CEH Notes from Austin

Question 1

Cross Site Request Forgery (XSRF)

Answer 1

Web browser vulnerability in which the hacker conducts the transaction from the user account without his consent. Clicks malicious link.

Question 2

Cross-Site Scripting (XSS)

Answer 2

Web application attack where the attackers exploit vulnerability in dynamically generated web pages to inject client-side script into web pages viewed by other users. STEAL COOKIES.

Question 3

DNS Cache Spooping

Answer 3

An enumeration technique in which theh hacker queries the DNS server for a specific cached DNS record and determines the sites recently visited by the org users. Determines specific sites visited by user.

Question 4

DNS Hijacking

Answer 4

Type of cyber attach in which DNS searches are manipulated in order to redirect users to malicious sites.

Question 5

Evil Twin

Question 6

Jamming/Scrambling

Question 7

Macro Virus

Answer 7

Targets MS office products

Question 8

Password Spraying

Answer 8

Cracking user accounts by using list of common passwords from the internet and spraying thousands of accounts

Question 9

ARP Spoofing

Answer 9

Address that has been duplicated will show as sending traffic from 2 different sources at the same time (1 iP and 2 MACS)

Question 10

Banner Grabbing

Answer 10

Common information gathering technique that attackers use together information about the target web server using nmap-sV.

Question 11

Bluesnarfing

Answer 11

Stealing info over Bluetooth

Question 12

Cloud Hopper

Answer 12

Accesses the target customer profiles with manager service provider (MSP) cloud account, compresses the customer data, and stores them in the MSP. Later, this is used to launch further attacks.

Question 13

DHCP Starvation

Answer 13

A DOS attack on the DHCP servers where attackers broadcast forged DHCP requests and lease all the DHCP space available in the DHCP scope until server is of no use.

Question 14

DNS Tunneling

Answer 14

Attacker configures multiple domains pointing to the same host to switch quickly between the domains and avoids detections and bypasses the firewalls.

Question 15

Directory Traversal

Answer 15

Web server does not properly ignore the ../../ string and instead returns the file listing of a folder higher up in the folder structure of the server.

Question 16

Hit List Scanning Technique

Answer 16

A method to create a botnet by collecting info about several vulnerable machines to make a list infecting those machines to convert them into bots and then divide the list by assigning half of the list to the new compromised machines.

Question 17

Idle Scanning

Answer 17

Type of firewall scanning technique where attackers make use of a zombie system that has low network activity and frag id numbers.

Question 18

Out of Band SQLI

Answer 18

SQL inject that leverages a database server’s ability to make DNS requests to pass data to an attacker

Question 19

Quid Pro Quo

Answer 19

Something for something “attackers call random numbers claiming to be from IT support, baiting to get the end user to exchange info.