CEH/PEN - Practice Exam_2 Flashcards
Vulnerability management cycle
- Identify assets and create a baseline
- Vulnerability scan
- Risk Assessment
- Remediation
- Verification
- Monitor
Command line used to discover WPS enabled APs
ntptrace
Attack: Security exploit that compromises a site that a targeted victim visits to gain access to victim’s computer and network
Watering hole attack
An individual who uses hacking skills to identify security vulnerabilities in hardware, software or netowrks
White Hat Hacker
A web security vulnerability that allows an attacker to interfere with an application’s processing of XML data
XXE (XML external entity injection)
Technique when someone queries a DNS server in order to find out if the DNS server has a specific DNS record cached, and thereby deduce if the DNS server’s owner have recently visited a specified site
DNS Cache Snooping
A powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in real-time, sniff for credentials and much more
BetterCAP
Field in the IPv4 header, and the Traffic Class filed in the IPv6 header, used to classify IP packets so that routers can make QoS (quality of service) decision about what path packets should traverse across the network
Type of Service (ToS)
Private IP address range (Class A)
10.0.0.0 - 10.255.255.255
Class B address ranges
172.16.0.0 - 172.31.255.255
Class C address range
192.168.0.0 - 192.168.255.255
Three types of IPv6 addresses
- Unicast
- Anycast
- Multicast
Protocols used to mitigate session hijackings
- IPSEC
- VPN
Device typically used with software such as Wireshark to aid in wireless network traffic analysis
AirPcap
Two security issues related to containers as compared to VMs
- Open network traffic across services
- sharing the OS kernel
Ports are divided into three ranges known as:
- Well-known ports
- Registered Ports
- Dynamic/Private Ports
Well-known ports range
0 - 1023