Ethical Hacking
What acronym represents the U.S. Department of Justice new branch that addresses computer crime?
CHIP
In the TCP/IP stack, what layer is concerned with physically moving bits across the network's medium?
Network
What TCP flag is responsible for synchronizing the beginning of a session?
SYN Flag
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
An octal digit can be represented with only three bits because the largest digit in octal is seven.
True
Even though the Certified Information Systems Security Professional (CISSP) certification is not geared toward the technical IT professional, it has become one of the standards for many security professionals.
True
Penetration testing can create ethical, technical, and privacy concerns for a company's management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?
Create a contractual agreement
A hex number is written with two characters, each representing a byte.
False
As a security tester, you can make a network impenetrable.
False
In the TCP/IP stack, the Transport layer includes network services and client software.
False
Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law.
False
To retrieve e-mail from a mail server, you most likely access port 119.
False
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?
ICMP
If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?
Red team
An ethical hacker is a person who performs most of the same activities a hacker does, but with the owner or company's permission.
True
No matter what medium connects computers on network-copper wires, fiber-optic cables, or a wireless setup; the same protocol must be running on all computers if communication is going to function correctly.
True
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?
127
How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix?
254
What IPv4 address class has the IP address 221.1.2.3?
Class C
What common term is used by security testing professionals to describe vulnerabilities in a network?
Holes
What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets?
ISN
What TCP flag is responsible for delivering data directly and immediately to an application?
PSH flag
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?
Scripts
Penetration testers and security testers need technical skills to perform their duties effectively.
True
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?
UDP