Ethical Hacking Chapter 1

Card Set Information

Ethical Hacking Chapter 1
2015-03-23 04:54:09

Show Answers:

  1. The U.S. Department of Justice defines a hacker as which of the following?
    • A person who accesses a computer or network
    • without the owner’s permission
  2. A penetration tester is which of the following?
    A security professional who’s hired to hack into a network to discover vulnerabilities
  3. Some experienced hackers refer to inexperienced hackers who copy or use prewritten scripts or programs as which of the following? (Choose all that apply.)
    1. Packet monkeys

    2. Script kiddies
  4. What three models do penetration or security testers use to conduct tests?
    white box, black box, gray box
  5. A team composed of people with varied skills who attempt to penetrate a network is referred to as which of the following?
    Red team
  6. How can you find out which computer crime laws are applicable in your state?
    Contact your local law enforcement agencies.
  7. What portion of your ISP contract might affect your ability to conduct a penetration test over the Internet?
    Acceptable use policy
  8. If you run a program in New York City that uses network resources to the extent that a user is denied access to them, what type of law have you violated?
  9. Which federal law prohibits unauthorized access of classified information?
    Computer Fraud and Abuse Act, Title 18
  10. Which federal law prohibits intercepting any
    communication, regardless of how it was transmitted?
    Electronic Communication Privacy Act
  11. Which federal law amended Chapter 119 of Title 18, U.S. Code?
    U.S. Patriot Act, Sec. 217: Interception of Computer Trespasser Communications
  12. To determine whether scanning is illegal in your area, you should do which of the following?
    Refer to state laws.
  13. What organization offers the Certified Ethical Hacker (CEH) certification exam?
  14. What organization designates a person as a CISSP?
    • International Information Systems Security
    • Certification Consortium (ISC2)
  15. What organization designates a person as an OPST?
  16. As a security tester, what should you do before installing hacking software on your computer?
    Check with local law enforcement agencies.
  17. Before using hacking software over the Internet,
    you should contact which of the following? (Choose all that apply.)
    • 1. Your ISP
    • 2. Local law enforcement authorities to check for
    • compliance
  18. Which organization issues the Top 20 list of current network vulnerabilities?
    SANS Institute
  19. A written contract isn’t necessary when a friend recommends a client. True or False?
  20. A penetration tester should possess which of the following attributes? (Choose all that apply.)
    a. Good listening skills

    b. Knowledge of networking and computer technology

    c. Good verbal and written communication skills

    d. An interest in securing networks and computer systems
  21. The difference between an ethical hacker and other hackers, such as hackers,crackers and script kiddies is:

    A. Attitude
    B. Permission
    C. In-depth understanding of TCP/IP
    D. Skills
    B. Permission
    (this multiple choice question has been scrambled)
  22. What portion of your ISP contract might affect your ability to conduct a penetration test over the Internet?

    A. Warranty Policy
    B. Scanning Policy
    C. Port Access Policy
    D. Acceptable Use Policy
    D. Acceptable Use Policy
    (this multiple choice question has been scrambled)
  23. All states look at port scanning as noninvasive or nondestructive in nature and deem it legal. t/f
  24. In a(n) ____, the tester does more than attempt to break in; he or she also analyzes the company's security policy and procedures and reports any vulnerabilities to management.

    A. ethical hacking test
    B. hacking test
    C. penetration test
    D. security test
    D. security test
    (this multiple choice question has been scrambled)
  25. Some hackers are skillful computer operators, but others are younger inexperienced people who experienced hackers refer to as ____.

    A. script kiddies
    B. repetition monkeys
    C. packet sniffers
    D. crackers
    A. script kiddies
    (this multiple choice question has been scrambled)