Terminology

Question 1

What are White Hats?

Answer 1

Good Guys, ethical hackers who use their skills for defensive purposes

They put their mind into the mind of a Black hat to defend against them.

Question 2

What defines Gray Hats?

Answer 2

Self-proclaimed ethical hackers whose actions can be good or bad depending on the situation

They are typically interested in hacker tools from a curiosity standpoint.

Question 3

Who are Black Hats?

Answer 3

Bad guys or malicious attackers who use their skills for illegal or malicious purposes

They are often compared to the Sith.

Question 4

What are the four basic elements of security?

Answer 4

• Confidentiality
• Authenticity
• Integrity
• Availability

Question 5

What is a confidentiality attack?

Answer 5

Stealing passwords or other data that allows unauthorized access

This compromises the confidentiality of information.

Question 6

What is an authenticity attack?

Answer 6

MAC address spoofing that allows unauthorized devices to connect to a network

This is particularly relevant in wireless networks.

Question 7

What constitutes an integrity attack?

Answer 7

Bit-flipping attacks where data may be tampered with in transit

This affects the reliability of the data.

Question 8

What is an availability attack?

Answer 8

Denial-of-service (DoS) attack that overloads a system so it can’t be accessed

This targets the availability of systems and networks.

Question 9

Define ‘Threat’ in cybersecurity terms.

Answer 9

A situation that could lead to a potential breach of security.

Question 10

What is an ‘Exploit’?

Answer 10

A piece of software or technology that takes advantage of a bug or vulnerability

This leads to unauthorized access of a system.

Question 11

What does ‘Vulnerability’ mean?

Answer 11

The existence of a software flaw or error that can lead to undesirable events

This can execute damaging instructions to the system.

Question 12

What is a Target of Evaluation (TOE)?

Answer 12

A system, program, or network that is the subject of a security analysis or attack.

Question 13

What is a Remote exploit?

Answer 13

An exploit sent over a network without prior access to the vulnerable system.

Question 14

What is a Local exploit?

Answer 14

An exploit delivered directly to a computer system requiring prior access

This is used to increase privileges.

Question 15

What happens during an attack?

Answer 15

A system is compromised based on vulnerability.

Question 16

What is a Virus/Trojan?

Answer 16

A virus embedded in something downloaded or installed.

Question 17

What is Phishing?

Answer 17

Replicating websites to capture login credentials.

Question 18

Define Eavesdropping.

Answer 18

Monitoring someone without their knowledge.

Question 19

What is a Fake WAP?

Answer 19

A fake Wi-Fi network designed to access your data.

Question 20

What are Waterhole Attacks?

Answer 20

Attacks targeting locations with higher traffic.

Question 21

What is DDoSing?

Answer 21

Flooding traffic to crash a site

This is a type of Denial of Service attack.

Question 22

What does a Keylogger do?

Answer 22

Tracks keystrokes on a device.

Question 23

Define Social Engineering.

Answer 23

Psychological manipulation to obtain confidential information.

Question 24

What is Bait & Switch?

Answer 24

Fake ads leading to a page with a virus.

Question 25

What is Cookie Theft?

Answer 25

Taking cookies off a computer to impersonate the user.

Question 26

What is Cybersecurity?

Answer 26

The act of ensuring a network and its information is safe.

Question 27

What are examples of Cybersecurity measures?

Answer 27

* Using a Firewall * Requiring strong passwords * Installing Antivirus Software

Question 28

What is Ethical Hacking?

Answer 28

Attempting to break into a network legally to uncover vulnerabilities.

Question 29

What is the focus of Cybersecurity?

Answer 29

Protecting a network from potential attacks and dangers.

Question 30

What does Ethical Hacking test?

Answer 30

A network's defenses against potential attacks.

Question 31

Are Ethical Hacking and Penetration Testing interchangeable?

Answer 31

True.

Question 32

What is White Box Hacking?

Answer 32

Ethical hacking with full knowledge of systems being tested.

Question 33

What is Gray Box Hacking?

Answer 33

Ethical hacking with some information about the network but not full details.

Question 34

What is Black Box Hacking?

Answer 34

Ethical hacking with no information about the target.

Question 35

What is Internal Penetration Testing?

Answer 35

Simulating an attack from within the network.

Question 36

What is External Penetration Testing?

Answer 36

Testing the ability for hackers to break into a network from outside.

Question 37

What is Web Application Penetration Testing?

Answer 37

Exploiting vulnerabilities in a web application or website.