Ethical Hacking 1

Question 1

What term describes the hiding of information within other information, such as within a sound file or image?

Answer 1

Steganography

Question 2

An wonder’s confidence that a system will behave according to its specifications is referred to as:

Answer 2

Assurance

Question 3

What different attacks might be used by a hacker to gain access to a system?

Answer 3

• Denial-of-service
• Session Hijacking
• Stack-Based overflows

Question 4

What is one of the three questions that an ethical hacker’s evaluation of a client’s information system seek to answer?

Answer 4

What can an intruder do with information found on the target system?

Question 5

Which term refers to a breach in security?

Answer 5

Exposure

Question 6

When conducting an ethical hacking assignment, which step is very important to conduct as it protects the ethical hacker from prosecution?

Answer 6

Prepare NDA documents.

Question 7

What type of hacker attack is made possible by the fact that software developers will often use free libraries and code licensed from other sources in their programs?

Answer 7

Shrink-wrap code attacks

Question 8

What two vulnerability research resources are government run resources?

Answer 8

• US-CERT

- National Vulnerability Database

Question 9

Which phase of an attack is when the attacker begins to actively probe the target for vulnerabilities that can be exploited?

Answer 9

Scanning

Question 10

When an attacker relies on publicly available information, social engineering, and dumpster diving as a means of gathering information, what type of reconnaissance is being done?

Answer 10

Passive reconnaissance

Question 11

A hacker that believes in full disclosure of information is the best way to ensure that the average person will be able to make use of it is considered what class of hacker?

Answer 11

Grey Hat

Question 12

In the conclusion phase of an ethical hacking assignment, which of the following procedures should be followed?

Answer 12

Data that is kept for long term clients must be encrypted and stored offline.

Question 13

What is the usually the first phase of an attack?

Answer 13

Reconnaissance

Question 14

Which category of ethical hacker should inadvertently put their client at risk from future attacks?

Answer 14

Former Black hats

Question 15

What term is also used to describe an ethical hacker, which is a security professional who employs their hacking skills for defensive purposes?

Answer 15

White hat

Question 16

In ethical hacking testing, what approaches exist for the ethical hacker to choose from depending on how much information is known about the target system?

Answer 16

Black Box Testing,0, Grey Box testing, White box Testing

Question 17

Which attack approach to ethical hacking deals with the ethical hacker trying to extract the data from devices, such as laptop computers and PDAs?

Answer 17

Stolen equipment attack

Question 18

What type of attack is initiated on a network by an authorized user?

Answer 18

An inside attack

Question 19

Which three concepts can be arranged in a triangle to depict how products are often developed

Answer 19

Security, functionality, ease of use

Question 20

How does an attacker usually gain access to a system?

Answer 20

By exploiting on a vulnerability