Hacker High School Test Review
What are dependencies?
Dependencies are the things beyond the asset owner's ability to provide independently.
When hacking is used to get private and personal information on individual people to embarrass them publicly it's called ________.
DoXing
Is hacking illegal?
Hacking itself is not illegal. It all comes down to what are you intending to do. If you are trying to commit a crime by hacking then yes, it is illegal.
What did Georg Cantor do?
He proposed new ideas about infinity and set theory that caused outrage amongst many fellow mathematicians to the point that one called his ideas a "grave disease" infecting mathematics.
Why should inexperienced hackers research thouroughly before asking a question to a forum?
If you ask a question that has an obvious answer, you may get terse responses.
The Four Point Process has you look at interactions in the following ways:
Induction, inquest, interaction and intervention
Induction:
Induction, which is examining the environment, the places where the person visited before they got ill and how they may have affected the patient, such as what they may have touched, ingested, or breathed.
What is a blog?
A blog can be considered an evolution of the zine, usually with a writing staff of one. Blogs are updated more often than most print publications or zines, and create communities tied to very strong themes.
What is the hacker profiling project?
A collaboration project with the United Nations to explore who hackers are and why they hack.
Who was Jesse James?
A famous bank robber.
What is a hacker?
A hacker is a type of hands-on, experimenting scientist, that dive right in following a feeling rather than a formal hypothesis.
What is a script kiddie?
A hacker word that means a person who uses tools without really knowing how or why they work.
What is Hierarchical shotgun brute-forcing?
A method of decrypting passwords by cracking their encrypted form. It breaks down the encrypted hash of the password, solves a few characters at a time, then stitches it all back together. Genome researchers adapted the same technique to map the entire 3.3 billion base pairs of the human genome.
Which is less bias, a zine or a magazine?
A zine.
What is a handle?
A. A made up name that a hacker goes by. B. A thing people download to make hacking easier. C. How safe your information is. Answer: A
Industry employees represented as experts give their opinions, or people who are authorities in one area offer their opinion in another area in which they have no expertise is:
A. Authoritative evidence B. Speculation C. Hacking evidence Answer: A
Classes define:
A. Different hackers B. Ways to hack C. an area of study, investigation, or operation. Answer: C
What is it called when public information is dug out to target a person or company for an attack, but no criminal acts are made to get the information?
A. Document grinding B. Network surveying C. Competitive intelligence Answer: A
According to an ISECOM project called the Hacker Profiling Project who does the most damage caused by hacking come from?
A. Experienced hackers with intent. B. Young, inexperienced hackers damaging other people's property by accident. C. Criminals trying to steal your information. Answer: B
What is an example of an useful internet cache?
A. Google.com B. Hackerhighschool.org C. Internet Archive at http://www.archive.org. Answer: C
What is a very important thing to know as a hacker?
A. Most forums and mailing lists are not searchable through major search engines. B. Hacking is only supposed to be used for crimes. C. Hacking is not allowed at all. Answer: A
What kind of hackers do we mostly hear about in the news?
A. People who made a new invention. B. People who try to make the community safer. C. Illegal, invasive, and destructive intentions. Answer: C
What is the problem with P2P networks?
A. You don't know what you will see. B. Some things are on the network illegally. C. It is free. Answer: B
What are some good search engines for dark corners?
AltaVista and DuckDuckGo
What are cached pages?
An Internet cache is an online record of past versions of websites, or even of websites that have gone dark.
What is a Trust interaction?
Between people and things that are familiar with each other.
How did we discover and learn about things as kids?
By interacting with them directly.
What are channels?
Channels are the common terms for the ways you interact with assets.
Chat:
Chat, which comes in the forms of Internet Relay Chat (IRC) and Instant Messaging (IM), is a very popular way to communicate.
When hacking is used to deeply understand a competitor without breaking any laws it is called ___________ ___________.
Competitive intelligence
What is speculation?
Dressing up something as true because "everyone" believes it is true, though there's no actual attribution to anyone specific.
True or False? Bing owns an entire archive of newsgroups.
False, Google purchased the entire archive of newsgroups and put them online at http://groups.google.com.
True or False? The Four Point Process is a hacking magazine.
False, it outlines four ways these interactions are used to analyze something as deeply as possible, and by analyze we mean to mess with it so we can watch it and see what happens.
True or False? George Cantor designed possibly the first brushless motor that ran on AC electricity.
False, it was Nikolas Tesla.
True or False? The scope is a term for a way to find people's information.
False, the Scope is a word we use to describe the total possible operating environment, which is every interaction that the thing you want to hack has.
True or False? Two types of interactions are Lock and Entrance.
False, the two types of interactions are Trust and Access.
True or False? A hacker is someone who gets someone's phone and posts a picture on their social media.
False.
What does FUD stand for?
Fear, Uncertainty, and Doubt.
Why do hackers have handles?
It used to be for fun because hackers in the early days were mostly kids. But later, this game of "playing someone else" became a tool that hackers could use to protect themselves by allowing them to be anonymous.
What is raspberry pi?
It's a tiny single-board computer (SBC) about the size of a credit card, and about the price of a couple of pizzas. It's not a wimpy little thing, either: the P1 2 has a quad-core CPU, USB and HDMI video. A tiny microSD card serves as the hard drive, and swaps so easily you can use several operating systems.
What is visibility?
It's simplified as opportunity but in hacking it's more about knowing if there is something to interact with or not. This interaction brings along a whole lot of new security techniques like deception, illusion, and camouflage, as well as all-new hacking techniques for avoiding and getting around security measures like deception, illusion, and camouflage.
If you want to avoid getting attacked, what should you do?
Keep a low Exposure and avoiding Visibility is a way to keep from getting attacked in the first place.
Why can't you assume that a website is safe if it appears on a search engine?
Many hacker attacks and viruses are spread just by visiting a website or downloading innocent-looking programs, screen savers or any shared files.
Why should you be careful with what you read on magazines?
Many of them are biased and just want to appeal to their own audiences.
What are newsgroups?
Newsgroups are like mailing list archives but without the mail. People posted there directly like they do when commenting to a website. You will find posts in there from the early 1990s onward.
Is hacking always a crime?
No, hacking can be greatly beneficial to the world for understanding how to be safer and for building even better technology.
What is anecdotal evidence?
Opinions from people published as evidence regardless of whether they are experts or not.
What is peer to peer?
Peer to Peer, also known as P2P, is a network inside the Internet. Unlike the usual client/server network, where every computer communicates through a central server, the computers in a P2P network communicate directly with each other.
Why are wikis not accurate?
Reports often claim that wikis are not accurate because they are contributed to by amateurs and fanatics.
Like all hacking, research includes a ______.
Scope
Attending ___________ is a great way to hear theory explained in detail and to watch skills in action.
Seminars
What is this called? http://dataprotectioncenter.com/wp-content/uploads/2016/01/visual-hacking.jpg
Shoulder Surfing
What is the OSSTMM?
The OSSTMM is the Open Source Security Testing Methodology Manual, and while it may read like DVD player setup instructions, it's the main document that many hacking professionals use to plan and execute their attacks and defenses.
What is the best way to deal with the issues of accuracy?
The best way to deal with the issues of accuracy and agenda is to be well and widely read/informed.
Inquest:
The inquest is reading emanations from the patient like pulse, blood pressure, and brain waves.
Interaction:
The interaction function is the echo process where the doctors poke the patients, talk to them, and test their reflexes on the elbows and knees and use other tools of the "Does it hurt if I do this?" method.
Intervention:
The intervention is changing or stressing the patient's homeostasis, behavior, routine, or comfort level to see what happens.
What is the real reason that people hack?
The real reason to be a hacker is because it's really powerful. You can do some very cool things when you have strong hacking skills. Any deep knowledge gives you great power. If you know how something works to the point that you can take control of it, you have serious power in your hands. Most of all, you have the power to protect yourself and those you care about.
What is cherry picking?
The technique of highlighting only the positive aspects of something fitting the magazine's theme or highlighting only the negative aspects of the things that don't.
Why don't most hackers use their real name?
The utility of a hacker handle is that it allows us to be ourselves, without the worry of retribution from a well-meaning, but misunderstanding society.
What is zero day?
The very newest hacking exploits.
Why do some people hack products that aren't theirs?
They didn't look at something as the original designers did, but instead saw bigger or better potential for it and hacked it to be something new.
What are privileges?
This means you need a login name and password to get access.
True or False? Forums and mailing lists are communally developed media, a lot like a recording of conversations at a party.
True
True or False? Many people who have been called hackers, especially by the media, or who have gotten in trouble for "hacking" were not, in fact, hackers.
True
True or False? The Attack Surface is all the ways, all the interactions, that allow for something or someone to be attacked.
True
True or False? Leet speak is an informal language or code used on the Internet, in which standard letters are often replaced by numerals or special characters.
True.
True or False? An Asset can be anything that has value to the owner.
True.
True or False? Seminars consist of professional hackers talking to students about hacking and being a hacker, both the bad and the good.
True.
True or False? You are hacking whenever you deeply examine how something really works in order to creatively manipulate it into doing what you want.
True.
True or False? Hacking can appear in all jobs.
True. Some examples are chefs using liquid nitrogen as the cooling agent to make perfect ice cream.
What was the message of the story with Jace?
What hacking is and how to do it safely/legally.
What is espionage?
When hacking is used against a foreign government to commit criminal acts of breaking and entering, trespassing, theft, and destruction to get the edge in political or military information.
What is network surveying?
When hacking is used to understand a company network, systems, applications, and devices as the target of an attack without actually intruding or trespassing into the systems.
What is economic espionage?
When the hacking is done from a foreign business against another business in a different country to get an edge in business.
What is an Access interaction?
When the interactions happen between unknown people or systems.
What is porosity?
When you take the three types of interactions together, you have Porosity, the basis of an Attack Surface.
Is it illegal to hack something that you bought and own?
You may not be allowed legally to hack software that you've purchased, even if it's just to check for yourself that it's secure enough to run on your own computer. This is because many of the things that you purchase may come with a contract or End User License Agreement (EULA) that says you can't.
Why is chat inconsistent?
You're dealing with individuals in real time. Some will be friendly and some will be rude. Some will be harmless pranksters, but some will be malicious liars. Some will be intelligent and willing to share information, and some will be completely uninformed, but no less willing to share. It can be difficult to know which is which.
What are zines?
Zines are the descendants of fanzines: small, usually free magazines with a very small distribution (less than 10,000 readers) and often produced by hobbyists and amateur journalists.
Who writes zines?
Zines on the Internet, like the famous 2600 or the Phrack web zine, are written by volunteers; often that means the producers don't edit content for non-technical errors.
Four ways to create separation:
• Move the asset to create a barrier between it and the threats. • Change the threat to a harmless state. • Destroy the threat. • Destroy the asset. (Not recommended!)