Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CEH v11 Revision > Essential Knowledge > Flashcards

Essential Knowledge Flashcards

1
Q

OSI Model - Layer 1
1. Type
2. Data Unit

A
  1. Physical (USB, Bluetooth)
  2. Bit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

OSI Model - Layer 2
1. Type
2. Data Unit

A
  1. Data Link (ARP, PPP)
  2. Frame
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

OSI Model - Layer 3
1. Type
2. Data Unit

A
  1. Network (IP)
  2. Packet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OSI Model - Layer 4
1. Type
2. Data Unit

A
  1. Transport (TCP)
  2. Segment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

OSI Model - Layer 5
1. Type
2. Data Unit

A
  1. Session (X255, SCP)
  2. Data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

OSI Model - Layer 6
1. Type
2. Data Unit

A
  1. Presentation (AFP, MIME)
  2. Data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

OSI Model - Layer 7
1. Type
2. Data Unit

A
  1. Application (FTP, HTTP, SMTP)
  2. Data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

TCP/IP Model - Layer 1
1. Type
2. OSI Layer Equivalent

A
  1. Network Access
  2. Physical (Layer 1) / Data Link (Layer 2)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TCP/IP Model - Layer 2
1. Type
2. OSI Layer Equivalent

A
  1. Internet
  2. Network (Layer 3)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

TCP/IP Model - Layer 3
1. Type
2. OSI Layer Equivalent

A
  1. Transport
  2. Transport (Layer 4)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TCP/IP Model - Layer 4
1. Type
2. OSI Layer Equivalent

A
  1. Application
  2. Session (Layer 5), Presentation (Layer 6), Application (Layer 7)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does TCP Handshake gets initialised?

A
  1. SYN
  2. SYN-ACK
  3. ACK
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does ARP stand for?

A

Address Resolution Protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is ARP used for?

A

Resolves IP address to physical address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the the 5 Network Security Zones?

A
  1. Internet
  2. Internet DMZ
  3. Production Network Zone
  4. Intranet Zone
  5. Management Network Zone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does CVSS Stand for?

A

Common Vulnerability Scoring System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is CVSS is used for?

A

Places numerical score based on severity for vulnerabilities and risks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does NVD stand for?

A

National Vulnerability Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is NVD?

A

US government repository of vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are the 7 Vulnerability Categories?

A
  1. Misconfiguration
  2. Default Installation
  3. Buffer Overflow
  4. Missing Patches
  5. Design Flaws
  6. Operating System Flaws
  7. Default Passwords
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does EISA stand for?

A

Enterprise Information Security Architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is EISA?

A

Process that determines how systems work within an organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the 5 steps to Threat Modelling?

A
  1. Identify security objectives
  2. Application Overview
  3. Decompose application
  4. Identify threats
  5. Identify vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the 5 Phases of Risk Management?

A
  1. Risk Identification
  2. Risk Assessment
  3. Risk Treatment
  4. Risk Tracking
  5. Risk Review
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are the 6 types of Security Controls?

A
  1. Physical (Guards, Lights, Cameras)
  2. Technical (Encryption, Smart Cards, Access Control lists)
  3. Administrative (Training Awareness, Policies)
  4. Preventative (Authentication, Alarm Bells)
  5. Detective (Audits, Backups)
  6. Corrective (Restore Operations)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What does BIA stand for?

A

Business Impact Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What does MTD stand for?

A

Maximum Tolerable Downtime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What does BCP stand for?

A

Business Continuity Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What does DRP stand for?

A

Disaster Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What does ALE stand for?

A

Annualised Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What does ARO stand for?

A

Annual Rate of Occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What does SLE stand for?

A

Single Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is the ALE formula?

A

ALE (Annualised Loss Expectancy) = SLE (Single Loss Expectancy) * ARO (Annual Rate of Occurrence)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What does UBA stand for?

A

User Behavior Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is UBA?

A

Tracking users and monitoring data for malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

CIA Triad - What are they?

A
  1. Confidentiality (Passwords, Encryption)
  2. Integrity (Hashing, Digital Signatures)
  3. Availability (Anti-Dos Solutions)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is Bit Flipping?

A

Integrity Attack - Obscure data from users.

38
Q

What is CC commonly referred to?

A

Common Criteria

39
Q

What does EAL stand for?

A

Evaluation Assurance Level

40
Q

EAL - How many levels does it have?

A

1 - 7

41
Q

What are the 2 Access Control Types?

A
  1. Mandatory (MAC)
  2. Discretionary (DAC)
42
Q

What are the 4 Policy Categorisations

A
  1. Promiscuous - Wide Open
  2. Permissive - Block only known dangers
  3. Pudent - Blocks most, few exceptions
  4. Paranoid - Locks everything down
43
Q

What is a phreaker?

A

Someone that manipulates or hacks telephone systems

44
Q

What are the 4 Attack Types?

A
  1. Operating System
    Vectors: Buffer overflows, Protocol Implementations, software defects, patch levels, authentication schemes
  2. Application Level
    Vectors: Buffer overflows, Bugs, XSS, DoS, SQL Injection, MitM
  3. Misconfiguration
    Examples: Improper permissions of SQL users; Access-list permit all
  4. Shrink-Wrap Code
    Examples: Software defect in version 1.0; Defect in example CGI scripts; Default passwords
45
Q

What are the 5 hacking phases?

A
  1. Reconnaissance
  2. Scanning & Enumeration
  3. Gaining Access
  4. Maintaining Access
  5. Covering Tracks
46
Q

What does SIEM stand for?

A

Security Incident Event Management

47
Q

What does SOC stand for?

A

Security Operations Centre

48
Q

What does SOC stand for?

A

Security Operations Centre

49
Q

What are the 3 simple phases of a Penetration Test?

A
  1. Preparation
  2. Assessment
  3. Post-Assessment
50
Q

What are the 3 Law Categories?

A
  1. Criminal
    Laws that protect public safety and usually have jail time attached
  2. Civil
    Private rights and remedies
  3. Common
    Laws that are based on societal customs
51
Q

What does OSSTMM stand for?

A

Open Source Security Testing Methodology Manual

52
Q

Who is OSSTMM maintained by?

A

ISECOM ( Institute for Security and Open Methodologies)

53
Q

OSSTMM - What are the 3 types of compliance?

A
  1. Legislative
    Deals with government regulations (Such as SOX and HIPAA).
  2. Contractual
    Deals with industry / group requirement (Such as PCI DSS).
  3. Standards based
    Deals with practices that must be followed by members of a given group/organization (Such as ITIL ,ISO and OSSTMM itself)
54
Q

What is ISO 27001?

A

Security standard based on the British BS7799 standard, focuses on security governance

55
Q

What is ISO 27002?

A

Standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.

56
Q

What is NIST-800-53?

A

Catalogs security and privacy controls for federal information systems, created to help
implementation of FISMA

57
Q

What does FISMA stand for?

A

Federal Information Security Modernization Act

58
Q

What is FISMA?

A

A law to codify the authority of the Department of Homeland Security with regards to implementation of information security policies

59
Q

What does FITARA stand for?

A

Federal Information Technology Acquisition Reform Act

60
Q

What is FITARA?

A

A bill that was intended to change the framework that determines how the US GOV purchases technology

61
Q

What does HIPAA stand for?

A

Health Insurance Portability and Accountability Act

62
Q

What is HIPAA?

A

Law that set’s privacy standards to protect patient medical records and health information shared between doctors, hospitals and insurance providers

63
Q

What does PCI-DSS Stand for?

A

Payment Card Industry - Data Security Standard

64
Q

What is PCI-DSS?

A

Standard for organizations handling Credit
Cards, ATM cards and other POS cards

65
Q

What is COBIT (Control Object for Information and Related Technology)?

A

IT Governance framework and toolset , created by ISACA and ITGI

66
Q

What is SOX (Sarbanes-Oxley Act)?

A

Law that requires publicly traded companies to submit to independent audits and to properly disclose financial information

67
Q

What is GLBA U.S Gramm-Leach-Bliley Act?

A

Law that protects the confidentiality and integrity of personal information that is collected by financial institutions.

68
Q

What does CSIRT stand for?

A

Computer Security Incident Response Team

69
Q

What is purpose of CSIRT?

A

Team provided a single point of contact when reporting computer security incidents

70
Q

What does ITIL stand for?

A

Information Technology Infrastructure Library

71
Q

What is purpose of ITIL?

A

An operational framework developed in the ’80s that standardizes IT management procedures

72
Q

Which of the following is an example of a Single Class A network?
1. 10.0.0.0/8 (255.0.0.0)
2. 172.16.0.0/12 (255.240.0.0)
3. 192.168.0.0/16 (255.255.0.0)

A
  1. 10.0.0.0/8 (255.0.0.0)
73
Q

Which of the following is an example of 16 Class B networks?
1. 10.0.0.0/8 (255.0.0.0)
2. 172.16.0.0/12 (255.240.0.0)
3. 192.168.0.0/16 (255.255.0.0)

A
  1. 172.16.0.0/12 (255.240.0.0)
74
Q

Which of the following is an example of 256 Class C networks?
1. 10.0.0.0/8 (255.0.0.0)
2. 172.16.0.0/12 (255.240.0.0)
3. 192.168.0.0/16 (255.255.0.0)

A
  1. 192.168.0.0/16 (255.255.0.0)
75
Q

What is DLP and what does it do?

A

Data loss prevention: Software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting, and blocking sensitive data while in-use, in-motion, and at-rest

76
Q

What is MDM and what does it do?

A

Mobile Device Management: Software is used for the configuration and securing of mobile devices like smartphones and tablets.

77
Q

What is UTM and what does it consist of?

A

Unified Threat Management: Is a device that combines the functions of a firewall, anti-malware solution, and IDS into a single piece of hardware.

78
Q

Where is the Regional Internet Registry located for ARIN?

A

North America
ARIN (American Registry for Internet Numbers)

79
Q

Where is the Regional Internet Registry located for LACNIC?

A

Latin America
LACNIC (Latin America and Caribbean Network Information Centre)

80
Q

Where is the Regional Internet Registry located for RIPE NCC?

A

Europe, Middle East, Central Asia
RIPE NCC (Réseaux IP Européens Network Coordination Centre)

81
Q

Where is the Regional Internet Registry located for AFRINIC?

A

Africa
AFRINIC (African Network Information Centre)

82
Q

Where is the Regional Internet Registry located for APNIC?

A

Asia/Pacific
APNIC (Asia Pacific Network Information Centre)

83
Q

When does the Payment Card Industry Data Security Standard (PCI-DSS) performs external and internal penetration testing among organizations?

A

At least once a year and after any significant upgrade or modification.

84
Q

How is False Negative best described?

A

Happens when no alarm was raised even though an attack has taken place.

85
Q

What are the 5 response types to risk?

A
  1. Acceptance
  2. Avoidance
  3. Transference
  4. Mitigation
  5. Exploitation
86
Q

When does Secondary NS requests a zone transfer from a Primary NS?

A

When a Primary SOA is higher than a Secondary SOA

87
Q

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

A

USER, NICK

88
Q

How does the TCP Handshake gets terminated?

A

FIN
ACK-FIN
ACK

89
Q

How is True Positive best described?

A

Alert was raised when an attack has taken place.

90
Q

How is True Negative best described?

A

No alert was raised and no attack has taken place.

CEH v11 Revision (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions