Introduction to Ethical Hacking (Glossary)

Question 1

occurs when a system is compromised based on a vulnerability by an unknown exploit

Answer 1

Attack

Question 2

authorized personnel accessing the data at appointed times. Involves a comprehensive planning of hardware, software, facility, people, and connectivity.

Answer 2

Availability

Question 3

malicious hackers that try to hack systems with malicious intent

Answer 3

Black hat

Question 4

a model promoted to define and practice policies related to information security; uses confidentiality, integrity, and availability

Answer 4

CIA Triad

Question 5

keeping access to the information only to the intended audience; does two things: ensures that the right people get the intended information and prevents sensitive information from reaching the wrong people

Answer 5

Confidentiality

Question 6

the use of layered security mechanisms; the layers could be data, applications, host levels, Internet networks, perimeter levels, physical securities, etc.

Answer 6

Defense-in-depth

Question 7

testing the resources for a good cause and for the betterment of technology; another term for “penetration testing.”

Answer 7

Ethical Hacking

Question 8

written to take advantage of a vulnerability; could be a piece of software; a technology; or data that can cause damage or change the behavior of a computer

Answer 8

Exploit

Question 9

focused on the server’s infrastructure and underlying software pertaining to the target; can be performed with no prior knowledge of the site or with full disclosure of the topology and environment

Answer 9

External Testing

Question 10

hackers that can aid companies in informing them about any vulnerabilities they have found, but are not hired by the companies to perform such tests

Answer 10

Gray hat

Question 11

the skill of exploring various security breaches and posting unwanted content on websites, stealing data, etc.; concentrates on exploits and vulnerabilities

Answer 11

Hacking

Question 12

insiders who have authorization to access systems, and hackers who use exploits to attack

Answer 12

Human threats

Question 13

maintaining the sanctity of information and keeping the data accurate throughout its life, whether it is on the same computer or shared over a network

Answer 13

Integrity

Question 14

any type of program that is created with the intent to cause damage, steal data, or abuse computer system resources; includes computer viruses, worms, and Trojan horses

Answer 14

Malware

Question 15

can be a flood causing areas to be waterlogged, or a hurricane or a tornado causing a lot of damage.; often impact the availability of systems

Answer 15

Natural threats

Question 16

a fix to a vulnerability

Answer 16

Patch

Question 17

uses the same methods a hacker uses to gain unauthorized access to a network or system with a view to compromise them, but uses the methods to help companies

Answer 17

Penetration Testing

Question 18

naïve hackers try hard to get their hands on such zero-day attacks, instead of writing their own

Answer 18

Script Kiddies

Question 19

caused by malware, zero-day attacks, exploits, or web attacks

Answer 19

Technology threats

Question 20

a weak link in the software, settings, etc., through which, if not fixed early, someone can get access to the computer, application, and/or network and can cause damage

Answer 20

Vulnerability

Question 21

gets permission from the data owner before any hacking and use their hacking skills for defensive purposes only. They use their knowledge and skills to locate weaknesses and implement countermeasures and for defense purposes and preventing losses.

Answer 21

White hat

Question 22

exploits that have not been published

Answer 22

Zero-day Attack