Aula 1

Question 1

Attacks =

Answer 1

MOTIVE (GOAL) + METHOD + VULNERABILITY

Question 2

ATTACKS

Answer 2

Active (target interaction)

Passive ( NO interaction - sniffing)

Question 3

Worst attack type that exists (According to CEH)

Answer 3

Insider Attacks

Question 4

Cyber Kill Chain

Answer 4

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Action on Objectives

Question 5

IoC - Indicators of Compromise

Answer 5

E-MAIL
NETWORK
COMPUTER-BASED
BEHAVIORAL

Question 6

Hacking

Answer 6

Explore vulnerabilities and compromising security controls, modify systems, leak data, business loss

Question 7

Pre-attack hacking phase

Answer 7

Scanning

Question 8

Clearing tracks hacking phase (after pentest)

Answer 8

Para não deixar a brechar aberta (bunda na janela)

Para não confundir forense futura pensando que houve uma “invasão anterior”

Question 9

An ethical hacker can use same tools and methods a malicious atacker? Yes or No?

Answer 9

Yes

Question 10

What´s the difference between Ethical Hacker and Malicious Hacker?

Answer 10

Ethical hacker= (Permission +) Scope & Limitation,

Malicious Hacker= Limitless

Question 11

PCI-DSS

Answer 11

Transações cartões de crédito

Question 12

ISO 27001

Answer 12

Segurança da Informação

Question 13

HIPAA

Answer 13

Prontuário Médico

Question 14

HIPAA scope

Standard National Number?

Answer 14

CPF

Quem esta acessando?
Que horas?
Por qual motivo?

Question 15

SOX

Answer 15

Relatório financeiro

Question 16

DMCA

Answer 16

Propriedade Intelectual

Question 17

FISMA

Answer 17

Efetividade dos Controles de Segurança

Question 18

netcraft

Answer 18

descobrir SO de forma passiva