CEH Glossary 1

Question 1

802.11

Answer 1

Wireless LAN standards created by IEEE.

• 802.11a runs at up to 54 Mbps at 5 GHz,
• 802.11b runs at up to 11 Mbps at 2.4 GHz,
• 802.11g runs at up to 54 Mbps at 2.4 GHz, and
• 802.11n can run upward of 150 Mbps.

Question 2

802.11i

Answer 2

A wireless LAN security standard developed by IEEE. Requires Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).

Question 3

acceptable use policy (AUP)

Answer 3

Policy stating what users of a system can and cannot do with the organization’s assets.

Question 4

access control list (ACL)

Answer 4

A method of defining what rights and permissions an entity has to a given resource.

In networking, access control lists are commonly associated with firewall and router traffic-filtering rules.

Question 5

access creep

Answer 5

Occurs when authorized users accumulate excess privileges on a system because of moving from one position to another;

allowances accidentally remain with the account from position to position.

Question 6

backdoor

Answer 6

A hidden capability in a system or program for bypassing normal computer authentication systems.

A backdoor can be purposeful or the result of malware or other attack.

Question 7

banner grabbing

Answer 7

An enumeration technique used to provide information about a computer system;

generally used for operating system identification (also known as fingerprinting).

Question 8

baseline

Answer 8

A point of reference used to mark an initial state in order to manage change.

Question 9

cache

Answer 9

A storage buffer that transparently stores data so future requests for the same data can be served faster.

Question 10

CAM table

Answer 10

Content addressable memory table.

A CAM table holds all the MAC-address-to-port mappings on a switch.

Question 11

certificate

Answer 11

An electronic file used to verify a user’s identity, providing nonrepudiation throughout the system. It is also known as a digital certificate. I

t is also a set of data that uniquely identifies an entity.

Certificates contain the entity’s public key, serial number, version, subject, algorithm type, issuer, valid dates, and key usage details.

Question 12

daisy chaining

Answer 12

A method of external testing whereby several systems or resources are used together to make an attack.

Question 13

Data Encryption Standard (DES)

Answer 13

An outdated symmetric cipher encryption algorithm, previously approved by the U.S. government and used by business and civilian government agencies.

DES is no longer considered secure because of the ease with which the entire keyspace can be attempted using modern computing, thus making cracking the encryption easy.

Question 14

Data Link layer

Answer 14

Layer 2 of the OSI reference model.

This layer provides reliable transit of data across a physical link.

The Data Link layer is concerned with physical addressing, network topology, access to the network medium, error detection, sequential delivery of frames, and flow control.

The Data Link layer is composed of two sublayers: the MAC and the LLC.

Question 15

eavesdropping

Answer 15

The act of secretly listening to the private conversations of others without their consent.

This can also be done over telephone lines (wiretapping), e-mail, instant messaging, and other methods of communication considered private.

Question 16

ECHO reply

Answer 16

A type 0 ICMP message used to reply to ECHO requests.

It is used with ping to verify Network layer connectivity between hosts.

Question 17

EDGAR database

Answer 17

A system used by the Securities and Exchange Commission (SEC) for companies and businesses to transmit required filings and information.

The EDGAR database performs automated collection, validation, indexing, acceptance, and forwarding of submissions by companies and others who are required by law to file forms with the U.S. Securities and Exchange Commission.

The database is freely available to the public via the Internet and is a potential source of information for hackers.

Question 18

false acceptance rate (FAR)

Answer 18

The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access (see false negative).

Question 19

false negative

Answer 19

A situation in which an IDS does not trigger on an event that was an intrusion attempt.

False negatives are considered more dangerous than false positives.

Question 20

false positive

Answer 20

A situation in which an IDS or other sensor triggers on an event as an intrusion attempt, when it was actually legitimate traffic.

Question 21

false rejection rate (FRR)

Answer 21

The rate at which a biometric system will incorrectly reject an access attempt by an authorized user.

Question 22

gap analysis

Answer 22

A tool that helps a company compare its actual performance with its potential performance.

Question 23

gateway

Answer 23

A device that provides access between two or more networks.

Gateways are typically used to connect dissimilar networks.

Question 24

GET

Answer 24

A command used in HTTP and FTP to retrieve a file from a server.

Question 25

hack value

Answer 25

The idea a hacker holds about the perceived worth or interest in attacking a target.

Question 26

hacktivism

Answer 26

The act or actions of a hacker to put forward a cause or a political agenda, to affect some societal change, or to shed light on something he feels to be a political injustice. These activities are usually illegal in nature.

Question 27

halo effect

Answer 27

A well-known and well-studied phenomenon of human nature, whereby a single trait influences the perception of other traits.

Question 28

IaaS

Answer 28

Infrastructure as a Service. A cloud computing type providing virtualized computing resources over the Internet.

Question 29

identity theft

Answer 29

A form of fraud in which someone pretends to be someone else by assuming that person’s identity, typically in order to access resources or obtain credit and other benefits in that person’s name.

Question 30

impersonation

Answer 30

A social engineering effort in which the attacker pretends to be an employee, a valid user, or even an executive to elicit information or access.

Question 31

Kerberos

Answer 31

A widely used authentication protocol developed at the Massachusetts Institute of Technology (MIT). Kerberos authentication uses tickets, a ticket granting service, and a key distribution center.

Question 32

key exchange protocol

Answer 32

A method in cryptography by which cryptographic keys are exchanged between users, thus allowing use of a cryptographic algorithm (for example, the Diffie-Hellman key exchange).

Question 33

keylogger

Answer 33

A software application or hardware device that captures user keystrokes.

Question 34

last in first out (LIFO)

Answer 34

A programming principle whereby the last piece of data added to the stack is the first piece of data taken off.

Question 35

Level I assessment

Answer 35

An evaluation consisting of a document review, interviews, and demonstrations. No hands-on testing is performed.

Question 36

Level II assessment

Answer 36

An evaluation consisting of a document review, interviews, and demonstrations, as well as vulnerability scans and hands-on testing.

Question 38

Level III assessment

Answer 38

An evaluation in which testers attempt to penetrate the network.

Question 39

MAC filtering

Answer 39

A method of permitting only MAC addresses in a preapproved list of network access. Addresses not matching are blocked.

Question 40

macro virus

Answer 40

A virus written in a macro language and usually embedded in document or spreadsheet files.

Question 41

malicious code

Answer 41

Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host.

Question 42

National Security Agency (NSA) INFOSEC Assessment Methodology (IAM)

Answer 42

A systematic process for the assessment of security vulnerabilities.

Question 43

NetBSD

Answer 43

A free, open source version of the Berkeley Software Distribution of Unix, often used in embedded systems.

Question 44

network access server

Answer 44

A device providing temporary, on-demand, point-to-point network access to users.

Question 45

NetBus

Answer 45

A software program for remotely controlling a Microsoft Windows computer system over a network. Generally it is considered malware.

Question 46

open source

Answer 46

Describes practices in production and development that promote access to the end product’s source materials.

Question 47

Open Source Security Testing Methodology Manual (OSSTMM)

Answer 47

A peer-reviewed, formalized methodology of security testing and analysis.

Question 48

Open System Interconnection (OSI) reference model

Answer 48

A network architecture framework developed by ISO that describes the communications process between two systems across the Internet in seven distinct layers.

Question 49

OpenBSD

Answer 49

A Unix-like computer operating system descending from the BSD. OpenBSD includes a number of security features absent or optional in other operating systems.

Question 50

PaaS Platform as a Service.

Answer 50

A cloud computing type geared toward software development, providing a platform that allows subscribers to develop applications without building the infrastructure it would normally take to develop and launch software.

Question 51

packer

Answer 51

A crypter that uses compression to pack malware executables into smaller sizes to avoid detection.

Question 52

packet

Answer 52

A unit of information formatted according to specific protocols, generally regarded as being used in OSI Layer 3, that allows precise transmittal of data from one network node to another. Also called a datagram or data packet, a packet contains a header (container) and a payload (contents). Any IP message larger than 1500 bytes will be fragmented into packets for transmission.

Question 53

packet filtering

Answer 53

Controlling access to a network by analyzing the headers of incoming and outgoing packets and letting them pass or discarding them based on rule sets created by a network administrator. A packet filter allows or denies packets based on destination, source, and/or port.

Question 54

qualitative analysis

Answer 54

A nonnumerical, subjective risk evaluation. This is used with qualitative assessment (an evaluation of risk that results in ratings of none, low, medium, or high for the probability).

Question 55

quality of service (QoS)

Answer 55

A defined measure of service within a network system—administrators may assign a higher QoS to one host, segment, or type of traffic.

Question 56

quantitative risk assessment

Answer 56

Calculations of two components of risk (R): the magnitude of the potential loss (L), and the probability (P) that the loss will occur.

Question 57

queue

Answer 57

A backlog of packets stored in buffers and waiting to be forwarded over an interface.

Question 58

RAID (Redundant Array of Independent Disks)

Answer 58

Formerly Redundant Array of Inexpensive Disks, RAID is a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit, where data is distributed across the drives in one of several ways, called RAID levels.

Question 59

reconnaissance

Answer 59

The steps taken to gather evidence and information on the targets you want to attack.

Question 60

remote access

Answer 60

Access by information systems (or users) communicating from outside the information system security perimeter.

Question 61

remote access

Answer 61

Access by information systems (or users) communicating from outside the information system security perimeter.

Question 62

remote procedure call (RPC)

Answer 62

A protocol that allows a client computer to request services from a server and the server to return the results.

Question 63

SaaS Software as a Service.

Answer 63

A type of cloud computing used as a software distribution model.

Question 64

SAM

Answer 64

The Security Accounts Manager file in Windows stores all the password hashes for the system.

Question 65

Sarbanes-Oxley Act (SOX)

Answer 65

SOX was created to make corporate disclosures more accurate and reliable in order to protect the public and investors from shady behavior. There are 11 titles within SOX.

Question 66

scope creep

Answer 66

The change or growth of a project’s scope.

Question 67

TACACS Terminal Access Controller Access-Control System.

Answer 67

A remote authentication protocol that is used to communicate with an authentication server commonly used in Unix networks.

Question 68

target of engagement (TOE)

Answer 68

The software product or system that is the subject of an evaluation.

Question 69

telnet

Answer 69

A protocol used in networking to provide bidirectional, interactive, text-oriented communication facility using a virtual terminal connection. Commands entered locally are executed on the remote system.

Question 70

Unicode

Answer 70

An international encoding standard, working within multiple languages and scripts, that represents each letter, digit, or symbol with a unique numeric value that applies across different platforms.

Question 71

Uniform Resource Locator (URL)

Answer 71

A string that represents the location of a web resource—most often a website.

Question 72

User Datagram Protocol (UDP)

Answer 72

A connectionless, Layer 4 transport protocol. UDP is faster than TCP but offers no reliability. A best effort is made to deliver the data, but no checks and verifications are performed to guarantee delivery. Therefore, UDP is termed a connectionless protocol. UDP is simpler to implement and is used where a small amount of packet loss is acceptable, such as for streaming video and audio.

Question 73

Vehicle Ad Hoc Network (VANET)

Answer 73

The communications network used by IoT-enabled vehicles; refers to the spontaneous creation of a wireless network for vehicle-to-vehicle (V2V) data exchange.

Question 74

Videocipher II Satellite Encryption System

Answer 74

The brand name of analog scrambling and de-scrambling equipment for cable and satellite television, invented primarily to keep consumer television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.

Question 75

Videocipher II Satellite Encryption System

Answer 75

The brand name of analog scrambling and de-scrambling equipment for cable and satellite television, invented primarily to keep consumer television receive-only (TVRO) satellite equipment from receiving TV programming except on a subscription basis.

Question 76

war chalking

Answer 76

Drawing symbols in public places to alert others to an open Wi-Fi network. War chalking can include the SSIDs, administrative passwords to APs, and other information.

Question 77

war dialing

Answer 77

The act of dialing all numbers within an organization to discover open modems.

Question 78

war driving

Answer 78

The act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable device.

Question 79

warm site

Answer 79

An environmentally conditioned workspace partially equipped with IT and telecommunications equipment to support relocated IT operations in the event of a significant disruption.

Question 80

web spider

Answer 80

A program designed to browse websites in an automated, methodical manner. Sometimes these programs are used to harvest information from websites, such as e-mail addresses.

Question 81

XOR operation

Answer 81

A mathematical operation requiring two binary inputs: if the inputs match, the output is a 0; otherwise, it is a 1.

Question 82

Zenmap

Answer 82

A Windows-based GUI version of Nmap.

Question 83

zero subnet

Answer 83

In a classful IPv4 subnet, this is the network number with all binary 0s in the subnet part of the number. When written in decimal, the zero subnet has the same number as the classful network number.

Question 84

zero-day attack

Answer 84

An attack carried out on a system or application before the vendor becomes aware and before a patch or fix action is available to correct the underlying vulnerability.

Question 85

zombie

Answer 85

A computer system that performs tasks dictated by an attacker from a remote location. Zombies may be active or idle, and owners of the systems generally do not know their systems are compromised.

Question 86

zone transfer

Answer 86

A type of DNS transfer where all records from an SOA are transmitted to the requestor. Zone transfers have two options: full (opcode AXFR) and incremental (IXFR).