https://DevOpsCloud.io -- Cloud Monk Losang Jinpa

clickjacking The act of using multiple transparent or opaque layers to induce users into clicking a web button or link on a page that they were not intending to be navigating or clicking. Clickjacking attacks are often referred to as UI redress attacks.” (CEHsntos 2022)

clipping level The point at which an alarm threshold or trigger occurs. For example, a clipping level of three logon attempts locks out a user after three unsuccessful attempts to log on.“ (CEHsntos 2022)

cloning In the context of hacking, a process that occurs when a hacker copies the electronic serial number (ESN) from one cell phone to another, which duplicates the cell phone.” (CEHsntos 2022)

closed-circuit television (CCTV) A system composed of video transmitters that can feed the captured video to one or more receivers. Typically used in banks, casinos, shopping centers, air ports, or anywhere that physical security can be enhanced by monitoring events. Placement in these facilities is typically at locations where people enter or leave the facility or at locations where critical transactions occur.“ (CEHsntos 2022)

closed system A system that is not “open” and therefore is a proprietary system. Open systems are those that employ modular designs, are widely supported, and facilitate multivendor, multitechnology integration.” (CEHsntos 2022)

cloud computing The practice of using remote servers, applications, and equipment hosted on the Internet by third-party providers.“ (CEHsntos 2022)

CNAMEs A type of record used in Domain Name Service (DNS); the CNAME record contains the aliases or nickname.” (CEHsntos 2022)

cold site A site that contains no computing-related equipment except for environ[[mental support, such as air conditioners and power outlets, and a security system made ready for installing computer equipment.“ (CEHsntos 2022)

collision In cryptography, a condition that occurs when a hashing algorithm, such as MD5, creates the same value for two or more different files. In the context of the physical network, collisions can occur when two packets are transmitted at the same time on an Ethernet network.” (CEHsntos 2022)

combination lock A lock that can be opened by turning dials in a predetermined sequence.“ (CEHsntos 2022)

Common Vulnerabilities and Exposures (CVE) CERT-sponsored list of vulnerabilities and exposures.” (CEHsntos 2022)

Common Vulnerability Scoring System (CVSS) An industry standard that was created by security practitioners in the Forum of Incident Response and Security Teams (FIRST) to provide the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.“ (CEHsntos 2022)

Common Weakness Enumeration (CWE) A universal online dictionary of software weaknesses maintained by the MITRE Corporation.” (CEHsntos 2022)

Computer Emergency Response Team (CERT) An organization developed to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve an organization’s capability to respond to computer and network security issues.“ (CEHsntos 2022)

confidentiality A condition in which data or information is not made available or disclosed to unauthorized persons. One of the three elements of the CIA security triad, along with integrity and availability.” (CEHsntos 2022)

confidentiality agreement An agreement that employees, contractors, or third-party users must read and sign before being granted access rights and privileges to the organization’s IT infrastructure and its assets.“ (CEHsntos 2022)

contingency planning The process of preparing to deal with calamities and noncalamitous situations before they occur so that the effects are minimized.” (CEHsntos 2022)

cookie A message or small amount of text that a website stores in a text file on the computer running the web browser used to visit the website. The message is sent back to the web server each time the browser goes to that website and is useful in maintaining state in what is otherwise a stateless connection.“ (CEHsntos 2022)

copyright The legal protection given to authors or creators that protects their expressions on a specific subject from unauthorized copying. It is applied to books, paintings, movies, literary works, or any other medium of use.” (CEHsntos 2022)

covert channel An unintended communication path that enables a process to transfer information in a way that violates a system’s security policy.“ (CEHsntos 2022)

cracker A term derived from criminal hacker, indicating someone who acts in an illegal manner.” (CEHsntos 2022)

criminal law Law pertaining to crimes against the state or conduct detrimental to society. Violations of criminal statues are punishable by law, and punishments can include monetary penalties and jail time.“ (CEHsntos 2022)

criticality The quality, state, degree, or measurement]] of the highest importance.” (CEHsntos 2022)

crossover error rate (CER) A comparison measurement]] for different biometric devices and technologies to measure their accuracy. The CER is the point at which false acceptance rate (FAR) and false rejection rate (FRR) are equal, or cross over. The lower the CER, the more accurate the biometric system.“ (CEHsntos 2022)

cross-site request forgery (CSRF or XSRF) An attack that occurs when unauthorized commands are transmitted from a user who is trusted by the application. CSRF is different from XSS because it exploits the trust that an application has in a user’s browser.” (CEHsntos 2022)

cross-site scripting (XSS) A type of attack that could result in installation or execution of malicious code, account compromise, session cookie hijacking, revelation or modification of local files, or site redirection.“ (CEHsntos 2022)

crypter Software used to encrypt malware. Some crypters obscure the contents of a Trojan by applying an encryption algorithm. Crypters can use anything from AES, RSA, to even Blowfish, or they might use more basic obfuscation techniques, such as XOR, Base64 encoding, or even ROT13.” (CEHsntos 2022)

cryptographic key The piece of information that controls the cryptographic algorithm. The key specifies how the clear text is turned into cipher text or vice versa. For example, a DES key is a 64-bit parameter consisting of 56 independent bits and 8 bits that are used for parity.“ (CEHsntos 2022)

D

Data Encryption Standard (DES) A symmetric encryption standard (FIPS 46-3) that is based on a 64-bit block. DES uses the data encryption algorithm to process 64 bits of plaintext at a time to output 64-bit blocks of cipher text. Even though the DES key is 64 bits in length, it has a 56-bit work factor and has four modes of operation.” (CEHsntos 2022)

defense in depth A process of multilayered security. The layers can be administrative, technical, or logical. As an example of logical security, you might add a firewall, encryption, packet filtering, IPsec, and a demilitarized zone (DMZ) to start to build defense in depth.“ (CEHsntos 2022)

demilitarized zone (DMZ) The middle ground between a trusted internal network and an untrusted external network. Services that internal and external users must use are typically placed there, such as HTTP.” (CEHsntos 2022)

denial of service (DoS) The process of having network resources, services, and bandwidth reduced or eliminated because of unwanted or malicious traffic. The goal of a DoS attack is to render the network or system nonfunctional. Some examples include Ping of Death, SYN flood, IP spoofing, and Smurf attacks.“ (CEHsntos 2022)

destruction The act of destroying data and information or permanently depriving information from the legitimate user.” (CEHsntos 2022)

detective controls Controls that identify undesirable events that have occurred.“ (CEHsntos 2022)

dictionary attack An attack in which a text file full of dictionary words is loaded into a password program and then run against user accounts located by the application. If simple passwords have been used, this attack might be enough to crack the code. It can be performed offline with tools like LCP and Hashcat, and it can be performed online with tools like Brutus and THC-Hydra.” (CEHsntos 2022)

digital certificate An electronic document that is usually issued by a trusted third party, such as a certificate authority, and contains the name of a user or server, a digital signature, a public key, and other elements used in authentication and encryption. X.509 is the most common type of digital certificate.“ (CEHsntos 2022)

digital signature An electronic signature that can be used to authenticate the identity of the sender of a message. It is created by encrypting a hash of a message or document with a private key. The message to be sent is passed through a hashing algorithm; the resulting message digest or hash value is then encrypted using the sender’s private key.” (CEHsntos 2022)

digital watermark A technique that adds hidden copyright information to a document, picture, or sound file. It can be used to enable an individual working with electronic data to add hidden copyright notices or other verification messages to digital audio, video, or image signals and documents.“ (CEHsntos 2022)

disaster A natural or man-made event, such as fire, flood, storm, or equipment failure, that negatively affects an industry or facility.

” (CEHsntos 2022)

discretionary access control (DAC) An access policy that enables the resource owner to determine who is permitted access. “ (CEHsntos 2022)

distributed denial of service (DDoS) A type of attack similar to denial of service (DoS), except that the attack is launched from multiple, distributed agent IP devices.” (CEHsntos 2022)

Domain Name Service (DNS) A hierarchy of Internet servers that translates alphanumeric domain names into IP addresses and vice versa. Because domain names are alphanumeric, they are easier for humans to remember than IP addresses.“ (CEHsntos 2022)

dropper A Trojan horse or program designed to drop a virus to the infected computer and then execute it.” (CEHsntos 2022)

due care The standard of conduct of a reasonable and prudent person. When you see the term due care, think of the first letter of each word and remember “do correct,” because due care is about the actions that you take to reduce risk and keep it at that level.“ (CEHsntos 2022)

due diligence The execution of due care over time. When you see the term due diligence, think of the first letter of each word and remember “do detect,” because due diligence is about finding the threats an organization faces. This is accomplished by using standards, best practices, and check lists.” (CEHsntos 2022)

dumpster diving The practice of rummaging through the trash of a potential target or victim to gain useful information.“ (CEHsntos 2022)

dynamic analysis The act of analyzing software or programs while they are executing. Dynamic analysis also relates to the monitoring and analysis of computer activity and network traffic during malware analysis.” (CEHsntos 2022)

E

eavesdrop ping The unauthorized capture and reading of network traffic or other type of network communication.“ (CEHsntos 2022)

echo reply The second part of an Internet Control Message Protocol (ICMP) ping, officially a type 0 that is sent in response to an echo request. Used by the ping command to test networks.” (CEHsntos 2022)

echo request The first part of an ICMP ping, officially a type 8. Makes use of an ICMP echo request packet, which will be answered using an ICMP echo reply packet.“ (CEHsntos 2022)

EDGAR database The Electronic Data Gathering, Analysis, and Retrieval system used by the Securities and Exchange Commission (SEC) for storage of public company filings. It is a potential source of information for hackers who are targeting a public company.” (CEHsntos 2022)

Electronic Code Book (ECB) A symmetric block cipher that is one of the modes of Data Encryption Standard (DES). ECB is considered the weakest mode of DES. When used, the same plaintext input will result in the same encrypted-text output.“ (CEHsntos 2022)

electronic serial number (ESN) A unique ID number embedded in a cell phone by the manufacturer to minimize the chance of fraud and to identify a specific cell phone when it is turned on and a request to join a cellular network is sent over the air.” (CEHsntos 2022)

encryption The science of turning plaintext into cipher text.“ (CEHsntos 2022)

end-user licensing agreement (EULA) The software license that software vendors create to protect and limit their liability and to hold the purchaser liable for illegal pirating of the software application. The EULA usually contains language that protects the software manufacturer from software bugs and flaws and limits the liability of the vendor.” (CEHsntos 2022)

enterprise vulnerability management The overall responsibility and management of vulnerabilities within an organization and how that management of vulnerabilities will be achieved through dissemination of duties throughout the IT organization.“ (CEHsntos 2022)

ethical hack A type of hack that is done to help a company or individual identify potential threats on the organization’s IT infrastructure or network.” (CEHsntos 2022)

ethical hacker A security professional who legally attempts to break in to a computer system or network to find its vulnerabilities. An ethical hacker must obey rules of engagement, do no harm, and stay within legal boundaries.“ (CEHsntos 2022)

evasion The act of performing activities to avoid detection.” (CEHsntos 2022)

evil twin An attack in which an attacker creates a rogue access point and configures it exactly the same as the existing corporate network.“ (CEHsntos 2022)

exploit An attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders.” (CEHsntos 2022)

exposure factor (EF) A value calculated by determining the percentage of loss to a specific asset if a specific threat is realized. For example, if a fire were to hit a Houston data center that has an asset value of $250,000, it is believed that there would be a 50 percent loss or exposure factor. Adding additional fire controls could reduce this figure.“ (CEHsntos 2022)

Extensible Authentication Protocol (EAP) A method of authentication that can support multiple authentication methods, such as tokens, smart cards, certificates, and one-time passwords.” (CEHsntos 2022)

F

false acceptance rate (FAR) A measurement]] that evaluates the likelihood that a biometric access control system will wrongly accept an unauthorized user.“ (CEHsntos 2022)

false rejection rate (FRR) A measurement]] that evaluates the likelihood that a biometric access control system will reject a legitimate user.” (CEHsntos 2022)

fast infection A type of virus infection that occurs quickly.“ (CEHsntos 2022)

file infector A type of virus that copies itself into executable programs.” (CEHsntos 2022)

finger On some UNIX systems, a program that identifies who is logged on and active and sometimes provides personal information about that individual.“ (CEHsntos 2022)

firewall Security system in hardware or software form that is used to manage and control both network connectivity and network services. Firewalls act as chokepoints for traffic entering and leaving the network, and prevent unrestricted access. Firewalls can be stateful or stateless.” (CEHsntos 2022)

flooding The process of overloading the network with traffic so that no legitimate traffic or activity can occur.“ (CEHsntos 2022)

G

gap analysis The analysis of the differences between two different states, often for the purpose of determining how to get from point A to point B; therefore, the aim is to look at ways to bridge the gap. Used when performing audits and risk assessments.” (CEHsntos 2022)

gentle scan A type of vulnerability scan that does not present a risk to the operating network infrastructure.“ (CEHsntos 2022)

gray box testing Testing that occurs with only partial knowledge of the network or that is performed to see what internal users have access to.” (CEHsntos 2022)

guidelines Recommended actions and operational guides for users. Much like standards but less stringent.“ (CEHsntos 2022)

H

hash A mathematical algorithm used to ensure that a transmitted message has not been tampered with. A one-way algorithm that maps or translates one set of bits into a fixed-length value that can be used to uniquely identify data.” (CEHsntos 2022)

hashing algorithm A mathematical algorithm used to verify the integrity of data and messages. A well-designed hashing algorithm examines every bit of the data while it is being condensed, and even a slight change to the data will result in a large change in the message hash. It is considered a one-way process.“ (CEHsntos 2022)

heuristic scanning A form of virus scanning that looks at irregular activity by programs. For example, a heuristic scanner would flag a word processing program that attempted to format the hard drive, because that is not normal activity.” (CEHsntos 2022)

honeypot An Internet-attached server that acts as a decoy, luring in potential hackers to study their activities and monitor how they are able to break in to a system. Similar to a honeynet, which is a collection of honeypot systems.“ (CEHsntos 2022)

I

identify theft An attack in which an individual’s personal, confidential, banking, and financial identity is stolen and compromised by another individual or individuals. Use of your Social Security number without your consent or permission might result in identify theft.” (CEHsntos 2022)

impact assessment An attempt to identify the extent of the consequences if a given event occurs.“ (CEHsntos 2022)

inference The ability to deduce information about data or activities to which the subject does not have access.” (CEHsntos 2022)

inference attack An attack that relies on the attacker’s ability to make logical connections between seemingly unrelated pieces of information.“ (CEHsntos 2022)

Infrastructure as a Service (IaaS) A cloud-based service that offers customers virtualized computing resources over the Internet such as firewalls and switches.” (CEHsntos 2022)

infrastructure mode A form of wireless networking in which wireless stations communicate with each other by first going through an access point. See also ad hoc mode.“ (CEHsntos 2022)

initial sequence number (ISN) A number defined during a Transmission Control Protocol (TCP) startup session to keep track of how much information has been moved. The ISN is of particular interest to hackers, who use it in session hijacking attacks.” (CEHsntos 2022)

integrity The accuracy and completeness of an item. One of the three elements of the CIA security triad, along with confidentiality and availability.“ (CEHsntos 2022)

Internet Assigned Numbers Authority (IANA) A primary governing body for Internet networking. IANA oversees three key aspects of the Internet: top-level domains (TLDs), IP address allocation, and port number assignments. IANA is tasked with preserving the central coordinating functions of the Internet for the public good. IANA is used by hackers and security specialists to track down domain owners and their contact details.” (CEHsntos 2022)

Internet Control Message Protocol (ICMP) Part of TCP/IP that supports diagnostics and error control. ICMP echo request and echo reply are packets used in the ping utility.“ (CEHsntos 2022)

intrusion detection A key component of security that includes prevention, detection, and response. It is used to detect anomalies or known patterns of attack.” (CEHsntos 2022)

intrusion detection system (IDS) A network or host-based monitoring device installed and used to inspect inbound and outbound traffic and activity and identify suspicious patterns that might indicate a network or system attack by someone attempting to break into or compromise a system.“ (CEHsntos 2022)

inverse SYN cookie A method for tracking the state of a connection, which takes the source address and port, along with the destination address and port, and then through an SHA-1 hashing algorithm. This value becomes the initial sequence number (ISN) for the outgoing packet. Used in dealing with SYN flood attacks.” (CEHsntos 2022)

IPsec Short for IP Security; an IETF standard used to secure TCP/IP traffic. It can be implemented to provide integrity and confidentiality.“ (CEHsntos 2022)

ISO/IEC 17799 A comprehensive security standard, divided into ten sections, that is considered a leading standard and a code of practice for information security management.” (CEHsntos 2022)

IT Short for information technology; the use of computers, software, Internet/intranet, and telecommunications.“ (CEHsntos 2022)

IT asset Information technology asset, such as hardware, software, or data.” (CEHsntos 2022)

IT asset criticality analysis The act of assigning a criticality factor or importance value (critical, major, or minor) to an IT asset.“ (CEHsntos 2022)

IT asset valuation The act of assigning a monetary value to an IT asset.” (CEHsntos 2022)

IT infrastructure A general term to encompass all information technology assets (hardware, software, data), components, systems, applications, and resources.“ (CEHsntos 2022)

IT security architecture and framework A document that defines the policies, standards, procedures, and guidelines for information security.” (CEHsntos 2022)

J

K

KARMA Short for Karma Attacks Radio Machines Automatically. A man-in-the-middle]] attack that creates a rogue AP and enables an attacker to intercept wireless traffic. A radio machine could be a mobile device, a laptop, or any Wi-Fi–enabled device. In a KARMA attack scenario, the attacker listens for the probe requests from wireless devices and intercepts them to generate the same SSID for which the device is sending probes.“ (CEHsntos 2022)

key exchange protocol A protocol used to exchange secret keys for the facilitation of encrypted communication. Diffie-Hellman is an example of a key exchange protocol.” (CEHsntos 2022)

keylogger (key stroke logger) A tool that an attacker uses to capture user key strokes in a system to steal sensitive data (including credentials). There are two main types of keyloggers: key logging hardware devices and key logging software. A hardware (physical) keylogger is usually a small device that can be placed between a user’s key board and the main system. Software keyloggers are dedicated programs designed to track and log user key strokes.“ (CEHsntos 2022)

L

limitation of liability and remedies A legal clause in a contract that limits an organization’s financial liability and limits the remedies available to the other party.” (CEHsntos 2022)

M

MAC filtering A method of controlling access on a wired or wireless network by denying access to any device that has a MAC address that does not match a MAC address in a pre-approved list.“ (CEHsntos 2022)

macro infector A type of computer virus that infects macro files. I Love You and Melissa are both examples of macro viruses.” (CEHsntos 2022)

mandatory access control (MAC) A means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (such as clearance) of subjects to access information of such sensitivity.“ (CEHsntos 2022)

man-in-the-middle]] attack or on-path attack A type of attack in which the attacker can read, insert, and change information that is being passed between two parties, without either party knowing that the information has been compromised.” (CEHsntos 2022)

man-made threats Threats that are caused by humans, such as hacker attack, terrorism, or destruction of property.“ (CEHsntos 2022)

master boot record infector A virus that infects a master boot record.” (CEHsntos 2022)

The Matrix A movie about a computer hacker who learns from mysterious rebels about the true nature of his reality and his role in the Matrix machine. A favorite movie of hackers!“ (CEHsntos 2022)

MD5 A hashing algorithm that produces a 128-bit output.” (CEHsntos 2022)

Media Access Control (MAC) address The hard-coded address of the physical layer device that is attached to the network. In an Ethernet network, the address is 48 bits (or 6 bytes) long.“ (CEHsntos 2022)

methodology A set of documented procedures used for performing activities in a consistent, accountable, and repeatable manner.” (CEHsntos 2022)

Moore's Law The prediction that processing power of computers will double about every 18 months.“ (CEHsntos 2022)

multipartite virus A virus that attempts to attack both the boot sector and executable files.” (CEHsntos 2022)

N

natural threats Threats posed by nature, such as fire, floods, and storms.“ (CEHsntos 2022)

NetBus A backdoor Trojan that allows an attacker complete control of the victim’s computer.” (CEHsntos 2022)

Network Address Translation (NAT) A method of connecting multiple computers to the Internet using one IP address so that many private addresses are converted to a single public address.“ (CEHsntos 2022)

network operations center (NOC) An organization’s help desk or interface to its end users in which trouble calls, questions, and trouble tickets are generated.” (CEHsntos 2022)

NIST 800-42 A document that provides guidance on network security testing. It deals mainly with techniques and tools used to secure systems connected to the Internet. This document was superseded in 2008 by NIST SP 800-115, “Technical Guide to Information Security Testing and Assessment.”“ (CEHsntos 2022)

nonattribution The act of not providing a reference to a source of information.” (CEHsntos 2022)

nonrepudiation A system or method put in place to ensure that an individual cannot deny his own actions.“ (CEHsntos 2022)

Nslookup A standard UNIX, Linux, and Windows tool for querying name servers.” (CEHsntos 2022)

N-tier A model in which functions are physically separated based on which layer they reside (presentation, application, data management, and so on).“ (CEHsntos 2022)

null session A Windows feature in which anonymous logged-on users can list domain usernames, account information, and enumerate share names.” (CEHsntos 2022)

O

one-time pad An encryption mechanism that can be used only once, and that is, theoretically, unbreakable. One-time pads function by combining plaintext with a random pad that is the same length as the plaintext.“ (CEHsntos 2022)

open source Software released under an open source license, such as the GNU General Public License, or to the public domain. The source code is published and can be modified.” (CEHsntos 2022)

OS (operating system) identification The practice of identifying the operating system of a networked device through either passive or active techniques.“ (CEHsntos 2022)

P

packers Similar to programs such as WinZip, Rar, and Tar in that they compress files. However, whereas compression programs compress files to save space, packers do this to obfuscate the activity of the malware. The idea is to prevent anyone from viewing the malware’s code until it is placed in memory. Packers serve a second valuable goal to the attacker in that they work to bypass network security protection mechanisms.” (CEHsntos 2022)

packet filtering A form of stateless inspection performed by some firewalls and routers. Packet filters limit the flow of traffic based on predetermined access control lists (ACLs). Parameters such as source, destination, or port can be filtered or blocked by a packet filter.“ (CEHsntos 2022)

paper shredder A hardware device used for destroying paper and documents by shredding to prevent dumpster diving.” (CEHsntos 2022)

passive fingerprinting A passive method of identifying the operating system (OS) of a targeted computer or device. No traffic or packets are injected into the network; attackers simply listen to and analyze existing traffic.“ (CEHsntos 2022)

Password Authentication Protocol (PAP) A form of authentication in which clear-text usernames and passwords are passed.” (CEHsntos 2022)

pattern matching A method used by intrusion detection systems (IDS) to identify malicious traffic. It is also called signature matching and works by matching traffic against signatures stored in a database.“ (CEHsntos 2022)

penetration test A method of evaluating the security of a network or computer system by simulating an attack by a malicious hacker without doing harm and with the owner’s written consent.” (CEHsntos 2022)

personal-area network (PAN) A network of two or more devices connected via Bluetooth.“ (CEHsntos 2022)

phishing The act of misleading or conning an individual into releasing and providing personal and confidential information to an attacker masquerading as a legitimate individual or business. This is usually done by sending many emails that request the victim to follow a link to a bogus website. Closely associated with spear phishing, which is more targeted, and whaling, which targets CEOs or other high-ranking employees.” (CEHsntos 2022)

ping sweep The process of sending ping requests to a series of devices or to the entire range of networked devices.“ (CEHsntos 2022)

Platform as a Service (PaaS) A cloud-based service that offers customers a platform on which to develop, run, and manage their applications and services. One advantage is that clients do not have to build and maintain their own infrastructure.” (CEHsntos 2022)

policy A high-level document that dictates management intentions toward security.“ (CEHsntos 2022)

polymorphic virus A virus that is capable of change and self-mutation.” (CEHsntos 2022)

port knocking A defensive technique that requires users of a particular service to access a sequence of ports in a given order before the service will accept their connection.“ (CEHsntos 2022)

port redirection The process of redirecting one protocol from an existing port to another.” (CEHsntos 2022)

ports A communications end point used by protocols and applications for communication. Port numbers are divided into three ranges: well-known ports, registered ports, and dynamic/private ports. Well-known ports are those from 0 to 1023, registered ports are those from 1024 to 49151, and dynamic/private ports are those from 49152 to 65535.“ (CEHsntos 2022)

Post Office Protocol (POP) A commonly implemented method of delivering email from the mail server to the client machine. Other methods include Internet Message Access Protocol (IMAP) and Microsoft Exchange.” (CEHsntos 2022)

prepender A virus type that adds the virus code to the beginning of existing executables.“ (CEHsntos 2022)

preventive controls Controls that reduce risk and are used to prevent undesirable events from happening.” (CEHsntos 2022)

probability The likelihood of an event happening.“ (CEHsntos 2022)

procedure A detailed, in-depth, step-by-step document that lays out exactly what is to be done and how it is to be accomplished.” (CEHsntos 2022)

promiscuous mode Mode in which a network adapter examines all traffic, unlike normal mode, in which it examines only traffic that matches its address. Promiscuous mode enables a single device to intercept and read all packets that arrive at the interface in their entirety; these packets may or may not have been destined for this particular target.“ (CEHsntos 2022)

proxy server A type of firewall that intercepts all requests to the real server to see whether it can fulfill the requests itself. If not, it forwards the request to the real server. Proxy servers are used to improve performance and add security.” (CEHsntos 2022)

public key infrastructure (PKI) Infrastructure used to facilitate e-commerce and build trust. PKI is composed of hardware, software, people, policies, and procedures; it is used to create, manage, store, distribute, and revoke public key certificates. PKI is based on public key cryptography.“ (CEHsntos 2022)

Q

qualitative analysis An evaluation and analysis based on a weighting or criticality factor valuation as part of the evaluation or analysis.” (CEHsntos 2022)

qualitative assessment An analysis of risk that places the probability results into terms such as none, low, medium, and high.“ (CEHsntos 2022)

quantitative analysis A numeric evaluation and analysis based on monetary or dollar valuation as part of the evaluation or analysis.” (CEHsntos 2022)

quantitative risk assessment A methodical, step-by-step calculation of asset valuation, exposure to threats, and the financial impact or loss in the event of the threat being realized.“ (CEHsntos 2022)

R

RAM resident infection A type of virus that spreads through RAM.” (CEHsntos 2022)

ransom ware A type of malware that encrypts all files until a payment is made.“ (CEHsntos 2022)

red team A group of ethical hackers who help organizations explore network and system vulnerabilities by means of penetration testing.” (CEHsntos 2022)

Redundant Array of Independent Disks (RAID) A type of fault tolerance and performance improvement for disk drives that employs two or more drives in combination.“ (CEHsntos 2022)

Rijndael A symmetric encryption algorithm chosen to be the Advanced Encryption Standard (AES).” (CEHsntos 2022)

risk The exposure or potential for loss or damage to IT assets within an IT infrastructure.“ (CEHsntos 2022)

risk acceptance An informed decision to suffer the consequences of likely events.” (CEHsntos 2022)

risk assessment A process for evaluating the exposure or potential loss or damage to the IT and data assets for an organization.“ (CEHsntos 2022)

risk avoidance A decision to take action to avoid a risk.” (CEHsntos 2022)

risk management The overall responsibility and management of risk within an organization. Risk management is the responsibility and dissemination of roles, responsibilities, and accountabilities for risk in an organization.“ (CEHsntos 2022)

risk transference The shifting of responsibility or burden to another party or individual.” (CEHsntos 2022)

rogue access point An 802.11 access point that has been set up by an attacker for the purpose of diverting traffic of legitimate users so that it can be sniffed or manipulated.“ (CEHsntos 2022)

role-based access control (RBAC) A type of discretionary access control in which users are placed into groups to facilitate management. This type of access control is widely used by Microsoft Active Directory, Oracle Database, and SAP ECC.” (CEHsntos 2022)

Routing Information Protocol (RIP) A widely used distance-vector protocol that determines the best route by hop count.“ (CEHsntos 2022)

RSA Algorithm (RSA) A ubiquitous, asymmetric algorithm created by Dr. Ronald Rivest, Dr. Adi Shamir, and Dr. Leonard Adleman.” (CEHsntos 2022)

rule-based access control A type of mandatory access control that matches objects to subjects. It dynamically assigns roles to subjects based on their attributes and a set of rules defined by a security policy.“ (CEHsntos 2022)

S

script kiddie The lowest form of cracker who looks for easy targets or well-worn vulnerabilities.” (CEHsntos 2022)

security breach or security incident The result of a threat or vulnerability being exploited by an attacker.“ (CEHsntos 2022)

security by obscurity The controversial and ill-advised use of secrecy to ensure security.” (CEHsntos 2022)

security controls Policies, standards, procedures, and guideline definitions for various security control areas or topics.“ (CEHsntos 2022)

security countermeasure A security hardware or software technology solution that is deployed to ensure the confidentiality, integrity, and availability of IT assets that need protection.” (CEHsntos 2022)

security defect Usually an unidentified and undocumented deficiency in a product or piece of software that ultimately results in a security vulnerability being identified.“ (CEHsntos 2022)

security incident response team (SIRT) A team of professionals who usually encompass Human Resources, Legal, IT, and IT Security to appropriately respond to critical, major, and minor security breaches and security incidents that the organization encounters.” (CEHsntos 2022)

security information and event management (SIEM) A combination of two previous technologies: security information management and security event management. This technology is used to provide real-time analysis of security logs generated in real time and includes a centralized location to store and process logs.“ (CEHsntos 2022)

security kernel A combination of software, hardware, and firmware that makes up the trusted computer base (TCB). The TCB mediates all access, must be verifiable as correct, and is protected from modification.” (CEHsntos 2022)

security work flow definition A flowchart that defines the communications, checks and balances, and domain of responsibility and accountability for the organization’s IT and IT security staff in the context of a defense-in-depth, layered approach to information security roles, tasks, responsibilities, and accountabilities.“ (CEHsntos 2022)

separation of duties A definition of the roles, tasks, responsibilities, and accountabilities for information security uniquely for the different duties of the IT staff and IT security staff.” (CEHsntos 2022)

service-level agreement (SLA) A contractual agreement between an organization and its service provider. An SLA protects the organization with regard to holding the service provider accountable for the requirements as defined in the SLA.“ (CEHsntos 2022)

service-oriented architecture A methodology used to build an architecture that is based on the use of services.” (CEHsntos 2022)

service set ID (SSID) A sequence of up to 32 letters or numbers that is the ID, or name, of a wireless local-area network and is used to differentiate networks.“ (CEHsntos 2022)

session hijack A type of attack where the attacker gains unauthorized access to an application or a system by stealing a session cookie.” (CEHsntos 2022)

session splicing The act of sending parts of a request in different packets to avoid detection by an intrusion detection system (IDS).“ (CEHsntos 2022)

SHA-1 A hashing algorithm that produces 160-bit output. SHA-1 was designed by the National Security Agency (NSA) and is defined in RFC 3174.” (CEHsntos 2022)

sheep dip The process of scanning for viruses on a standalone computer.“ (CEHsntos 2022)

shoulder surfing The act of looking over someone’s shoulder to steal the person’s password, phone PIN, card number, or other type of information.” (CEHsntos 2022)

signature scanning One of the most basic ways of scanning for computer viruses; compares suspect files and programs to signatures of known viruses stored in a database.“ (CEHsntos 2022)

Simple Network Management Protocol (SNMP) An application layer protocol that facilitates the exchange of management information between network devices. The first version of SNMP, v1, uses well-known community strings of public and private. Version 3 offers encryption.” (CEHsntos 2022)

single loss expectancy (SLE) An example of a quantitative risk assessment formula used to assess the single loss of an event. It is computed by the SLE = asset value (AV) times the exposure factor (EF).“ (CEHsntos 2022)

site survey The process of determining the optimum placement of wireless access points. The objective of the site survey is to create an accurate wireless system design/layout and budgetary quote.” (CEHsntos 2022)

smurf attack A distributed denial-of-service (DDoS) attack in which an attacker transmits large amounts of Internet Control Message Protocol (ICMP) echo request (ping) packets to a targeted IP destination device using the targeted destination’s IP source address. This is called spoofing the IP source address. IP routers and other IP devices that respond to broadcasts will respond to the targeted IP device with ICMP echo replies, which multiplies the amount of bogus traffic.“ (CEHsntos 2022)

sniffer A hardware or software device that can be used to intercept and decode network traffic.” (CEHsntos 2022)

sniffing The act of collecting IP packets from a network.“ (CEHsntos 2022)

social engineering The practice of tricking people into revealing sensitive data about their computer system or infrastructure. This type of attack targets people and is the art of human manipulation. Even when systems are physically well protected, social engineering attacks are possible.” (CEHsntos 2022)

Software as a Service (SaaS) A cloud-based service in which software or an application is hosted and maintained on a service provider’s systems. All that is needed is the customer data.“ (CEHsntos 2022)

software bug or software flaw An error in software coding or its design that can result in software vulnerability.” (CEHsntos 2022)

software vulnerability standard A standard that ac companies an organization’s vulnerability assessment and management policy. This standard typically defines the organization’s vulnerability window and how the organization is to provide software vulnerability management and software patch management throughout the enterprise.“ (CEHsntos 2022)

spamming The use of any electronic communications medium to send unsolicited messages in bulk. Spamming is a major irritation of the Internet era.” (CEHsntos 2022)

spoofing The act of masking your identity and pretending to be someone else or another device. Common spoofing methods include Address Resolution Protocol (ARP), Domain Name System (DNS), and Internet Protocol (IP). Spoofing is also implemented by email in phishing schemes.“ (CEHsntos 2022)

spy ware Any software application that covertly gathers information about a user’s Internet usage and activity and then exploits this information by sending adware and pop-up ads similar in nature to the user’s Internet usage history.” (CEHsntos 2022)

stateful inspection An advanced firewall architecture that works at the network layer and keeps track of packet activity. Stateful inspection has the capability to keep track of the state of the connection. For example, if a Domain Name System (DNS) reply is being sent into the network, stateful inspection can check to see whether a DNS request had previously been sent, because replies only follow requests. Should evidence of a request not be found by stateful inspection, the device will know that the DNS packet should not be allowed in and is potentially malicious.“ (CEHsntos 2022)

static analysis The analysis of software that is performed without actually executing programs. Static analysis is different from dynamic analysis, which is analysis performed on programs while they are “running” or executing. Static analysis makes use of disassemblers and decompilers to format the data into a human-readable format. It is also a technique used in malware analysis.” (CEHsntos 2022)

steganography A cryptographic method of hiding the existence of a message. A commonly used form of steganography places information in pictures.“ (CEHsntos 2022)

stream cipher A method that encrypts data typically 1 bit or 1 byte at a time.” (CEHsntos 2022)

symmetric algorithm A mathematical procedure in which both parties use the same cryptographic key.“ (CEHsntos 2022)

symmetric encryption An encryption standard requiring that all parties have a copy of a shared key. A single key is used for both encryption and decryption.” (CEHsntos 2022)

SYN flood attack A distributed denial-of-service (DDoS) attack in which the attacker sends a succession of SYN packets with a spoofed address to a targeted destination IP device but does not send the last ACK packet to ac knowledge and confirm receipt. This leaves half-open connections between the client and the server until all resources are absorbed, rendering the server or targeted IP destination device unavailable because of resource allocation to this attack.“ (CEHsntos 2022)

synchronize sequence number A number that is initially passed to the other party at the start of the three-way TCP hand shake. It is used to track the movement of data between parties. Every byte of data sent over a TCP connection has a sequence number.” (CEHsntos 2022)

T

target of evaluation (TOE) Term developed for use with Common Criteria and used by EC-Council to define the target of the assessment or pen test.“ (CEHsntos 2022)

TCP hand shake A three-step process computers go through when negotiating a connection with one another. The process is a target of attackers and others with malicious intent.” (CEHsntos 2022)

threat Any agent, condition, or circumstance that could potentially cause harm, loss, damage, or compromise to an IT asset or data asset.“ (CEHsntos 2022)

Time to Live (TTL) A counter used within an IP packet that specifies the maximum number of hops that a packet can traverse. After a TTL is decremented to 0, a packet expires.” (CEHsntos 2022)

Tini A small Trojan program that listens on port 777.“ (CEHsntos 2022)

traceroute A way of tracing hops or computers between the source and target computer you are trying to reach. Identifies the path the packets are taking.” (CEHsntos 2022)

Transmission Control Protocol (TCP) One of the main protocols of the TCP/IP protocol suite, used for reliability and guaranteed delivery of data.“ (CEHsntos 2022)

trapdoor function A function that is easy to compute in one direction but difficult to compute in the opposite direction. Trapdoor functions are useful in asymmetric encryption and are included in algorithms such as RSA and Diffie-Hellman.” (CEHsntos 2022)

Trojan A program disguised as legitimate software but designed to covertly do something malicious or nefarious.“ (CEHsntos 2022)

trusted computer base (TCB) All the protection mechanisms within a computer system. This includes hardware, firmware, and software responsible for enforcing a security policy.” (CEHsntos 2022)

Trusted Computer System Evaluation Criteria (TCSEC) Also called the Orange Book, a system designed by the Department of Defense (DoD) to evaluate standalone systems. It places systems into one of four levels: A, B, C, or D. Its basis of measurement]] is confidentiality.“ (CEHsntos 2022)

tumbling The process of rolling through various electronic serial numbers on a cell phone to attempt to find a valid set to use.” (CEHsntos 2022)

U

uber hacker An expert and dedicated computer hacker.“ (CEHsntos 2022)

Uniform Resource Locator (URL) The global address on the Internet and World Wide Web in which domain names are used to resolve IP addresses.” (CEHsntos 2022)

User Datagram Protocol (UDP) A connectionless protocol that provides few error-recovery services but offers a quick and direct way to send and receive datagrams.“ (CEHsntos 2022)

V

vandalism The willful destruction of property.” (CEHsntos 2022)

virtual private network (VPN) A private network that uses a public network to connect remote sites and users.“ (CEHsntos 2022)

virus A computer program with the capability to generate copies of itself and thereby spread. Viruses require the interaction of an individual to activate and can have rather benign results, such as flashing a message to the screen, or rather malicious results that destroy data, systems, integrity, or availability.” (CEHsntos 2022)

virus hoax An email chain letter designed to trick the recipient into forwarding it to many other people to warn them of a virus that does not exist. The Good Times virus is an example.“ (CEHsntos 2022)

vulnerability The absence or weakness of a safeguard in an asset.” (CEHsntos 2022)

vulnerability assessment A methodical evaluation of an organization’s IT weaknesses of infrastructure components and assets and how those weaknesses can be mitigated through proper security controls and recommendations to remediate exposure to risks, threats, and vulnerabilities.“ (CEHsntos 2022)

vulnerability management The overall responsibility and management of vulnerabilities within an organization and how that management of vulnerabilities will be achieved through dissemination of duties throughout the IT organization.” (CEHsntos 2022)

W

war dialing The process of using a software program to automatically call thousands of telephone numbers to look for anyone who has a modem attached.“ (CEHsntos 2022)

war driving The process of driving around a neighborhood or area using a wireless NIC, GPS, and map ping software to identify wireless access points.” (CEHsntos 2022)

warm site An alternative computer facility that is partially configured and can be made ready in a few days.“ (CEHsntos 2022)

white box testing A security assessment or penetration test in which all aspects of the network are known.” (CEHsntos 2022)

Whois An Internet utility that returns information about the domain name and IP address.“ (CEHsntos 2022)

Wi-Fi Protected Access (WPA) A security standard for wireless networks designed to be more secure than Wired Equivalent Privacy (WEP) and used as an interim replacement until WPA2 was released.” (CEHsntos 2022)

Wired Equivalent Privacy (WEP) An algorithm based on the RC4 encryption scheme and designed to provide the same level of security as that of a wired LAN. Because of 40-bit encryption and problems with the initialization vector, it was found to be insecure.“ (CEHsntos 2022)

worm A self-replicating program that spreads by inserting copies of itself into other executable codes, programs, or documents. Worms typically flood a network with traffic and result in a denial of service.” (CEHsntos 2022)

wrapper A type of program used to bind a Trojan program to a legitimate program. The objective is to trick the user into running the wrapped program and installing the Trojan.“ (CEHsntos 2022)

written authorization - “One of the most important parts of the ethical hack. It gives you permission to perform the tests that have been agreed on by the client.” (CEHsntos 2022)

X

Y

Z

zone transfer The mechanism used by Domain Name Service (DNS) servers to update each other by transferring a resource record. It should be a controlled process between two DNS servers but is something that hackers will attempt to perform to steal the organization’s DNS information. It can be used to map the network devices.” (CEHsntos 2022)

Fair Use Sources

Fair Use Sources:

Cybersecurity: DevSecOps - Security Automation, Cloud Security - Cloud Native Security (AWS Security - Azure Security - GCP Security - IBM Cloud Security - Oracle Cloud Security, Container Security, Docker Security, Podman Security, Kubernetes Security, Google Anthos Security, Red Hat OpenShift Security); CIA Triad (Confidentiality - Integrity - Availability, Authorization - OAuth, Identity and Access Management (IAM), JVM Security (Java Security, Spring Security, Micronaut Security, Quarkus Security, Helidon Security, MicroProfile Security, Dropwizard Security, Vert.x Security, Play Framework Security, Akka Security, Ratpack Security, Netty Security, Spark Framework Security, Kotlin Security - Ktor Security, Scala Security, Clojure Security, Groovy Security;

, JavaScript Security, HTML Security, HTTP Security - HTTPS Security - SSL Security - TLS Security, CSS Security - Bootstrap Security - Tailwind Security, Web Storage API Security (localStorage Security, sessionStorage Security), Cookie Security, IndexedDB Security, TypeScript Security, Node.js Security, NPM Security, Deno Security, Express.js Security, React Security, Angular Security, Vue.js Security, Next.js Security, Remix.js Security, PWA Security, SPA Security, Svelts.js Security, Ionic Security, Web Components Security, Nuxt.js Security, Z Security, htmx Security

Python Security - Django Security - Flask Security - Pandas Security,

Database Security (Database Security on Kubernetes, Database Security on Containers / Database Security on Docker, Cloud Database Security - DBaaS Security, Concurrent Programming and Database Security, Functional Concurrent Programming and Database Security, Async Programming and Databases Security, MySQL Security, Oracle Database Security, Microsoft SQL Server Security, MongoDB Security, PostgreSQL Security, SQLite Security, Amazon RDS Security, IBM Db2 Security, MariaDB Security, Redis Security, Cassandra Security, Amazon Aurora Security, Microsoft Azure SQL Database Security, Neo4j Security, Google Cloud SQL Security, Firebase Realtime Database Security, Apache HBase Security, Amazon DynamoDB Security, Couchbase Server Security, Elasticsearch Security, Teradata Database Security, Memcached Security, Amazon Redshift Security, SQLite Security, CouchDB Security, Apache Kafka Security, IBM Informix Security, SAP HANA Security, RethinkDB Security, InfluxDB Security, MarkLogic Security, ArangoDB Security, RavenDB Security, VoltDB Security, Apache Derby Security, Cosmos DB Security, Hive Security, Apache Flink Security, Google Bigtable Security, Hadoop Security, HP Vertica Security, Alibaba Cloud Table Store Security, InterSystems Caché Security, Greenplum Security, Apache Ignite Security, FoundationDB Security, Amazon Neptune Security, FaunaDB Security, QuestDB Security, Presto Security, TiDB Security, NuoDB Security, ScyllaDB Security, Percona Server for MySQL Security, Apache Phoenix Security, EventStoreDB Security, SingleStore Security, Aerospike Security, MonetDB Security, Google Cloud Spanner Security, SQream Security, GridDB Security, MaxDB Security, RocksDB Security, TiKV Security, Oracle NoSQL Database Security, Google Firestore Security, Druid Security, SAP IQ Security, Yellowbrick Data Security, InterSystems IRIS Security, InterBase Security, Kudu Security, eXtremeDB Security, OmniSci Security, Altibase Security, Google Cloud Bigtable Security, Amazon QLDB Security, Hypertable Security, ApsaraDB for Redis Security, Pivotal Greenplum Security, MapR Database Security, Informatica Security, Microsoft Access Security, Tarantool Security, Blazegraph Security, NeoDatis Security, FileMaker Security, ArangoDB Security, RavenDB Security, AllegroGraph Security, Alibaba Cloud ApsaraDB for PolarDB Security, DuckDB Security, Starcounter Security, EventStore Security, ObjectDB Security, Alibaba Cloud AnalyticDB for PostgreSQL Security, Akumuli Security, Google Cloud Datastore Security, Skytable Security, NCache Security, FaunaDB Security, OpenEdge Security, Amazon DocumentDB Security, HyperGraphDB Security, Citus Data Security, Objectivity/DB). Database drivers (JDBC Security, ODBC), ORM (Hibernate Security, Microsoft Entity Framework), SQL Operators and Functions Security, Database IDEs (JetBrains DataSpell Security, SQL Server Management Studio Security, MySQL Workbench Security, Oracle SQL Developer Security, SQLiteStudio),

Programming Language Security ((1. Python Security, 2. JavaScript Security, 3. Java Security, 4. C# Security, 5. C++ Security, 6. PHP Security, 7. TypeScript Security, 8. Ruby Security, 9. C Security, 10. Swift Security, 11. R Security, 12. Objective-C Security, 13. Scala Security, 14. Golang Security, 15. Kotlin Security, 16. Rust Security, 17. Dart Security, 18. Lua Security, 19. Perl Security, 20. Haskell Security, 21. Julia Security, 22. Clojure Security, 23. Elixir Security, 24. F# Security, 25. Assembly Language Security, 26. Shell Script Security / bash Security, 27. SQL Security, 28. Groovy Security, 29. PowerShell Security, 30. MATLAB Security, 31. VBA Security, 32. Racket Security, 33. Scheme Security, 34. Prolog Security, 35. Erlang Security, 36. Ada Security, 37. Fortran Security, 38. COBOL Security, 39. Lua Security, 40. VB.NET Security, 41. Lisp Security, 42. SAS Security, 43. D Security, 44. LabVIEW Security, 45. PL/SQL Security, 46. Delphi/Object Pascal Security, 47. ColdFusion Security, 49. CLIST Security, 50. REXX);

OS Security, Mobile Security: Android Security - Kotlin Security - Java Security, iOS Security - Swift Security; Windows Security - Windows Server Security, Linux Security (Ubuntu Security, Debian Security, RHEL Security, Fedora Security), UNIX Security (FreeBSD Security), IBM z Mainframe Security (RACF Security), Passwords (Windows Passwords, Linux Passwords, FreeBSD Passwords, Android Passwords, iOS Passwords, macOS Passwords, IBM z/OS Passwords), Passkeys, Hacking (Ethical Hacking, White Hat, Black Hat, Grey Hat), Pentesting (Red Team - Blue Team - Purple Team), Cybersecurity Certifications (CEH, GIAC, CISM, CompTIA Security Plus, CISSP), Mitre Framework, Common Vulnerabilities and Exposures (CVE), Cybersecurity Bibliography, Cybersecurity Courses, Firewalls, CI/CD Security (GitHub Actions Security, Azure DevOps Security, Jenkins Security, Circle CI Security), Functional Programming and Cybersecurity, Cybersecurity and Concurrency, Cybersecurity and Data Science - Cybersecurity and Databases, Cybersecurity and Machine Learning, Cybersecurity Glossary (RFC 4949 Internet Security Glossary), Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics (navbar_security - see also navbar_aws_security, navbar_azure_security, navbar_gcp_security, navbar_k8s_security, navbar_docker_security, navbar_podman_security, navbar_mainframe_security, navbar_ibm_cloud_security, navbar_oracle_cloud_security, navbar_database_security, navbar_windows_security, navbar_linux_security, navbar_macos_security, navbar_android_security, navbar_ios_security, navbar_os_security, navbar_firewalls, navbar_encryption, navbar_passwords, navbar_iam, navbar_pentesting, navbar_privacy)

SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.

Table of Contents

CEH Certified Ethical Hacker Cert Guide Index

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z

Fair Use Sources