CEH v10 Study Guide | Questions And Answers Latest {2024- 2025} A+ Graded | 100%
Verified
FTP (File Transfer Protocol) - TCP Port 21.
Telnet - TCP 23
SMTP (Simple Mail Transfer Protocol) - TCP 25
DNS (Domain Name System) - TCP 53
UDP 53
HTTP - TCP 80
RPC (Remote Procedure Call) - Port 135 TCP/UDP
NetBIOS (Network Basic Input/Output System) - tcp/139, udp/137, udp/138 - Network communication
servers for LANs that use NetBIOS
SNMP (Simple Network Management Protocol) - UDP 161 and 162
LDAP (Lightweight Directory Access Protocol) - TCP/UDP 389
Global Catalog Service - TCP/UDP 3268
Volumetric Attacks - Consumes the bandwidth of target network or service.
Fragmentation Attacks - Overwhelms targets ability of re-assembling the fragmented packets
,TCP State-Exhaustion Attacks - Consumes the connection state tables present in the network
infrastructure components such as load-balancers, firewalls, and application servers
Application Layer Attacks - Consumes the application resources or services therby making it unavailable
to other legitimate users.
DoS/DDos Attack Vectors - Volumetric Attacks
Fragmentation Attacks
TCP State Exhaustion Attacks
Application Layer attacks
SYN flood attack - attacker sends multiple SYN packets but never completes the connection with an ACK
-disrupts TCP 3-way handshake
protection:
1) using SYN cookies
2) reduce amount of time a server will wait for an ACK- half-open sessions are flushed from the system's
memory faster
ICMP flood attack - a type of DoS attack in which perpetrators send a large number of ICMP packets
directly or through reflection networks to victims causing it to be overwhelmed and subsequently stop
responding to legitimate TCP/IP requests
Peer-to-Peer Attack - exploits flaws found in the network using the DC++ (Direct Connect), that is used
for sharing between instant message clients.
Phlasing - Permanent DoS, causes irreversible damage to system hardware. It sabotages the system
hardware. Attacker sends fraudulent hardware updates (firmware).
Application-level flood attacks - result in loss of services of a particular network, such as emails, network
resources, the temporary ceasing of applications and services. Attackers exploit weakenesses in
programming source code.
, Session Hijacking - An attack in which the attacker attempts to impersonate the user by using his or her
session token.
cross-site request forgery (XSRF) - An attack that exploits the trust a website has in a user's browser in
an attempt to transmit unauthorized commands to the website.
directory traversal attack - an attack that involves navigating to other directories an gaining access to
files and directories that would otherwise be restricted using ../ to access restricted directories outside
of the webserver root directory.
website defacement - A type of cybervandalism that occurs when a computer hacker intrudes on
another person's website by inserting or substituting codes that expose visitors to the site to misleading
or provocative information. Defacement can range from installing humorous graffiti to sabotaging or
corrupting the site.
HTTP Response Splitting Attack - Involves adding header response data into the input field so the server
can split the responses into two responses
Web Cache Poisoning - attack against the integrity of an intermediate Web cache repository, in which
genuine content cached for an arbitrary URL is replaced with spoofed content.
Injection Flaws - Web app vulnerabilities that allow untrusted data to be interpreted and executed as
part of a command or query
SQL Injection - An attacker issues a SQL command to a web server as part of the URL or as input to a
form on a company's website; web server might pass the command onto the database which then
allows potentially anything to be done to the database
command injection - injection (where the attacker injects commands into the form fields instead of the
expected test entry),
Walker, Matt. CEH Certified Ethical Hacker All-in-One Exam Guide, Third Edition (p. 235). McGraw-Hill
Education. Kindle Edition.
Verified
FTP (File Transfer Protocol) - TCP Port 21.
Telnet - TCP 23
SMTP (Simple Mail Transfer Protocol) - TCP 25
DNS (Domain Name System) - TCP 53
UDP 53
HTTP - TCP 80
RPC (Remote Procedure Call) - Port 135 TCP/UDP
NetBIOS (Network Basic Input/Output System) - tcp/139, udp/137, udp/138 - Network communication
servers for LANs that use NetBIOS
SNMP (Simple Network Management Protocol) - UDP 161 and 162
LDAP (Lightweight Directory Access Protocol) - TCP/UDP 389
Global Catalog Service - TCP/UDP 3268
Volumetric Attacks - Consumes the bandwidth of target network or service.
Fragmentation Attacks - Overwhelms targets ability of re-assembling the fragmented packets
,TCP State-Exhaustion Attacks - Consumes the connection state tables present in the network
infrastructure components such as load-balancers, firewalls, and application servers
Application Layer Attacks - Consumes the application resources or services therby making it unavailable
to other legitimate users.
DoS/DDos Attack Vectors - Volumetric Attacks
Fragmentation Attacks
TCP State Exhaustion Attacks
Application Layer attacks
SYN flood attack - attacker sends multiple SYN packets but never completes the connection with an ACK
-disrupts TCP 3-way handshake
protection:
1) using SYN cookies
2) reduce amount of time a server will wait for an ACK- half-open sessions are flushed from the system's
memory faster
ICMP flood attack - a type of DoS attack in which perpetrators send a large number of ICMP packets
directly or through reflection networks to victims causing it to be overwhelmed and subsequently stop
responding to legitimate TCP/IP requests
Peer-to-Peer Attack - exploits flaws found in the network using the DC++ (Direct Connect), that is used
for sharing between instant message clients.
Phlasing - Permanent DoS, causes irreversible damage to system hardware. It sabotages the system
hardware. Attacker sends fraudulent hardware updates (firmware).
Application-level flood attacks - result in loss of services of a particular network, such as emails, network
resources, the temporary ceasing of applications and services. Attackers exploit weakenesses in
programming source code.
, Session Hijacking - An attack in which the attacker attempts to impersonate the user by using his or her
session token.
cross-site request forgery (XSRF) - An attack that exploits the trust a website has in a user's browser in
an attempt to transmit unauthorized commands to the website.
directory traversal attack - an attack that involves navigating to other directories an gaining access to
files and directories that would otherwise be restricted using ../ to access restricted directories outside
of the webserver root directory.
website defacement - A type of cybervandalism that occurs when a computer hacker intrudes on
another person's website by inserting or substituting codes that expose visitors to the site to misleading
or provocative information. Defacement can range from installing humorous graffiti to sabotaging or
corrupting the site.
HTTP Response Splitting Attack - Involves adding header response data into the input field so the server
can split the responses into two responses
Web Cache Poisoning - attack against the integrity of an intermediate Web cache repository, in which
genuine content cached for an arbitrary URL is replaced with spoofed content.
Injection Flaws - Web app vulnerabilities that allow untrusted data to be interpreted and executed as
part of a command or query
SQL Injection - An attacker issues a SQL command to a web server as part of the URL or as input to a
form on a company's website; web server might pass the command onto the database which then
allows potentially anything to be done to the database
command injection - injection (where the attacker injects commands into the form fields instead of the
expected test entry),
Walker, Matt. CEH Certified Ethical Hacker All-in-One Exam Guide, Third Edition (p. 235). McGraw-Hill
Education. Kindle Edition.
