Hands-On Ethical Hacking and Network Defense Quiz One
Currently, the CEH exam is based on ____ domains (subject areas) with which the tester must be familiar.
22
The International Council of Electronic Commerce Consultants (EC-Council) has developed a certification designation called ____.
Certified Ethical Hacker (CEH)
The ____ certification for security professionals is issued by the International Information Systems Security Certifications Consortium (ISC2).
Certified Information Systems Security Professional (CISSP)
All states look at port scanning as noninvasive or nondestructive in nature and deem it legal.
False
An ethical hacker is a person who performs most of the same activities a cracker does, but with the owner or company's permission
False
The ____ certification is designated by the Institute for Security and Open Methodologies (ISECOM), a nonprofit organization that provides security training and certification programs for security professionals.
OSSTMM Professional Security Tester (OPST)
"____" is not a domain tested for the CEH exam.
Red Team testing
The ____ Institute Top 20 list details the most common network exploits and suggests ways of correcting vulnerabilities.
SANS
____ takes penetration testing to a higher level.
Security Testing
The ____ disseminates research documents on computer and network security worldwide at no cost.
SysAdmin,Audit,Network, Security (SANS) Institute
As a security tester, you can't make a network impenetrable.
True
Even though the Certified Information Systems Security Professional (CISSP) certification is not geared toward the technical IT professional, it has become one of the standards for many security professionals.
True
The SysAdmin, Audit, Network, Security (SANS) Institute offers training and IT security certifications through Global Information Assurance Certification (GIAC).
True
In the ____ model, management does not divulge to staff that penetration testing is being conducted, nor does it give the tester any diagrams or describe what technologies the company is using.
black box
An April 2009 article in USA Today revealed that the federal government is looking for ____ to pay them to secure the nation's network
hackers
The U.S. Department of Justice labels all illegal access to computer or network systems as "____".
hacking
Penetration testers and security testers usually have a laptop computer configured with ____ and hacking tools.
multiple OSs
Some hackers are skillful computer operators, but others are younger inexperienced people who experienced hackers refer to as ____.
script kiddies
Many experienced penetration testers can write computer programs or ____ in Perl or the C language to carry out network attacks.
scripts
The collection of tools for conducting vulnerability assessments and attacks is sometimes referred to as a "____".
tiger box
