represents an organization's lossfrom a single loss or loss of this particular IT asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 477/583
Site survey
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 478/583
The process of determining the optimum placement of wireless access points . The objective of the site survey isto create an accurate wireless system design/layout and
budgetary quote .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 479/583
Smurf attack
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 480/583
A distributed denial of service (DDoS) attack in which anattacker transmits large amounts of Internet Control
Message Protocol (ICMP) echo request (PING) packets toa targeted IP destination device using the targeted
destination's IP source address . This is called spoofingthe IP source address . IP routers and other IP devices
that respond to broadcasts will respond back to thetargeted IP device with ICMP echo replies, which
multiplies the amount of bogus traffic .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 481/583
Sniffer
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 482/583
A hardware or software device that can be used tointercept and decode network traffic .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 483/583
Social engineering
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 484/583
The practice of tricking employees into revealing sensitivedata about their computer system or infrastructure . This
type of attack targets people and is the art of humanmanipulation . Even when systems are physically well
protected, social engineering attacks are possible .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 485/583
Software bugs or software flaws
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 486/583
An error in software coding or its design that can result insoftware vulnerability .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 487/583
Software vulnerability standard
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 488/583
A standard that accompanies an organization'sVulnerability Assessment and Management Policy . Thisstandard typically defines the organization's vulnerabilitywindow definition and how the organization is to providesoftware vulnerability management and software patch
management throughout the enterprise .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 489/583
Spamming
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 490/583
The use of any electronic communication's medium tosend unsolicited messages in bulk . Spamming is a major
irritation of the Internet era .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 491/583
Spoofing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 492/583
The act of masking your identity and pretending to besomeone else or another device . Common spoofingmethods include Address Resolution Protocol (ARP),
Domain Name Server (DNS), and Internet Protocol (IP) .Spoofing is also implemented by email in what is
described as phishing schemes .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 493/583
Spyware
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 494/583
Any software application that covertly gathers informationabout a user's Internet usage and activity and then
exploits this information by sending adware and pop-upads similar in nature to the user's Internet usage history .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 495/583
Stateful inspection
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 496/583
An advanced firewall architecture that works at thenetwork layer and keeps track of packet activity . Statefulinspection has the capability to keep track of the state of the connection . For example, if a domain name service
(DNS) reply is being sent into the network, statefulinspection can check to see whether a DNS request had
previously been sent, as replies only follow requests .Should evidence of a request not be found by statefulinspection, the device will know that the DNS packetshould not be allowed in and is potentially malicious .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 497/583
Steganography
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 498/583
A cryptographic method of hiding the existence of amessage . A commonly used form of steganography
places information in pictures .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 499/583
Stream cipher
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 500/583
Encrypts data typically one bit or byte at a time .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 501/583
Symmetric algorithm
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 502/583
Both parties use the same cryptographic key .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 503/583
Symmetric encryption
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 504/583
An encryption standard requiring that all parties have acopy of a shared key . A single key is used for both
encryption and decryption .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 505/583
SYN flood attack
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 506/583
A distributed denial of service (DDoS) attack in which theattacker sends a succession of SYN packets with a spoof address to a targeted destination IP device but does notsend the last ACK packet to acknowledge and confirm
receipt . This leaves half-open connections between theclient and the server until all resources are absorbed,
rendering the server or targeted IP destination device asunavailable because of resource allocation to this attack .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 507/583
Synchronize sequence number
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 508/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 509/583
T TACACS
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 510/583
A UDP-based access-control protocol that providesauthentication, authorization, and accountability .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 511/583
Target of engagement (TOE)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 512/583
The TOE is a term developed for use with common criteriaand is used by EC-Council to define the target of the
assessment or pen test target .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 513/583
TCP handshake
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 514/583
A three-step process computers go through whennegotiating a connection with one another . The processis a target of attackers and others with malicious intent .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 515/583
Threat
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 516/583
Any agent, condition, or circumstance that couldpotentially cause harm, loss, damage, or compromise to
an IT asset or data asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 517/583
Time-to-live (TTL)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 518/583
A counter used within an IP packet that specifies themaximum number of hops that a packet can traverse . After a TTL is decremented to 0, a packet expires .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 519/583
Tini
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 520/583
A small Trojan program that listens on port 777 .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 521/583
Traceroute
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 522/583
A way of tracing hops or computers between the sourceand target computer you are trying to reach . Gives the
path the packets are taking .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 523/583
Transmission control protocol (TCP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 524/583
Is one of the main protocols of the TCP/IP protocol suite. .It is used for reliability and guaranteed delivery of data .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 525/583
Transient electromagnetic pulse emanation standard(TEMPEST)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 526/583
A method of shielding equipment to prevent the capabilityof capturing and using stray electronic signals and
reconstructing them into useful intelligence .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 527/583
Trapdoor function
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 528/583
One-way function that describes how asymmetricalgorithms function . Trapdoor functions are designed sothat they are easy to compute in one direction but difficultto compute in the opposing direction . Trapdoor functionsare useful in asymmetric encryption and examples include
RSA and Diffie-Hellman
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 529/583
Trojan
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 530/583
A Trojan is a program that does something undocumentedwhich the programmer or designer intended, but that the
end user would not approve of if he knew about it .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 531/583
Trusted Computer Base (TCB)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 532/583
All the protection mechanisms within a computer system .This includes hardware, firmware, and software
responsible for enforcing a security policy .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 533/583
Trusted computer system evaluation criteria (TCSEC)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 534/583
U.S . Department of Defense (DoD) Trusted Computer System Evaluation Criteria, also called the Orange Book .
TCSEC is a system designed to evaluate standalone
systems that places systems into one of four levels: A, B,C, and D .
Its basis of measurement is confidentiality .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 535/583
Tumbling
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 536/583
The process of rolling through various electronic serialnumbers on a cell phone to attempt to find a valid set to
use .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 537/583
Turnstiles
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 538/583
A one-way gate or access control mechanism that is usedto limit traffic and control the flow of people .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 539/583
Uber hacker
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 540/583
An expert and dedicated computer hacker .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 541/583
Uniform resource locator (URL)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 542/583
The global address on the Internet and World Wide Webin which domain names are used to resolve IP addresses .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 543/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 544/583
A connectionless protocol that provides few error recoveryservices, but offers a quick and direct way to send and
receive datagrams .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 545/583
Vandalism
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 546/583
The willful destruction of property .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 547/583
Videocipher II satellite encryption system
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 548/583
Encryption mechanism used to encrypt satellite videotransmissions .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 549/583
Virtual private network (VPN)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 550/583
A private network that uses a public network to connectremote sites and users .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 551/583
Virus
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 552/583
A computer program with the capability to generate copiesof itself and thereby spread . Viruses require the
interaction of an individual and can have rather benignresults, flashing a message to the screen, or rather
malicious results that destroy data, systems, integrity, or availability .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 553/583
Virus hoax
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 554/583
A chain letter designed to trick you into forwarding tomany other people warning of a virus that does not exist.
The Good Times virus is an example .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 555/583
Vulnerability
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 556/583
The absence or weakness of a safeguard in an asset .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 557/583
Vulnerability assessment
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 558/583
A methodical evaluation of an organization's ITweaknesses of infrastructure components and assets andhow those weaknesses can be mitigated through proper
security controls and recommendations to remediateexposure to risks, threats, and vulnerabilities .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 559/583
Vulnerability management
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 560/583
The overall responsibility and management of vulnerabilities within an organization and how that
management of vulnerabilities will be achieved throughdissemination of duties throughout the IT organization .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 561/583
War chalking
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 562/583
The act of marking on the wall or sidewalk near a buildingto indicate that wireless access is present .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 563/583
War dialing
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 564/583
The process of using a software program to automaticallycall thousands of telephone numbers to look for anyone
who has a modem attached .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 565/583
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 566/583
The process of driving around a neighborhood or area toidentify wireless access points .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 567/583
Warm site
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 568/583
An alternative computer facility that is partially configuredand can be made ready in a few days .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 569/583
Whitebox
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 570/583
A security assessment of penetration test in which allaspects of the network are known .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 571/583
Whois
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 572/583
An Internet utility that returns information about thedomain name and IP address .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 573/583
Wi-Fi Protected Access (WPA)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 574/583
A security standard for wireless networks designed to bemore secure than Wired Equivalent Privacy (WEP) .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 575/583
Wired Equivalent Privacy (WEP)
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 576/583
WEP is based on the RC4 encryption scheme . It wasdesigned to provide the same level of security as that of awired LAN . Because of 40-bit encryption and problemswith the initialization vector, it was found to be insecure .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 577/583
Worm
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 578/583
A self-replicating program that spreads by inserting copiesof itself into other executable codes, programs, or
documents . Worms typically flood a network with trafficand result in a denial of service .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 579/583
Wrappers
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 580/583
A type of program used to bind a Trojan program to a
legitimate program . The objective is to trick the user intorunning the wrapped program and installing the Trojan .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 581/583
Written authorization
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 582/583
One of the most important parts of the ethical hack . Itgives you permission to perform the tests that have been
agreed on by the client .
8/8/2019 Ceh Final Homemade Flash Cards 3x5
http://slidepdf.com/reader/full/ceh-final-homemade-flash-cards-3x5 583/583
Zone transfer