Chapter 1: Introduction to Ethical Hacking
What should a pentester do prior to initiating a new penetration test?
Get permission from the organization to be tested.
A contract is important because it does what?
Gives proof of the test parameters and permission to conduct the test.
Which of the following describes an attacker who goes after a target to draw attention to a cause? a.) Terrorist b.) Criminal c.) Hacktivist d.) Script Kiddie
Hacktivist
How is Black box testing performed? (knowledge-wise)
With no knowledge
Which of the following would most likely engage in the pursuit of vulnerability research? a.) White hat b.) Gray hat c.) Black hat d.) Suicide hacker
a.) White hat
Which type of hacker may use their skills for both benign and malicious goals at different times? a.) White hat b.) Gray hat c.) Black hat d.) Suicide hacker
b.) Gray hat
Which of the following best describes what a suicide hacker does? a.) Hacks with permission b.) Hacks without stealth c.) Hacks without permission d.) Hacks with stealth
b.) Hacks without stealth
Vulnerability research deals with which of the following? a.) Actively uncovering vulnerabilities b.) Passively uncovering vulnerabilities c.) Testing theories d.) Applying security guidance
b.) Passively uncovering vulnerabilities
Which of the following does an ethical hacker require to start evaluating a system? a.) Training b.) Permission c.) Planning d.) Nothing
b.) Permission
Which of the following best describes a vulnerability? a.) A worm b.) A virus c.) A weakness d.) A rootkit
c.) A weakness
A white-box test means the tester has which of the following? a.) No knowledge b.) Some knowledge c.) Complete knowledge d.) Permission
c.) Complete knowledge
Which of the following best describes what a hacktivist does? a.) Defaces websites b.) Performs social engineering c.) Hacks for political reasons d.) Hacks with basic skills
c.) Hacks for political reasons
Which of the following describes a hacker who attacks without regard for being caught or punished? a.) Hacktivist b.) Terrorist c.) Criminal d.) Suicide Hacker
d.) Suicide Hacker
What is a code of ethics?
A description of expected behavior
What separates a suicide hacker from other attackers?
A lack of fear of being caught
The group "Anonymous" is an example of what?
Hacktivist
What level of knowledge about hacking does a script kiddie have?
Low to None
What does TOE stand for?
Target of Evaluation
If you have been contracted to perform an attack against a target system, you are what type of hacker?
White Hat
Companies may require a penetration test for all except which of the following? a.) Legal reasons b.) Regulatory reasons c.) To perform an audit d.) To monitor network performance
d.) To monitor network performance