Ethical Hacking 6 Flashcards
Which penetration testing tool can discover and fix security holes and enables you to compress settings to manipulate a network or conduct a full-hammer assault?
FoundScan
What compiler can be used in conjunction with GCC to protect programs against stack smashing attacks?
StackGuard
What type of penetration testing is considered to be a more versatile view of the security where testing is performed from several network access points, including both logical and physical segments?
Internal Testing
A client has asked you to install a keylogger on several target systems in order to see if their anti-malware software can detect the software used. You have decided to deploy a keylogger that can be set via e-mail and utilizes executable and registry entries that can be renamed to provide some level of stealth. What keylogger should you use?
Spector Professional
Recent vulnerability scans show that several web servers on your client’s network are susceptible to session hijacking. What software can be deployed to monitor sessions and act as a intrusion detection system?
SecureNet Pro
Which type of security assessment is designed to evaluate an organization’s security policies and procedures?
Security audits
What type of testing involves the simulation of real-world attacks and minimizes false positives?
Black Box testing
As part of an audit of a web server utilizing Perl CGI scripts, you wish to run tests and debug running scripts locally on your computer that have been pulled from the target web server. What utility should you use?
OptiPerl
Your ethical hacking consulting company is auditing a web server and part of the audit specifies a deliverable report on what files are present in the web serving directory that have no links leading to them in the web application’s code. What utility can you use to generate this report?
Link Utility
What is the purpose of a gap analysis?
A gap analysis evaluates the differences between an organizations vision and its current position.
What type of black box testing involves exploring around a targeted area in a car to discover wireless networks?
War Driving
With what type of reconnaissance does a hacker attempt to scout for or survey potential targets then investigate the target using publicly available information?
Passive
Which vulnerability assessment utility performs remote self-scans, supports API facilities, and combines with popular NMAP packages for advanced operating system fingerprinting?
SARA
Which penetration-testing tool enables the user to identify vulnerabilities and creates 3-D maps by examining systems for responsive devices without scanning them?
CyberCop Scanner
Which type of analysis illustrates who, when, why how, and with what probability an attacker might strike a system?
Attack trees
