CEH Glossary Deck 2 Flashcards
provide additional definitions from CEH
access point (AP)
A wireless LAN device that acts as a central point for all wireless traffic.
The AP is connected to both the wireless LAN and the wired LAN, providing wireless clients access to network resources.
accountability
The ability to trace actions performed on a system to a specific user or system entity.
acknowledgment (ACK)
A TCP flag notifying an originating station that the preceding packet (or packets) has been received.
active attack
An attack that is direct in nature—usually where the attacker injects something into, or otherwise alters, the network or system target.
bastion host
A computer placed outside a firewall to provide public services to other Internet sites and hardened to resist external attacks.
biometrics
A measurable, physical characteristic used to recognize the identity, or to verify the claimed identity, of an applicant.
Facial images, fingerprints, and handwriting samples are all examples of biometrics.
bit flipping
A cryptographic attack where bits are manipulated in the cipher text to generate a predictable outcome in the plain text once it is decrypted.
Challenge Handshake Authentication Protocol (CHAP)
An authentication method on point-to-point links, using a three-way handshake and a mutually agreed-upon key.
CIA triad
Confidentiality, integrity, and availability. These are the three fundamental aspects of security.
cipher text
Text or data in its encrypted form; the result of plain text being input into a cryptographic algorithm.
client
A computer process that requests a service from another computer and accepts the server’s responses.
database
An organized collection of data.
decryption
The process of transforming cipher text into plain text through the use of a cryptographic algorithm.
defense in depth
An information assurance strategy in which multiple layers of defense are placed throughout an information technology system.
Electronic Code Book (ECB)
A mode of operation for a block cipher, with the characteristic that each possible block of plain text has a defined corresponding cipher-text value, and vice versa.
electronic serial number
Created by the U.S. Federal Communications Commission to uniquely identify mobile devices; often represented as an 11-digit decimal number or 8-digit hexadecimal number.
encapsulation
The process of attaching a particular protocol header and trailer to a unit of data before transmission on the network.
It occurs at Layer 2 of the OSI reference model.
Fast Ethernet
An Ethernet networking system transmitting data at 100 million bits per second (Mbps), ten times the speed of an earlier Ethernet standard.
Derived from the Ethernet 802.3 standard, it is also known as 100BaseT.
Fiber Distributed Data Interface (FDDI)
LAN standard, defined by ANSI X3T9.5, specifying a 100-Mbps token-passing network using fiber-optic cable and a dual-ring architecture for redundancy, with transmission distances of up to 2 kilometers.
File Allocation Table (FAT)
A computer file system architecture used in Windows, OS/2, and most memory cards.
Government Access to Keys (GAK)
An attempt through key disclosure laws to have software companies provide copies of all keys to the government, which will be used only when a warrant is provided during law enforcement efforts.
gray hat
A skilled hacker who straddles the line between white hat (hacking only with permission and within guidelines) and black hat (malicious hacking for personal gain).
Gray hats sometime perform illegal acts to exploit technology with the intent of achieving better security.
gray-box testing
A penetration test in which the ethical hacker has limited knowledge of the intended target(s).
Designed to simulate an internal but non-system-administrator-level attack.
