Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CEH - Terms F G H I
Certified Ethical Hacker Terms & Definitions - F, G, H & I - info tech
| Question | Answer |
|---|---|
| The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access. | FAR (False Acceptance Rate) |
| The instance when an IDS (intrusion detection system) does not trigger on an event that was an actual intrusion attempt. | False Negative |
| The instance when an IDS or other sensor triggers on an event as an intrusion attempt, when it is really legitimate traffic. | False Positive |
| The rate at which a biometric system will incorrectly reject access to an authorized user's request. | FRR (False Rejection Rate) |
| An Ethernet system transmitting at 100 million bits per second (100 Mbps). This is 10 times the speed of the earlier standard. | Fast Ethernet |
| A LAN standard defined by ANSI X3T9.5. It specifies a 100Mbps token-passing network using fiber-optic cable in a dual-ring architecture. | FDDI (Fiber Distributed Data Interface) |
| The file system architecture used in Windows OS/2 and most memory cards. Replaced by NTFS. | FAT (File Allocation Table) |
| An Application layer protocol, using TCP, for transporting files across an Internet connection. Transmits in clear text. | FTP (File Transfer Protocol) |
| Sets of rules on routers and smart switches that screen network packets to determine whether the packet will be forwarded or discarded. | Filter |
| The process of systematically testing each port on a firewall to map rules and determine accessible ports. | Firewalking |
| A software or hardware component that restricts access between a protected network and the Internet, or between other sets of networks, to block unwanted traffic or attacks. | Firewall |
| The traffic technique of broadcasting traffic to all nodes on a device accept on the interface it was received on. | Flood |
| All measures and techniques taken to gather information about an intended target. | Footprinting |
| The process of receiving and then sending a packet on its path toward a final destination. | Forwarding |
| The process of breaking packets into smaller units for transmission over a network medium that cannot support the orignal packet size. | Fragmentation |
| A free and popular version of the Unix operating system. | FreeBSD |
| A name that consists of a root (www), a unique domain name (.example), and a TLD (top level domain) (.com .net .mil .edu etc.). | FQDN (Fully Qualified Domain Name) |
| A tool that helps a company to compare its actual performance with its potential performance. | Gap Analysis |
| A device that provides access between two or more networks. Usually used to connect dissimilar networks. | Gateway |
| A command used in HTTP and FTP to retrieve a file from a server. | GET |
| Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information. | Google Hacking |
| A penetration test in which the ethical hacker has some limited knowledge of the target(s). It is designed to simulate an internal (but non-system-administrator) level attack. | Gray Box Testing |
| A skilled hacker that straddles the line between hacking only with permission and within guidelines, and malicious hacking for personal gain. | Gray Hat |
| The act or actions of a hacker to forward a political agenda, to affect some societal change, or to shed light on perceived injustices. The actions are usually illegal in nature. | Hacktivism |
| A well-known and studied phenomenon of human nature, where a single personal trait influences the perception of other traits (very frequently erroneously). | Halo Effect (halo error) |
| A hardware device used to log keystrokes secretly. Very dangerous because they cannot be detected by regular software/ani-malware scanning. | Hardware Keystroke Logger |
| Created by an algorithm on a given piece of data to verify/protect data integrity. Generally used to store password values and verify the integrity of files after download. | Hash |
| MD5 and SHA-1 are examples. A one-way mathematical function that generates a fixed length numerical string(hash). | Hashing Algorithm |
| The method used by antivirus software to detect new, unknown viruses. It's based on piece-by-piece examination of a program to differentiate the virus from a normal program. | Heuristic Scanning |
| An IDS that resides on the host. It protects against file and folder manipulation and other host-based attacks. | HIDS |
| File system used by the Mac OS. | HFS (Hierarchical File System) |
| A network deployed as a trap to detect, deflect, or deter unauthorized use of an information system. | Honeynet |
| A host designed to collect data on suspicious activity. | Honeypot |
| A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster. | Hot Site |
| A firewall evasion technique where packets are wrapped in HTTP, as a covert channel to the target. | HTTP Tunneling |
| Using conversation or some other social interaction between people to gather useful information for future attacks. | Human-based Social Engineering |
| An attack that combines a brute-force attack with a dictionary attack. | Hybrid Attack |
| A communication protocol used for browsing the internet. | HTTP (Hypertext Transfer Protocol |
| A communication protocol that provides encrypted communication and and secure identification of a web server | HTTPS (hybrid of HTTP and SSL/TLS protocols) |
| A form of fraud where someone pretends to be someone else to access resources or obtain credit and other benefits in that person's name. | Identity Theft |
| A social engineering effort where the attacker pretends to be an employee, a valid user, or even an executive to elicit information or access. | Impersonation |
| A situation where an attacker can derive information from a ciphertext without actually cracking or decoding it. | Inference Attack |
| A structured set of criteria for evaluating computer security within products and systems produced by European countries, largely replaced by the Common Criteria. | ITSEC (Information Technology Security Evaluation Criteria) |
| A wireless networking mode where all clients connect to the wireless network through a central access point. | Infrastructure Mode |
| A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions. | ISN (Initial Sequence Number) |
| An organization that's composed of engineers, scientists, and students who issue standards related to electrical, electronic and computer engineering. | IEEE (Institute of Electrical and Electonics Engineers) |
| The security principle and objective that data is not modified in an unauthorized and undetected manner. This refers to both in its stored and transmitted state. | Integrity |
| An Internet routing protocol used to exchange routing information within an autonomous system. | IGP (Interior Gateway Protocol) |
| Developed the OSI reference model. International organization composed of national standards bodies from over 75 contries. | ISO (International Organization for Standardization) |
| The organization that governs the Internet's Top-Level Domains, IP address allocation, and port number assignments. | IANA (Internet Assigned Number Authority) |
| A protocol used to pass control and error messages between nodes on the Internet. | ICMP (Internet Control Message Protocol) |
| A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. | IPSec (Internet Protocol Security Architecture) |
| A business, government agency, or educational institution that provides access to the Internet. | ISP (Internet service provider) |
| A self-contained network with a limited number of participants. | Intranet |
| A security tool designed to protect a system against attacks by comparing traffic patterns against a list of known attack signatures. It also scans for patterns of how attacks may be carried out. Threats are rated and reported. | IDS (Intrusion Detection System) |
| A security tool designed to protect a system against attacks by comparing traffic patterns against a list of known attack signatures. It also scans for patterns of how attacks may be carried out. Proactive measures are taken to prevent threats. | IPS (Intrusion Protection System) |
| A standard that provides best-practices for initiating, implementing and maintaining Information Security Management Systems (ISMS). Security is defined within the CIA triangle. | ISO 17799 |
Created by:
infotech
Popular Computers sets