CEH v11 Questions and Answers Latest Update Rated A+

CEH v11 Questions and Answers Latest Update Rated A+ Authentication The process of identifying a user's identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, retina scan, or fingerprint scan, sometimes even a combination of the above. Botnet A network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. DDoS Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down. Domain A series of computers and associated peripherals (routers, printers, scanners), that are all connected as one entity. Encryption Coding used to protect your information from hackers. Malware malicious software that damages or disables computer systems and gives limited or full control of the systems to the creator for malicious activities such as theft or fraud. Spoofing When a hacker changes the IP address of an email so that it seems to come from a trusted source Spyware A type of malware that attackers install on a computer to secretly gather information about its users without their knowledge. Trojan Horse A form of malware, this one a misleading computer program that looks innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer. Virus It infects a system by inserting itself into a file or executable program. Malware which changes, corrupts, or destroys information, and is then passed on to other systems, usually by otherwise benign means. VPN creates a safe and encrypted tunnel over a public network to securely send and receive sensitive information. It creates a subnet by using key-based encryption for secure communication between endpoints. Worm Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Hack Value The notion among hackers that something is worth doing or is interesting. Vulnerability An existence of a weakness, design, or implementation error that may lead to compromising the security of the system. Exploit A breach of IT system security through vulnerabilities. It is the part the malware that contains code or a sequence of commands that can take advantage of a bug or vulnerability in a digital system or device. Payload Payload Daisy Chaining Gaining access to one network and/or computer to obtain information that will enable them to gain access to multiple other computers and/or networks. Doxing Publishing personally identifiable information about an individual that was obtain from public databases and social media. Bot A software application that can be remotely controlled to execute/automate predefined tasks. Information Security A state of infrastructure and information well-being to keep the possibility of theft, tampering, disruption of information and services kept tolerable and low. Confidentiality The assurance that information is only accessible to authorized individuals. Integrity The trustworthiness of preventing improper and unauthorized changes of data or resources. Availability The assurance that the system which is responsible for the processing, delivering and storing of information is accessible to the authorized users when required. Authenticity Any data, communication or document characteristics which ensures the quality of being genuine. Non-Repudiation Guarantees that an individual cannot later deny sending a message and the recipient cannot deny receiving a message. Cloud Computing An on-demand delivery of IT capabilities where infrastructure and applications are provided to subscribers as a metered service over a network. Advanced Persistent Threats (APT) An attack vector focuses on stealing data from a victims machine without their knowledge. Cloud Computing Threats An attack vector is a flaw in within a client's application cloud which can enable attackers to access other client's data. Insider Attacks An attack is performed on a network or single computer by an entrusted individual who has authorized access. Web Application Threats A security attack vector that threatens the performance of a website and hampers its security to steal user credentials, set up a phishing site or acquire private data by targeting web applications. SHA-1 A Secure Hashing Algorithm (SHA) that produces a 160-bit digest from a message with a maximum length of (264 - 1) bits, and resembles the MD5 algorithm. Software as a Service (SaaS) Offers software to subscribers on-demand over the internet. Platform as a Service (PaaS) Offers development tools, configuration management, and deployment platforms on-demand that can be used by subscribers to develop custom applications. Infrastructure as a Service (IaaS) Provides virtual machines and other abstracted hardware and operating systems which may be controlled through a service API. Identify as a Service (IDaaS) Offers IAM services including SSO, MFA, IGA and intelligence collection. Security as a Service (SECaaS) Provides Penetration testing, authentication, intrusion detection, anti-malware, security incident, and event management services. Container as a Service (CaaS) Offers Virtualization of container engines, management of containers, applications and clusters through a web portal or API. Function as a Service (FaaS) Provides a platform for developing, running and managing application functionality for microservices. Public Cloud Services are rendered over a network that is open for public use. Private Cloud Cloud infrastructure is operated for a single organization only. Community Cloud Shared Infrastructure between several organizations from a specific community with common concerns. Hybrid Cloud Combination of two or more clouds that remain unique entities but are bound together, thereby offering the benefits of multiple deployment models. Multi Cloud Dynamic heterogeneous environment that combines workloads across multiple cloud vendors, managed via one proprietary interface to achieve long term business goals. Cloud Consumer A person or organization that uses cloud computing services. Cloud Provider A person or organization that provides services to the interested parties. Cloud Carrier Providing connectivity and transport services between cloud consumers and providers. Cloud Auditor A party that can conduct independent assessment of cloud service controls and taking an opinion thereon. Cloud Broker An entity that manages the use, performance and delivery of cloud services, and maintains relationships between cloud providers and consumers. Virtualization The ability to run multiple operating systems on a single physical system. or multiple instances of one operating system and share the underlining resources such as a server, storage device or network. Containers Placed on the top of one physical server and host operating system, and share the operating systems kernel binaries and libraries, thereby reducing the need for reproducing the OS. Docker An open source technology used for developing, packaging and running applications and all its dependencies in the form of containers, to ensure that the application works in a seamless environment. It provides a PaaS through OS level virtualization and delivers containerized software packages. Kubernetes An open source, portable, extensible, orchestration platform developed by Google for managing containerized applications and microservices. It provides a resilient framework for managing distributed containers, generating deployment patterns, and performing failover and redundancy for the applications. Network Sniffing Interception and monitoring of network traffic which is being sent between the two cloud nodes. Packet Sniffers Programs that capture data from information packets as they travel over the Internet or company networks. Captured data is sifted to find confidential or proprietary information. Side Channel Attack An attack where an attacker runs a virtual machine on the same physical host as the victims virtual machine and takes advantage of the shared physical resources (processor cache) to steal data ( cryptographic keys) from the victim. Wrapping Attack Performed during the translation of SOAP message in the TLS layer where attackers duplicate the body of the message and send it to the server as a legitimate user. Man in the Cloud (MITC) An attacker abuses cloud file synchronization services such as Google Drive or Drop Box for data comprise, command and control, data exfiltration and remote access. Cloud Hopper Attack Triggered at the managed service providers (MSPs) and their users, by initiating spear-phishing emails with common made malware to compromise the accounts of staff or cloud service firms to obtain confidential information. Cloud Cryptojacking Unauthorized use of the victims computer to stealthily mine digital currency. Cloudborne Attack A vulnerability residing in a bare-metal cloud server that enables the attackers to implant a malicious backdoor in its firmware, which allows the attackers to bypass the security mechanisms and perform various activities such as watching new user activity or behavior, disabling the application or server, and intercepting and stealing the data. Cloud Hacking Attackers exploit vulnerabilities existing in cloud technologies to perform various targeted high-profile attacks on cloud storage systems, compromising the corporate and customers data, with the objective of gaining access to users data and blocking access to cloud services. Container Image Consists of Operating System, application, runtime, etc. packaged together. They are widely reused and may contain open sourced framework with vulnerability issues. Trivy, Clair, Dadga, Nessus Tools to scan and identify vulnerabilities in containers. Simple Storage Service (S3) A scalable cloud storage service used by Amazon AWS where files, folders and objects are stored via web APIs. Attacker try to find the buckets location and name to test its security and identify vulnerabilities in the bucket implementation. Inspecting HTML Attackers analyze the source code of the HTML web pages in the background, to find URLS's to the target S3 buckets. Brute-Forcing URL Attackers use Burp Suite to perform brute forcing attacks on the target buckets URL to identify the correct URL to the bucket. Finding Subdomains Attackers use tools such as Findsubdoamins, or Robtex to identify subdomains related to the target bucket. S3Scanner Used to identify open S3 buckets of cloud services such as Amazon AWS and retrieve their content for malicious purposes. S3Scanner, Lazys3, Bucker Finder, S3-buckets-bruteforcer Tools used to find URLs of AWS S3 buckets. Volume A directory that stores files and is accessible to all containers in a pod. Hacking Container Volumes Attackers exploit weak and default configurations in volumes to launch privilege escalation attacks and perform lateral movement in the internal network. Assessing master nodes Attackers gain access to the API or etcd, they can easily retrieve configuration details of the mounted volumes. Accessing nodes Kublet manages pods, so if attackers can access a node in a pod, they can easily gain access to all of the volumes used within the pod. Accessing container Attackers can configure a hostpath volume type to retrieve sensitive information from the node. AWS pwn AWS hacking tool that includes carious automated scripts for hacking phases such as reconnaissance, escalating privileges, maintaining access and clearing tracks. GCPBucketBrute A script-based tool that allows attackers to enumerate Google storage buckets, determine what kind of access they have for them, and check whether they can be privilege escalated. Misconfiguration Attack An attack that affects the web servers, application platforms, databases, networks, or frameworks that can lead towards illegal access or even the possibility of owning the system. Operating System Attack An attack where an attacker search's for OS vulnerabilities and exploits them to gain access to the system. Application Level Attack An attack that exploits vulnerabilities in applications that are running on a company's information system in order to steal or manipulate the data or gain unauthorized access. Shrink Wrap Code Attack An attack that will exploit default configurations and settings of off- the-shelf libraries and code. Information Warfare (InfoWar) The utilization of information and communication technologies (ICT) for a competitive advantage over an opponent. Defensive Information Warfare Refers to all of the strategies/actions used to to defend against ICT asset attacks. Offensive Information Warfare Refers to information warfare which involves the attacks against the opponents ICT assets. Reconnaissance Refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack. Scanning a procedure used for identifying active hosts, open ports, and unnecessary services enabled on particular hosts. Gaining Access refers to the point where the attacker obtains access to the operating system or application. Maintaining Access Refers to the phase when the attacker tries to retain his or her ownership of the system. Clearing Tracks Refers to the activities carried out by an attacker to hide malicious acts. Information Assurance (AI) Refers to the assurance that the integrity, availability, confidentiality and authenticity of information and information systems are protected during usage, processing, storage, and transmission of information. Information Security Management Program A well-defined level of information security that includes policies, processes, procedures, standards and guidelines. Enterprise Information Security Architecture (EISA) A set of requirements, processes, principles and models that determines the structure and behavior of an organization's information systems Network Security Zoning A mechanism that allows an organization to manage a secure network environment by selecting the appropriate security levels for the different zones of internet and intranet networks. Internet Zone An uncontrolled zone, as it is outside the boundaries of an organization. Internet DMZ A controlled zone, as it provides a barrier between internal networks and internet. Production Network Zone A restricted zone, as it strictly controls direct access for uncontrolled networks. Intranet Zone A controlled zone with no heavy restrictions. Management Network Zone A secured zone with strict policies. Defense-in-Depth A security strategy in which several protection layers are placed throughout an information system. Security Policies The foundation of the security infrastructure. Information Security Policies Defines the basic security requirements and rules to be implemented in order to protect and secure an organization's systems.