• Choose a category
• All
• Classic-Fiction

Exam Essentials

Understand the two types of encryption. Symmetric key and asymmetric key encryption are the two main types of encryption.

Understand the methods used to scramble data during encryption. Substitution and transposition methods are the basis of encryption and are used to scramble data during the encryption process.

Know the common encryption algorithms. MDS, SHA, RC4, RC5, and Blowfish are the most common encryption algorithms.

Know how public and private keys are created. A public key and a private key are created simultaneously as a key pair and are used to encrypt and decrypt data. Data encrypted with one member of the key pair can only be decrypted by the other.

Know the definition of cryptography. Cryptography is the process of encrypting data through a mathematical process of scrambling data known as an encryption algorithm.

Review Questions

1. How many keys exist is in a public/private key pair?

A. 1

B. 2

C. 3

D. 4

2. How many keys are needed for symmetric key encryption?

A. 1

B. 2

C. 3

D. 4

3. Which of the following key lengths would be considered uncrackable? (Choose all that apply.)

A. 512

B. 256

C. 128

D. 64

4. What algorithm outputs a 128-bit message digest regardless of the length of the input?

A. SHA

B. MD5

C. RC4

D. RC6

5. What algorithm outputs a 160-bit key with variable-length input?

A. SHA

B. MD5

C. RC4

D. RC6

6. Which algorithm is used in the digital signature process?

A. RC4

B. RC5

C. Blowfish

D. MD5

7. What is cryptography?

A. The study of computer science

B. The study of mathematics

C. The study of encryption

D. The creation of encryption algorithms

8. What is the process of replacing some characters with others in an encryption key?

A. Transposition

B. Subtraction

C. Substitution

D. Transrelation

9. Data encrypted with the server's public key can be decrypted with which key?

A. Server's public key

B. Server's private key

C. Client's public key

D. Client's private key

10. Which type of encryption is the fastest to use for large amounts of data?

A. Symmetric

B. Public

C. Private

D. Asymmetric

Answers to Review Questions

1. B. Two keys, a public key and a private key, exist in a key pair.

2. A. The same key is used to encrypt and decrypt the data with symmetric key encryption.

3. A, B. A key length of 256 bits or more is considered uncrackable.

4. B. MD5 outputs a 128-bit digest with variable-length input.

5. A. SHA outputs a 160-bit key with variable-length input.

6. D. MD5 is used in the digital signature process.

7. C. Cryptography is the study of encryption.

8. C. Substitution is the process of replacing some characters with others.

9. B. Data can be decrypted with the other key in the pair-in this case, the server's private key.

10. A. Symmetric key encryption is fast and best to use for large amounts of data.

Penetration Testing

Methodologies

CEH EXAM OBJECTIVES COVERED IN THIS CHAPTER:

✓ Defining Security Assessments

✓ Overview of Penetration Testing Methodologies

✓ List the Penetration Testing Steps

✓ Overview of the Pen-Test Legal Framework

✓ List the Automated Penetration Testing Tools

✓ Overview of the Pen-Test Deliverables

A penetration test simulates methods that intruders use to gain unauthorized access to an organization's network and systems and to compromise them. The purpose of a penetration test is to test the security implementations and security policy of an organization: basically to see if the organization has implemented security measures as specified in the security policy.

A hacker whose intent is to gain unauthorized access to an organization's network is very different from a professional penetration tester who lacks malice and intent and uses their skills to improve an organization's network security without causing a loss of service or a disruption to the business.

In this chapter, we'll look at the aspects of penetration testing (pen testing) that you must know as a CEH.

Defining Security Assessments