Module 1 - Intro to Ethical Hacking Flashcards

1
Q

Existence of a weakness, design, or implementation error that can lead to an unexpected event compromising the security of the system.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

a. Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A breach of IT system security through vulnerabilities.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

b. Exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The part of an exploit code that performs the intended malicious action, such as destroying, creating backdoors, and hijacking computer.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

c. Payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An attack that exploits computer application vulnerabilities before the software developer releases a patch for the vulnerability.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

d. Zero-Day Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

It involves gaining access to one network and/or computer and then using the same information to gain access to multiple networks and computers that contain desirable information.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

e. Daisy Chaining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Publishing personally identifiable information about an individual collected from publicly available databases and social media.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

f. Doxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A software application that can be controlled remotely to execute or automate predefined tasks.

a. Vulnerability
b. Exploit
c. Payload
d. Zero-Day Attack
e. Daisy Chaining
f. Doxing
g. Bot

A

g. Bot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Assurance that the information is accessible only to those authorized to have access.

a. Confidentiality
b. Integrity
c. Availability
d. Authenticity
e. Non-Repudiation

A

a. Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Gaurantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.

a. Confidentiality
b. Integrity
c. Availability
d. Authenticity
e. Non-Repudiation

A

e. Non-Repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users.

a. Confidentiality
b. Integrity
c. Availability
d. Authenticity
e. Non-Repudiation

A

c. Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The trustworthiness of data or resources in terms of preventing improper and unauthorized changes.

a. Confidentiality
b. Integrity
c. Availability
d. Authenticity
e. Non-Repudiation

A

b. Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Refers to the characteristic of a communication, document or any data that ensures the quality of being genuine.

a. Confidentiality
b. Integrity
c. Availability
d. Authenticity
e. Non-Repudiation

A

d. Authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Is an on-demand delivery of IT capabilities where sensitive data of organizations and their clients is stored.

a. Cloud Computer Threats
b. Advanced Persistent Threats (APT)
c. Viruses and Worms
d. Ransomware

A

a. Cloud Computing Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Restricts access to the computer system’s files and folders and demands an online ransom payment to the malware creator(s) in order to remove the restrictions.

a. Cloud Computer Threats
b. Advanced Persistent Threats (APT)
c. Viruses and Worms
d. Ransomware

A

d. Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Are the most prevalent networking threat that are capable of infecting a network within seconds.

a. Cloud Computer Threats
b. Advanced Persistent Threats (APT)
c. Viruses and Worms
d. Ransomware

A

c. Viruses and Worms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Is an attack that is focused on stealing information from the victim machine without thy user being aware of it.

a. Cloud Computer Threats
b. Advanced Persistent Threats (APT)
c. Viruses and Worms
d. Ransomware

A

b. Advanced Persistent Threats (APT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Include many software applications that are used to access the device remotely.

a. Botnet
b. Insider Attack
c. Phishing
d. Web Application Threats
e. IoT Threats

A

e. IoT Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Is a huge network of the compromised systems used by an intruder to perform various network attacks.

a. Botnet
b. Insider Attack
c. Phishing
d. Web Application Threats
e. IoT Threats

A

a. Botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Is the practice of sending an illegitimate email falsely claiming to be from a legitimate site in an attempts to acquire a user’s personal or account information.

a. Botnet
b. Insider Attack
c. Phishing
d. Web Application Threats
e. IoT Threats

A

c. Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

It is an attack performed on a corporate network or on a single computer by an entrusted person who has authorized access to the network.

a. Botnet
b. Insider Attack
c. Phishing
d. Web Application Threats
e. IoT Threats

A

b. Insider Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Attackers target web applications to steal credentials, set up phishing site, or acquire private information to threaten the performance of the website and hamper its security.

a. Botnet
b. Insider Attack
c. Phishing
d. Web Application Threats
e. IoT Threats

A

d. Web Application Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Individuals who promote a political agenda by hacking, or especially by defacing or disabling websites.

a. Black Hats
b. White Hats
c. Gray Hats
d. Suicide Hackers
e. Script Kiddies
f. State Sponsored Hackers
g. Hactivists

A

g. Hacktivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.

a. Black Hats
b. White Hats
c. Gray Hats
d. Suicide Hackers
e. Script Kiddies
f. State Sponsored Hackers
g. Hactivists

A

e. Script Kiddies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Individuals who work both offensively and defensively at various times.

a. Black Hats
b. White Hats
c. Gray Hats
d. Suicide Hackers
e. Script Kiddies
f. State Sponsored Hackers
g. Hactivists

A

c. Gray Hats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also know as crackers. a. Black Hats b. White Hats c. Gray Hats d. Suicide Hackers e. Script Kiddies f. State Sponsored Hackers g. Hactivists
a. Black Hat
26
Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments. a. Black Hats b. White Hats c. Gray Hats d. Suicide Hackers e. Script Kiddies f. State Sponsored Hackers g. Hactivists
f. State Sponsored Hackers
27
Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment. a. Black Hats b. White Hats c. Gray Hats d. Suicide Hackers e. Script Kiddies f. State Sponsored Hackers g. Hactivists
d. Suicide Hackers
28
Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts. They have permission from the system owner. a. Black Hats b. White Hats c. Gray Hats d. Suicide Hackers e. Script Kiddies f. State Sponsored Hackers g. Hactivists
b. White Hat
29
What are the 5 hacking phases? a. Spoofing b. Gaining Access c. Documenting d. Scanning/Enumeration e. Reconnaissance/Footprinting f. Tracking g. Maintaining Access h. Phishing i. Clearing Tracks
e. Reconnaissance/Footprinting d. Scanning/Enumeration b. Gaining Access g. Maintianing Access i. Clearing Tracks
30
What are the 2 types of Reconnaissance?
Passive & Active
31
Involves acquiring information **without directly interacting with the target.** a. Active b. Passive
b. Passive
32
Involves interacting with the target directly by any means. a. Active b. Passive
a. Active
33
Refers to the pre-attack phase when the attacker **scans the network** for specific information on the basis of information gathered during reconnaissance. a. Extract Information b. Pre-Attack Phase c. Port Scanner
b. Pre-Attack Phase
34
Attackers extract information such as **live machines**, port, port status, OS details, device type, **system uptime**, etc. to lauch attack. a. Extract Information b. Pre-Attack Phase c. Port Scanner
a. Extract Information
35
Can include use of dialers, **port scanners**, network mappers, ping tools, vulnerability scanners, etc. a. Extract Information b. Pre-Attack Phase c. Port Scanner
c. Port Scanner
36
Involves the use of hacking tools, tricks, and techniques to **identify vulnerabilities** so as to ensure system security. a. Black Hat b. Gray Hat c. Ethical Hacking d. White Hat
c. Ethical Hacking
37
Controlled zone, as it **provides a barrier** between internal networks and Internet. a. Internet Zone b. DMZ c. Intranet Zone d. Management Network Zone
b. DMZ
38
Secured zone with **strict policies.** a. Internet Zone b. DMZ c. Intranet Zone d. Management Network Zone
d. Management Network Zone
39
Uncontrolled zone, as it is **outside the boundaries** of an organization. a. Internet Zone b. DMZ c. Intranet Zone d. Management Network Zone
a. Internet Zone
40
Controlled zone with **no heavy restrictions.** a. Internet Zone b. DMZ c. Intranet Zone d. Management Network Zone
c. Intranet Zone
41
Types of Security Policies: **No restrictions** on usage of system resources. a. Promiscuous Policy b. Permissive Policy c. Prudent Policy d. Paranoid Policy
a. Promiscuous Policy
42
Types of Security Policies: Policy begins wide open and only known **dangerous services/attacks or behaviors** are blocked. It should be updated regularly to be effective. a. Promiscuous Policy b. Permissive Policy c. Prudent Policy d. Paranoid Policy
b. Permissive Policy
43
Types of Security Policies: It provides **maximum security** while allowing known but necessary dangers. It **blocks all services** and only save/necessary services are enabled individually; everything logged. a. Promiscuous Policy b. Permissive Policy c. Prudent Policy d. Paranoid Policy
c. Prudent Policy
44
Types of Physical Security Control: Prevent **security violations** and enforce various access control mechanisms. Examples include door lock, security guard, etc. a. Preventive Controls b. Detective Controls c. Deterrent Controls d. Recovery Controls e. Compensating Controls
a. Preventive Controls
45
Types of Physical Security Control: Detect Security violations and **record any intrusion attempts**. Examples include motion detector, alarm systems and sensors, video surveillance, etc. a. Preventive Controls b. Detective Controls c. Deterrent Controls d. Recovery Controls e. Compensating Controls
b. Detective Controls
46
Types of Physical Security Control: Used to discourage attackers and **send warning messages** to the attackers to discourage an intrusion attempt. Examples include various types of warning signs. a. Preventive Controls b. Detective Controls c. Deterrent Controls d. Recovery Controls e. Compensating Controls
b. Deterrent Controls
47
Types of Physical Security Control: Used to recover from security violation and **restore information and systems** to a persistent state. Examples include disaster recovery, business continuity plans, backup systems, etc. a. Preventive Controls b. Detective Controls c. Deterrent Controls d. Recovery Controls e. Compensating Controls
d. Recovery Controls
48
Types of Physical Security Control: Used as an alternative control when the **intended controls failed** or cannot be used. Examples include hot site, backup power system, etc. Work Arounds a. Preventive Controls b. Detective Controls c. Deterrent Controls d. Recovery Controls e. Compensating Controls
e. Compensating Controls
49
Risk Management: **Identifies the sources**, causes, consequences, etc. of the internal and external risks affecting the security of the organization. a. Risk Identification b. Risk Assessment c. Risk Treatment d. Risk Tracking e. Risk Review
a. Risk Identification
50
Risk Management: Assesses the organization's risk and provides an estimate on the likelihood and impact of the risk. a. Risk Identification b. Risk Assessment c. Risk Treatment d. Risk Tracking e. Risk Review
b. Risk Assessment
51
Risk Management: **Selects and implements appropriate controls** on the identified risks. a. Risk Identification b. Risk Assessment c. Risk Treatment d. Risk Tracking e. Risk Review
c. Risk Treatment
52
Risk Management: **Ensures appropriate controls are implemented** to handle risks and identifies the chance of a new risk occurring. a. Risk Identification b. Risk Assessment c. Risk Treatment d. Risk Tracking e. Risk Review
d. Risk Tracking
53
Risk Management: **Evaluates the performance** of the implemented risk management strategies. a. Risk Identification b. Risk Assessment c. Risk Treatment d. Risk Tracking e. Risk Review
e. Risk Review
54
Performs real-time SOC (Security Operations Center) functions like identifying, monitoring, recording, auditing, and analyzing security incidents.
SIEM (Security Incident and Event Management)
55
Used to **ensure the confidentiality, integrity,** and **availability** of the network services.
Network Security Controls
56
Network Security Controls: - The **selective restriction** of access to a place or other system/network resource. - It **protects information assets** by determining who can and cannot access them. - It **involves user identification**, authentication, authorization, and accountablility. a. Access Control b. Identification c. Authentication d. Authorization e. Cryptography f. Accounting g. Security Policy
a. Access Control
57
Types of Access Control: Owner grants permission a. Discretionary Access Control (DAC) b. Mandatory Access Control (MAC) c. Role-Based Access
a. Discretionary Access Control (DAC)
58
Types of Access Control: - It does not permit the end user **to decide who can access the information.** - It does not permit the user to **pass privileges** to other users, as the access could then be circumvented. a. Discretionary Access Control (DAC) b. Mandatory Access Control (MAC) c. Role-Based Access
b. Mandatory Access Control (MAC)
59
Types of Access Control: - Users can be assigned **access to systems, files**, and **fields on a one-by-one basis** whereby access is granted to the user for a particular file or system. - It can simplify the **assignment of privileges** and ensure that individuals have all the privileges necessary to perform their duties. a. Discretionary Access Control (DAC) b. Mandatory Access Control (MAC) c. Role-Based Access
c. Role-Based Access
60
Information Security Controls: Describes a method to ensure that an **individual holds a valid identify**. Examples: username, account no, username, CAC, etc. a. Identification b. Authentication c. Authorization d. Accounting
a. Identification
61
Information Security Controls: It involves validating the **identity of an individual**. Examples: password, PIN, etc. a. Identification b. Authentication c. Authorization d. Accounting
b. Authentication
62
Information Security Controls: It involves **controlling the access** of information for an individual. Emamples: A user can only read the file but not write to or delete it. (Access to) a. Identification b. Authentication c. Authorization d. Accounting
c. Authorization
63
Information Security Controls: It is a method of keeping **track** of **user actions** on the network. It keeps track of who, when, how the users access the network. It helps in identifying authorized and unauthorized actions. a. Identification b. Authentication c. Authorization d. Accounting
d. Accounting
64
Information Security Controls: Refers to unauthorized access or disclosure of **sensitive or confidential data.**
Data Leakage (Spillage)
65
Information Security Controls: The process of making a **duplicate copy** of critical data that can be used to restore and recover purposes when a primary copy is lost or corrupted either accidentally or on purpose.
Backup
66
Penetration Testing Concepts: A method of evaluating the security of an information system or network by **simulating an attack to find out vulnerabilities** that an attacker can exploit.
Penetration Testing
67
Penetration Testing Concepts: Focuses on **discovering the vulnerabilities in the information system** but provides no indication if the vulnerabilities can be exploited or the amount of damage that may result from the successful exploitation of the vulnerability. **Inside Passive** a. Penetration Testing b. Vulnerability Assessment c. Scanning/Enumeration d. Gaining Access
b. Vulnerability Assessment
68
Penetration Testing Concepts: A methodological approach to security assessment that **encompasses the security audit** and vulnerability assessment and demonstrates if the vulnerabilities in system can be successfully exploited by attackers. **Outside Active** a. Penetration Testing b. Vulnerability Assessment c. Scanning/Enumeration d. Gaining Access
a. Penetration Testing
69
Penetration Testing Concepts: - An approach where a set of **security responders** performs analysis of an information system to assess the adequacy and efficiency of its security controls. - Has **access** to all the organizational resources and information. - Primary role is to detect and mitigate attackers activities, and to anticipate how **surprise attacks** might occur. a. Red Teaming b. Gray Teaming c. White Teaming d. Blue Teaming
d. Blue Teaming
70
Penetration Testing Concepts: - An approach where a team of ethical hackers perform penetration test on an information system with **no or very limited access** to the organization's internal resources. - It may be conducted **with** or **without** warning. - It is proposed to **detect network** and **system vulnerabilities** and **check security** from an attacker's perspective approach to network, system, or information access. a. Red Teaming b. Gray Teaming c. White Teaming d. Blue Teaming
a. Red Teaming
71
Information Security Laws and Standards: Provides a comprehensive framework for ensuring the **effectiveness of information security controls** over information resources that support Federal operations and assets.
FISMA (Federal Information Security Management Act)
72
Information Security Threats and Attack Vectors: An attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conntected to the internet. a. Zombie Attack b. Denial of Service (DoS) c. Privilege Escalation d. Distributed Denial of Service (DDoS) e. Input Validation f. Error Handling
b. Denial of Service (DoS)
73
Information Security Threats and Attack Vectors: The act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. a. Zombie Attack b. Denial of Service (DoS) c. Privilege Escalation d. Distributed Denial of Service (DDoS) e. Input Validation f. Error Handling
c. Privilege Escalation
74
Information Security Threats and Attack Vectors: Occurs when more data is put into a fixed-length **buffer** then the buffer can handle. The extra information, which has to go somewhere, can **overflow** into adjacent memory space, corrupting or overwriting ythe data held in that space. a. Phishing b. Denial of Service (DoS) c. Privilege Escalation d. Buffer Overflow e. Input Validation f. Error Handling
d. Buffer Overflow
75
Information Security Threats and Attacks Vectors: Social Engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. a. Phishing b. Denial of Service (DoS) c. Privilege Escalation d. Buffer Overflow e. Input Validation f. Error Handling
a. Phishing
76
Information Security Controls: \_\_\_\_\_\_\_\_ ________ is a set of defined processes to **identify, analyze, prioritize**, and **resolve security incidents** to restore normal service operations as quickly as possible and prevent future recurrence of the incident. a. Classification and Prioritization b. Detection and Analysis c. Incident Management d. Forensic Investigation
c. Incident Management
77
Information Security Controls: Once complete, the security incident requires additional review and analysis before closing the case. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
h. Post-Incident Activities
78
Information Security Controls: The process of recovering the system or network to its original state. The process is done only after the completion of all internal and external actions. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
g. Eradication and Recovery
79
Information Security Controls: Performed to find the root cause of the incident to know what exactly happened to the information system. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
f. Forensic Investigation
80
Information Security Controls: - Is a crucial step in the incident management process that focuses on preventing additional damage. - Ensuring all the critical and essential computer resources are kept and protected at a safe place. - Regular check on infected system is done to know their operational status. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
e. Containment
81
Information Security Controls: After the incident has been identified and classified, suitable people and teams are notified about the problem. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
d. Notification
82
Information Security Controls: Each incident is categorized and sub-categorized to troubleshoot the incident securely. Accurate categorization helps to allocate the management to the right team that has the appropriate knowledge and skills to handle the situation in real time. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
c. Classification and Prioritization
83
Information Security Controls: - Security events are monitored and carefully analyzed using firewalls, intrusion detection and prevention systems, etc. - Identifying signatures of an incident, analyzing those signatures, recording the incident, prioritizing various incidents and alerting incidents. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
b. Detection and Analysis
84
Information Security Controls: - All the actions are pre-planned and detailed guidelines are provided to the employees at this step. - Various policies and procedures are established to stay well equipped. a. Preparation for Incident Handline and Response b. Detection and Analysis c. Classification and Prioritization d. Notification e. Containment f. Forensic Investigation g. Eradication and Recovery h. Post-Incident Activities
a. Preparation for Incident Handling and Response