Intro to Ethical Hacking

Question 1

What are the 16 different hacker classes?

Answer 1

Script Kiddies
White hat hackers
Black hat hackers
Gray hat hackers
Hacktivists
Stat-sponsored hackers
Cyber terrorists
Corporate spies (industrial spies)
Blue hat hackers
Red hat hackers
Green hat hackers
Suicide hackers
Hacker teams
Insiders
Criminal syndicates
Organized hackers

Question 2

What is Script Kiddies background?

Answer 2

Inexperienced, often young individuals using pre-made scripts or tools without understanding them.

Question 3

What is White Hat Hackers background?

Answer 3

Professinoals in Cyber security.

Question 4

What is Black Hat Hackers background?

Answer 4

Individuals with extraordinary computing skills.

Question 5

What is Grey Hat Hackers background?

Answer 5

SKilled hackers operating between ethical and unethical lines.

Question 6

What is Hacktivists background?

Answer 6

Politically or socially motivated indiviuals or groups.

Question 7

What is State-Sponsored Hackers background?

Answer 7

Highly trained professionals working for government agencies.

Question 8

What is Cyber Terrorists background?

Answer 8

Extremists using cyber attacks to promote political or religious beliefs.

Question 9

What is Corporate Spies (Industrial Spies) background?

Answer 9

Individuals hired by companies to gather intelligence on competitors.

Question 10

What is Blue Hat Hackers background?

Answer 10

Security professionals hired temporarily to test systems before product release.

Question 11

What is Red Hat Hackers background?

Answer 11

Vigilantes targeting black hat hackers using aggressive methods.

Question 12

What is Green Hat Hackers background?

Answer 12

Newcomers eager to learn hacking skills, often participating in online forums and communities.

Question 13

What is Script Kiddies motivations?

Answer 13

Thrill, recognition, fun.

Question 14

What is White Hat Hackers motivations?

Answer 14

Improving security, salary, reputation.

Question 15

What is Black Hat Hackers motivations?

Answer 15

Financial gain, data theft, causing harm.

Question 16

What is Gray Hat Hackers motivations?

Answer 16

Recognition, curisoity, financial gain.

Question 17

What is Hacktivists motivations?

Answer 17

Promoting a cause, social justics.

Question 18

What is State-Sponsored Hackers motivations?

Answer 18

National security, espionage, political objectives.

Question 19

What is Cyber Terrorists motivations?

Answer 19

Spreading fear, political or ideological goals.

Question 20

What is Corporate Spies (Industrial Spies) motivations?

Answer 20

Financial gain, competitive advantage.

Question 21

What is Blue Hat Hackers motivations?

Answer 21

Improving product security, reputation.

Question 22

What is Red Hat Hackers motivations?

Answer 22

Cyber justice, disrupting malicious activities.

Question 23

What is Green Hat Hackers motivations?

Answer 23

Learning, curiosity, recognition.

Question 24

What is Script Kiddies cyber activity?

Answer 24

Running simple attacks like DDoS defacing websites.

Question 25

What is White Hat Hackers cyber activity?

Answer 25

Conducting penetration tests, vulnerability assessments.

Question 26

What is Black Hat Hackers cyber activity?

Answer 26

Malware creation, phishing, ransomware, data breaches.

Question 27

What is Grey Hat Hackers cyber activity?

Answer 27

Vulnerability discovery without permission, sometimes reported.

Question 28

What is Hacktivists cyber activity?

Answer 28

DDoS attacks, defacing websites, data leaks.

Question 29

What is State-Sponsored Hackers cyber activity?

Answer 29

Cyber espionage, infrastructure sabotage, data theft.

Question 30

What is Cyber Terrorists cyber activity?

Answer 30

Cyber attacks on critical infrastructure, spreading propaganda.

Question 31

What is Corporate Spies (Industrial Spies) cyber activity?

Answer 31

Industrial espionage, data theft, spying.

Question 32

What is Blue Hat Hackers cyber activity?

Answer 32

Conducting security audits, penetration testing.

Question 33

What is Red Hat Hackers cyber activity?

Answer 33

Hacking black hat infrastructure, disabling malicious networks.

Question 34

What is Green Hat Hackers cyber activity?

Answer 34

Learning hacking techniques, experimenting with simple attacks.

Question 35

What is Script Kiddies potential targets?

Answer 35

Small websites, online games forums.

Question 36

What is White Hat Hackers potential targets?

Answer 36

Corporations, government agencies.

Question 37

What is Black Hat Hackers potential targets?

Answer 37

Financial institutions, individuals, enterprises.

Question 38

What is Gray Hat Hackers potential targets?

Answer 38

Various, including high-profile organisations.

Question 39

What is Hacktivists potential targets?

Answer 39

Government sites, corporations, political groups.

Question 40

What is State-Sponsored Hackers potential targets?

Answer 40

Other nations' government agencies, corporations.

Question 41

What is Cyber Terrorists potential targets?

Answer 41

Critical infrastructure, public services.

Question 42

What is Corporate Spies (Industrial Spies) potential targets?

Answer 42

Competitor companies.

Question 43

What is Blue Hat Hackers potential targets?

Answer 43

Security profesionals hired temporarily to test system before product release.

Question 44

What is Red Hat Hackers potential targets?

Answer 44

Various, typically low-risk targets.

Question 45

What is Green Hat Hackers potential targets?

Answer 45

Various, typically low-risk targets.

Question 46

Give a definition for Suicide Hackers.

Answer 46

Suicide hackers are individuals who aim to bring down critical infrastruture for a cause and who dont care about facing jail or any other punishment.

Question 47

Give a definition for Hacker Teams.

Answer 47

A hacker team is a consortium of skilled hackers having their own resources and funding. They do attacks and develop tools with proper planning.

Question 48

Give a definition for Insiders.

Answer 48

An insider is any employee or trusted person who has access to critical assets of an organisation.

Question 49

Give a definition for Criminal Syndicates.

Answer 49

Criminal Syndicates are groups of individuals or communities that are involved in organised, planned and prolonged criminal activities.

Question 50

Give a definition for Organised Hackers.

Answer 50

Organised Hackers are a group of hackers working together in criminal activities. Such groups are well organised in a hierarchical structure consisting of leaders and workers.

Question 51

What does AI stand for?

Answer 51

Artificial Intelligence

Question 52

What does ML stand for?

Answer 52

Machine Learning

Question 53

How do AI and ML contribute to cyber security?

Answer 53

Using AI and ML in cyber security helps to identify new exploits and weaknesses which can be easily analyzed to mitigate further attacks.

Question 54

How does AI improve accuracy in cybersecurity?

Answer 54

AI reduces human erros and increases the accuracy of vulnerability assessments.

Question 54

How does Ai enhance cybersecurity efficency?

Answer 54

AI automates repetitive tasks like vulnerabliity scanning, monitoring network traffic and analyzing security threats.

Question 55

Why is AI-driven cybersecurity scalable?

Answer 55

AI tools can handle large-scale environments and complex systems more efficiently than manual methods.

Question 56

How does AI contribute to cost effectiveness in cybersecurity?

Answer 56

AI reduces operational costs by automating tasks and minimizing human intervention.

Question 57

What is predictive analysis in AI driven cybersecurity?

Answer 57

AI detects potential security breaches by analyzing patterns and anomalies allwoing for proactive mitigation.

Question 58

Why is ethical hacking necessary?

Answer 58

It is necessary as it allows counter attacks from malicious hackers by anticipating methods used by them to break into a system.

Question 59

What does ethical hacking help predict?

Answer 59

It helps to predict various possible vulnerablities well in advance.

Question 60

What can you do with the vulnerabilities ethical hacking helped predict?

Answer 60

Rectify them without incurring any kind of outside attack.

Question 61

What are the 9 major uk laws about ethical hacking?

Answer 61

The copyright, ETC. and trademarks (offenses and enforcement) act 2002 Trademakrs act 1994 Computer misuse Act 1990 The network and information systems regulations 2018 Communications act 2003 the privacy and electronic communications Regulations 2003 Investigatory powers Act 2016 Regulation of investigatory powers act 2000 Data protection act 2018

Question 62

What is ISO 27701:2022?

Answer 62

IT specifies the requirements and framework for establishing, implementing, maintianing and continually improving an ISMS to ensure cofidentiality, itegrity and availability of information.

Question 63

What is ISO 27701:2019?

Answer 63

It provides guidelines for implementing a private information management system to help oragizations effectively manage privacy risks.

Question 64

What is ISO 27002:2022?

Answer 64

THis paper offers a comprehensive framework fro implementing effective security controls to protect sensitive information and ensure regulatory compliance.

Question 65

What is ISO 27005:2022?

Answer 65

It aids organizations in developing a structured framework for conducting throrough and effective information security risk assessments.

Question 66

What is ISO 27018:2019?

Answer 66

This paper provides guidelines for implementing cloud specific controls designed to safeguard personal data.

Question 67

What is ISO 27032:2023?

Answer 67

This standard assists organizations in enhancing their cybersecurity posture by addressing common internet security issues and fostering coordinated security efforts among stakeholders.

Question 68

What is ISO 27033-7:2023?

Answer 68

It helps organizations secure and manage virtualization environments and mitigates the associated security risks.

Question 69

What is ISO 27035-3:2023?

Answer 69

This standard helps organizations mitigate supply chain security risks by ensuring the secure acquisition and integration of products and services.

Question 70

What is ISO 27040:2024?

Answer 70

It helps organizations mitigate the risks associated with data storage by applying data storage security measures across various storage devices, media and networks.

Question 71

What is iso 27001:2013?

Answer 71

It provides a framework for arganizations to establish, implement, maintain and continuously improve an ISMS to protect sensitive information and manage security risks effectively.

Question 72

Define passive attacks.

Answer 72

Passive attacks involve intercepting and monitoring network traffic and data flow on the target network and do not tamper with the data.

Question 73

Give examples of passive attacks?

Answer 73

Footprinting Sniffing and eavesdropping Network traffic analysis Decryption of weakly encrypted traffic

Question 74

Define active attacks.

Answer 74

Attive attacks tamper with the data in transit or disrupt communication or services between the systems to bypass or break into secured systems.

Question 75

Give examples of active attacks?

Answer 75

Denial-of-service attack Firewall and IDS attack Malware attacks SQL injection

Question 76

Define Close-in Attacks.

Answer 76

Close-in attacks are performed when the attacker is in close physical proximity with the target system or network.

Question 77

What is the main goal of Close-in Attacks?

Answer 77

It is to gather or modify information or disrupt its access.

Question 78

Give examples of Close-in attacks.

Answer 78

Social engineering.

Question 79

Define Insider Attacks.

Answer 79

Insider attacks are performed by trusted persons who have physical access to the critical assets of the target.

Question 80

Give examples of Insider Attacks.

Answer 80

Eavesdropping and wiretapping Theft of physical devices Social engineering Data theft and spoliation

Question 81

Degine Distribution Attacks.

Answer 81

Distribution attacks occur when attackers tamper with hardware or software prior to installation.

Question 82

Give examples of Distribution attacks.

Answer 82

Modification of software or hardware during production.

Question 83

What are the 5 phases of CEH Hacking Methodology?

Answer 83

Reconnaissance Vulnerability Scanning Gaining Access Maintaining Access Clearing Tracks

Question 83

What are the non-technical skills of an ehtical hacker?

Answer 83

The ability to quickly learn and adapt new technologies A strong work ethic and good problem solving and communication skills Commitment to an organization's security policies An awareness of local standards and laws

Question 84

What is PCIDSS?

Answer 84

Payment Card Indusrty Data Security Standard is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM and POS cards.

Question 85

What are the stages of Cyber kill chain methodology?

Answer 85

Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Action on Objectives

Question 86

What is the Cyber kill chain methodology?

Answer 86

THe cyber kill chain methodology is a component of intelligence-driven defense for the identification and prevention of malicious intrusion activities. This methodology helps security professionals in identifying the steps that adversaries follow in order to accomplish their goals.