Ethical Hacking Chapter 1
A written contract isn't necessary when a friend recommends a client. True or False?
False
If you run a program in New York City that uses network resources to the extent that a user is denied access to them, what type of law have you violated?
Federal
What portion of your ISP contract might affect your ability to conduct a penetration test over the Internet?
Acceptable use policy
As a security tester, what should you do before installing hacking software on your computer?
Check with local law enforcement agencies.
Which federal law prohibits unauthorized access of classified information?
Computer Fraud and Abuse Act, Title 18
How can you find out which computer crime laws are applicable in your state?
Contact your local law enforcement agencies.
What organization offers the Certified Ethical Hacker (CEH) certification exam?
EC-Council
Which federal law prohibits intercepting any communication, regardless of how it was transmitted?
Electronic Communication Privacy Act
A penetration tester should possess which of the following attributes? (Choose all that apply.)
Good listening skills Knowledge of networking and computer technology Good verbal and written communication skills An interest in securing networks and computer systems
What organization designates a person as an OPST?
ISECOM
What organization designates a person as a CISSP?
International Information Systems Security Certification Consortium (ISC2)
Some experienced hackers refer to inexperienced hackers who copy or use prewritten scripts or programs as which of the following? (Choose all that apply.)
Packet monkeys Script kiddies
A team composed of people with varied skills who attempt to penetrate a network is referred to as which of the following?
Red team
To determine whether scanning is illegal in your area, you should do which of the following?
Refer to state laws.
Which organization issues the Top 20 list of current network vulnerabilities?
SANS Institute
Which federal law amended Chapter 119 of Title 18, U.S. Code?
U.S. Patriot Act, Sec. 217: Interception of Computer Trespasser Communications
What three models do penetration or security testers use to conduct tests?
white box, black box, gray box
The U.S. Department of Justice defines a hacker as which of the following?
A person who accesses a computer or network without the owner's permission
A penetration tester is which of the following?
A security professional who's hired to hack into a network to discover vulnerabilities
Before using hacking software over the Internet, you should contact which of the following? (Choose all that apply.)
Your ISP Local law enforcement authorities to check for compliance