CEH Deck 3

Question 1

hash

Answer 1

A unique numerical string, created by a hashing algorithm on a given piece of data, used to verify data integrity.

Generally hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download) and/or to store password values.

Question 2

heuristic scanning

Answer 2

Method used by antivirus software to detect new, unknown viruses that have not yet been identified; based on a piece-by-piece examination of a program, heuristic scanning looks for a sequence or sequences of instructions that differentiate the virus from “normal” programs.

Question 3

hashing algorithm

Answer 3

A one-way mathematical function that generates a fixed-length numerical string (hash) from a given data input. MD5 and SHA-1 are hashing algorithms.

Question 4

Host-based IDS (HIDS)

Answer 4

Host-based IDS. An IDS that resides on the host, protecting against file and folder manipulation and other host-based attacks and actions.

Question 5

information technology (IT) asset criticality

Answer 5

The level of importance assigned to an IT asset.

Question 6

information technology (IT) asset valuation

Answer 6

The monetary value assigned to an IT asset.

Question 7

inference attack

Answer 7

An attack in which the hacker can derive information from the cipher text without actually decoding it.

Sensitive information can be considered compromised if an adversary can infer its real value with a high level of confidence.

Question 8

Lightweight Directory Access Protocol (LDAP)

Answer 8

An industry-standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.

Question 9

limitation of liability and remedies

Answer 9

A legal limit on the amount of financial liability and remedies the organization is responsible for taking on.

Question 10

local area network (LAN)

Answer 10

A computer network confined to a relatively small area, such as a single building or campus.

Question 11

logic bomb

Answer 11

A piece of code intentionally inserted into a software system that will perform a malicious function when specified conditions are met at some future point.

Question 12

malware

Answer 12

A program or piece of code inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system.

Malware consists of viruses, worms, and other malicious code.

Question 13

mandatory access control (MAC)

Answer 13

A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (that is, clearance) of users to access information of such sensitivity.

Question 14

man-in-the-middle attack

Answer 14

An attack where the hacker positions himself between the client and the server to intercept (and sometimes alter) data traveling between the two.

Question 15

mantrap

Answer 15

A small space having two sets of interlocking doors; the first set of doors must close before the second set opens.

Typically authentication is required for each door, often using different factors.

For example, a smartcard may open the first door, and a personal identification number entered on a number pad opens the second.

Question 16

network access server

Answer 16

A device providing temporary, on-demand, point-to-point network access to users.

Question 17

Network Address Translation (NAT)

Answer 17

A technology where you advertise one IP address externally and data packets are rerouted to the appropriate IP address inside your network by a device providing translation services.

In this way, IP addresses of machines on your internal network are hidden from external users.

Question 18

Network Basic Input/Output System (NetBIOS)

Answer 18

An API that provides services related to the OSI model’s Session layer, allowing applications on separate computers to communicate over a LAN.

Question 19

operating system attack

Answer 19

An attack that exploits the common mistake many people make when installing operating systems—that is, accepting and leaving all the defaults.

Question 20

out-of-band signaling

Answer 20

Transmission using channels or frequencies outside those normally used for data transfer; often used for error reporting.

Question 21

outsider associate

Answer 21

A untrusted outsider using open, or illicitly gained, access to an organization’s resources.

Question 22

overt channel

Answer 22

A communications path, such as the Internet, authorized for data transmission within a computer system or network.

Question 23

Packet Internet Groper (ping)

Answer 23

A utility that sends an ICMP Echo message to determine whether a specific IP address is accessible; if the message receives a reply, the address is reachable.

Question 24

parameter tampering

Answer 24

An attack where the hacker manipulates parameters within the URL string in hopes of modifying data.

Question 25

passive attack

Answer 25

An attack against an authentication protocol in which the attacker intercepts data in transit along the network between the claimant and verifier but does not alter the data (in other words, eavesdropping).