CEHv8 BOOTCAMP: MODULE 01-INTRODUCTION TO ETHICAL HACKING_SET-2 Flashcards
What are Black Hats?
Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers.
What are White Hats?
Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts.
What are Gray Hats?
Individuals who work both offensively and defensively at various times.
What are Suicide Hackers?
Individuals who aim to bring down critical infrastructure for a “cause” and are not worried about facing jail terms, or any other form of punishment.
What are Script Kiddies?
An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.
What are Spy Hackers?
Individuals employed by the organization to penetrate and gain trade secrets of the competitor.
What are Cyber Terrorists?
Individuals with wide range of skills, motivated by religious or political beliefs to create fear by large scale disruption of computer networks.
What are State Sponsored Hackers?
Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments.
What is Passive Reconnaissance?
Acquiring information without directly interacting with the target.
What is Active Reconnaissance?
Acquiring information by directly interacting with the target, by any means.
What does Reconnaissance refer to in the phases of hacking?
The preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.
What are some types of tools used during the Scanning phase of hacking?
- Dialers
- Port scanners
- Network mappers
- Ping tools
- Vulnerability scanners
What does Scanning refer to in the phases of hacking?
The pre-attack phase when the attacker scans the network for specific information on the basis of information gathering during reconnaissance.
What does Gaining Access refer to in the phases of hacking?
The point where the attacker obtains access to the operating system or applications on the computer or network.
What does Maintaining Access refer to in the phases of hacking?
When the attacker tries to retain his or her ownership of the system.
What does Clearing Tracks refer to in the phases of hacking?
The activities taken by an attacker to hide malicious acts.
How can attackers Maintain Access?
By securing their exclusive access with Backdoors, RootKits, or Trojans.
How can an attacker clear their tracks?
Overwriting server, system and application logs to avoid suspicion.
What are some OS vulnerabilities?
- Buffer overflow vulnerabilities
- Bugs in the OS
- Unpatched OS
What are some OS attacks?
- Exploiting specific protocol implementations
- Attacking built-in authentication systems
- Breaking file-system security
- Cracking passwords and encryption mechanisms
What can poor or nonexistent error checking in applications lead to?
- Buffer overflow attacks
- Sensitive information disclosure
- Cross-site scripting
- Session hijacking and a man-in-the-middle attacks
- SQL injection attacks
- Denial-of-service attacks
What are types of application-level attacks?
- Phishing
- Session hijacking
- Man-in-the-middle attack
- Parameter/form tampering
- Directory traversal attacks
What are Shrink Wrap Code attacks?
Attacks that exploit default configuration and settings of the off-the-shelf libraries and code.
What are the 5 skills of an Ethical Hacker?
- Platform Knowledge
- Network Knowledge
- Computer Expert
- Security Knowledge
- Technical Knowledge
