CEHv8 BOOTCAMP: MODULE 01-INTRODUCTION TO ETHICAL HACKING_SET-1 Flashcards
What is Hack Value?
The notion among hackers that is worth doing or is interesting.
What is Exploit?
A defined way to breach the security of an IT system through vulnerability.
What is Vulnerability?
Existence of a weakness, design, or implementation error that can lead to an unexpected and undersirable event compromising the security of the system.
What is Target of Evaluation?
An IT system, Product, or component that is identified/subjected to a required security evaluation.
What is Zero-Day Attack?
An attack that exploits computer application vulnerabilities before the software developer releases a patch for the vulnerability.
What is Daisy Chaining?
Hackers who get away with database ttheft usuallycomplete their task, then backtrack to cover their tracks by destroying logs, etc.
What are the 5 elements in Information Security?
- Confidentiality
- Integrity
- Availability
- Authenticity
- Non-Repudiation
What is Information Security?
A state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low or tolerable.
What 3 components can define level of security?
- Functionality
- Security
- Usability
What are 6 Information Security threats?
- Natural Threats
- Physical Threats
- Human Threats
- Network Threats
- Host Threats
- Application Threats
What are examples of Natural Threats?
- Floods
- Natural Disasters
- Earthquakes
- Hurricanes
What are examples of Physical Threats?
- Loss or Damage of system resources
- Physical intrusion
- Sabotage, espionage, and errors
What are examples of Human Threats?
- Hackers
- Insiders
- Social engineering
- Lack of knowledge and awareness
What are examples of Network Threats?
- Information gathering
- Sniffing and eavesdropping
- Spoofing
- Session hijacking and Man-in-the-Middle
- SQL injection
- ARP Poisoning
- Password-based attacks
- Denial of service attack
- Compromised-key attack
What are examples of Host Threats?
- Malware attacks
- Target Footprinting
- Password attacks
- Denial of service attacks
- Arbitrary code execution
- Unauthorized access
- Privilege escalation
- Back door Attacks
- Physical security threats
What are examples of Application Threats?
- Data/input validation
- Authentication and Authorization attacks
- Configuration Management
- Informaiton disclosure
- Session management issues
- Buffer overflow issues
- Cryptography attacks
- Parameter manipulation
- Improper error handling and exception management
- Auditing and logging issues
What does the term Information Warfare refer to?
The use of information communication technologies (ICT) to take competitive advantages over an opponent.
What is Defensive Information Warfare?
Strategies and actions to defend against attacks on ICT assets.
What is Offensive Information Warfare?
Information Warfare that involves attacks on ICT assets of an opponent.
What are 8 Hacker Classes?
- Black Hats
- White Hats
- Gray Hats
- Suicide Hackers
- Script Kiddies
- Spy Hackers
- Cyber Terrorists
- State Sponsored Hackers
What is Hactivism?
An act of promoting a political agenda by hacking, especially by defacing or disabling websites
What are common targets of Hactivist?
- Government agencies
- Multinational corporations
- Any entity perceived as bad/wrong by these groups/individuals.
Where does Hactivism thrive?
The environment where information is easily accessible.
What are the 5 phases of hacking?
- Reconnaissance
- Scanning
- Gaining Access
- Maintaining Access
- Clearing Tracks
What are 4 types of attacks on a system?
- Operating System Attacks
- Misconfiguration Attacks
- Application Level Attacks
- Shrink Wrap Code Attacks
