Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CEH - Terms F G H I

Certified Ethical Hacker Terms & Definitions - F, G, H & I - info tech

QuestionAnswer
The rate at which a biometric system will incorrectly identify an unauthorized individual and allow them access. FAR (False Acceptance Rate)
The instance when an IDS (intrusion detection system) does not trigger on an event that was an actual intrusion attempt. False Negative
The instance when an IDS or other sensor triggers on an event as an intrusion attempt, when it is really legitimate traffic. False Positive
The rate at which a biometric system will incorrectly reject access to an authorized user's request. FRR (False Rejection Rate)
An Ethernet system transmitting at 100 million bits per second (100 Mbps). This is 10 times the speed of the earlier standard. Fast Ethernet
A LAN standard defined by ANSI X3T9.5. It specifies a 100Mbps token-passing network using fiber-optic cable in a dual-ring architecture. FDDI (Fiber Distributed Data Interface)
The file system architecture used in Windows OS/2 and most memory cards. Replaced by NTFS. FAT (File Allocation Table)
An Application layer protocol, using TCP, for transporting files across an Internet connection. Transmits in clear text. FTP (File Transfer Protocol)
Sets of rules on routers and smart switches that screen network packets to determine whether the packet will be forwarded or discarded. Filter
The process of systematically testing each port on a firewall to map rules and determine accessible ports. Firewalking
A software or hardware component that restricts access between a protected network and the Internet, or between other sets of networks, to block unwanted traffic or attacks. Firewall
The traffic technique of broadcasting traffic to all nodes on a device accept on the interface it was received on. Flood
All measures and techniques taken to gather information about an intended target. Footprinting
The process of receiving and then sending a packet on its path toward a final destination. Forwarding
The process of breaking packets into smaller units for transmission over a network medium that cannot support the orignal packet size. Fragmentation
A free and popular version of the Unix operating system. FreeBSD
A name that consists of a root (www), a unique domain name (.example), and a TLD (top level domain) (.com .net .mil .edu etc.). FQDN (Fully Qualified Domain Name)
A tool that helps a company to compare its actual performance with its potential performance. Gap Analysis
A device that provides access between two or more networks. Usually used to connect dissimilar networks. Gateway
A command used in HTTP and FTP to retrieve a file from a server. GET
Manipulating a search string with additional specific operators to search for vulnerabilities or very specific information. Google Hacking
A penetration test in which the ethical hacker has some limited knowledge of the target(s). It is designed to simulate an internal (but non-system-administrator) level attack. Gray Box Testing
A skilled hacker that straddles the line between hacking only with permission and within guidelines, and malicious hacking for personal gain. Gray Hat
The act or actions of a hacker to forward a political agenda, to affect some societal change, or to shed light on perceived injustices. The actions are usually illegal in nature. Hacktivism
A well-known and studied phenomenon of human nature, where a single personal trait influences the perception of other traits (very frequently erroneously). Halo Effect (halo error)
A hardware device used to log keystrokes secretly. Very dangerous because they cannot be detected by regular software/ani-malware scanning. Hardware Keystroke Logger
Created by an algorithm on a given piece of data to verify/protect data integrity. Generally used to store password values and verify the integrity of files after download. Hash
MD5 and SHA-1 are examples. A one-way mathematical function that generates a fixed length numerical string(hash). Hashing Algorithm
The method used by antivirus software to detect new, unknown viruses. It's based on piece-by-piece examination of a program to differentiate the virus from a normal program. Heuristic Scanning
An IDS that resides on the host. It protects against file and folder manipulation and other host-based attacks. HIDS
File system used by the Mac OS. HFS (Hierarchical File System)
A network deployed as a trap to detect, deflect, or deter unauthorized use of an information system. Honeynet
A host designed to collect data on suspicious activity. Honeypot
A fully operational off-site data-processing facility equipped with hardware and system software to be used in the event of a disaster. Hot Site
A firewall evasion technique where packets are wrapped in HTTP, as a covert channel to the target. HTTP Tunneling
Using conversation or some other social interaction between people to gather useful information for future attacks. Human-based Social Engineering
An attack that combines a brute-force attack with a dictionary attack. Hybrid Attack
A communication protocol used for browsing the internet. HTTP (Hypertext Transfer Protocol
A communication protocol that provides encrypted communication and and secure identification of a web server HTTPS (hybrid of HTTP and SSL/TLS protocols)
A form of fraud where someone pretends to be someone else to access resources or obtain credit and other benefits in that person's name. Identity Theft
A social engineering effort where the attacker pretends to be an employee, a valid user, or even an executive to elicit information or access. Impersonation
A situation where an attacker can derive information from a ciphertext without actually cracking or decoding it. Inference Attack
A structured set of criteria for evaluating computer security within products and systems produced by European countries, largely replaced by the Common Criteria. ITSEC (Information Technology Security Evaluation Criteria)
A wireless networking mode where all clients connect to the wireless network through a central access point. Infrastructure Mode
A number assigned during TCP startup sessions that tracks how much information has been moved. This number is used by hackers when hijacking sessions. ISN (Initial Sequence Number)
An organization that's composed of engineers, scientists, and students who issue standards related to electrical, electronic and computer engineering. IEEE (Institute of Electrical and Electonics Engineers)
The security principle and objective that data is not modified in an unauthorized and undetected manner. This refers to both in its stored and transmitted state. Integrity
An Internet routing protocol used to exchange routing information within an autonomous system. IGP (Interior Gateway Protocol)
Developed the OSI reference model. International organization composed of national standards bodies from over 75 contries. ISO (International Organization for Standardization)
The organization that governs the Internet's Top-Level Domains, IP address allocation, and port number assignments. IANA (Internet Assigned Number Authority)
A protocol used to pass control and error messages between nodes on the Internet. ICMP (Internet Control Message Protocol)
A suite of protocols used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPSec (Internet Protocol Security Architecture)
A business, government agency, or educational institution that provides access to the Internet. ISP (Internet service provider)
A self-contained network with a limited number of participants. Intranet
A security tool designed to protect a system against attacks by comparing traffic patterns against a list of known attack signatures. It also scans for patterns of how attacks may be carried out. Threats are rated and reported. IDS (Intrusion Detection System)
A security tool designed to protect a system against attacks by comparing traffic patterns against a list of known attack signatures. It also scans for patterns of how attacks may be carried out. Proactive measures are taken to prevent threats. IPS (Intrusion Protection System)
A standard that provides best-practices for initiating, implementing and maintaining Information Security Management Systems (ISMS). Security is defined within the CIA triangle. ISO 17799
Created by: infotech