IS4560 CH 1 "Evolution of Hacking" Flashcards
1
Q
1. Which of the following represents a valid ethical hacking test methodology? A. HIPAA B. RFC 1087 C. OSSTMM D. TCSEC
A
OSSTMM
2
Q
- It is most important to obtain ________ before beginning a penetration test.
A
Written authorization
3
Q
- A security exposure in an operating system or application software component is called a ________.
A
Vulnerability
4
Q
- The second step of the hacking process is ________.
A
Scanning
5
Q
5. When hackers talk about standards of behavior and moral issues of right and wrong, what are they referring to? A. Rules B. Standards C. Laws D. Ethics
A
Ethics
6
Q
- Hackers may justify their actions based on which of the following:
A. All information should be free
B. Access to computers and their data should be unlimited
C. Writing viruses, malware, or other code is not a crime
D. Any of the above
A
Any of the answers–
All information should be free
Access to computers and their data should be unlimited
Writing viruses, malware, or other code is not a crime
7
Q
7. This individual responsible for releasing what is considered to be the first Internet worm was: A. Kevin Mitnick B. Robert Morris, Jr. C. Adrian Lamo D. Kevin Poulsen
A
Robert Morris, Jr.
8
Q
8. A hacker with computing skills and expertise to launch harmful attacks on computer networks and uses those skills illegally is best described as a(n): A. Disgruntled employee B. Ethical hacker C. White hat hacker D. Black hat hacker
A
Black hat hacker
9
Q
9. If a penetration test team does not have anything more than a list of IP addresses of the organization’s network, what type of test are the penetration testers conducting? A. Blind assessment B. White box C. Gray box D. Black box
A
Black box
10
Q
10. How is the practice of tricking employees into revealing sensitive data about their computer system or infrastructure best described? A. Ethical hacking B. Dictionary attack C. Trojan horse D. Social engineering
A
Social engineering
