312-50v13 Exam Results

Windows TTL 128, Linux TTL 64, OpenBSD 255 ...

Time to Live (TTL) represents to number of 'hops' a packet can take before it is considered invalid. For Windows/Windows Phone, this value is 128. This value is 64 for Linux/Android.

Types of Vulnerability Assessment - External Assessment External assessment examines the network from a hacker’s point of view to identify exploits and vulnerabilities accessible to the outside world. These types of assessments use external devices such as firewalls, routers, and servers. An external assessment estimates the threat of network security attacks from outside the organization. It determines the level of security of the external network and firewall. (P.527/511)

External assessment examines the network from a hacker’s point of view to identify exploits and vulnerabilities accessible to the outside world. These types of assessments use external devices such as firewalls, routers, and servers. An external assessment estimates the threat of network security attacks from outside the organization. It determines the level of security of the external network and firewall.

The following are some of the possible steps in performing an external assessment:

o Determine a set of rules for firewall and router configurations for the external network

o Check whether the external server devices and network devices are mapped o Identify open ports and related services on the external network o Examine the patch levels on the server and external network devices o Review detection systems such as IDS, firewalls, and application-layer protection systems

o Get information on DNS zones

o Scan the external network through a variety of proprietary tools available on the Internet

o Examine Web applications such as e-commerce and shopping cart software for vulnerabilities

Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their services, get GPS information and present everything in a nice web page. It can search for and show a lot of information about the device, the GPS address and the historic location of devices on a map. The main motivation of this tool is to research about the targeted surveillance of people by means of its cellular phone or car. With this tool you can capture information about bluetooth devices and show, on a map, the points where you have seen the same device in the past.

In CEH v13 Module 06: Malware Threats, code emulation is defined as a technique used by modern antivirus software where a virtual CPU and memory are created to safely execute and analyze malware in a sandboxed environment.

This allows the detection engine to observe runtime behavior of suspicious code without risking the actual system.

It’s more effective than signature-based detection for catching polymorphic and obfuscated malware.