Intrusion Detection- Ethical Hacking
In hexadecimal, what does the character E represent?
14
An individual wants to switch from using Hypertext Transfer Protocol (HTTP) to a more secure protocol. To which port are they most likely to switch?
443
What is a Class B IP address typically used for?
. Large organizations and ISPs
Which of the following is a method of educating network users to minimize the damage and the frequency with which computers become infected?
All of the answer choices are methods of educating users to minimize the damage and the frequency with which computers become infected.
Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?
signatures
Which of the following is a malicious computer program that replicates and propagates itself without having to attach to a host?
worm
How many host addresses can be assigned with a subnet mask of 255.255.255.0?
254
What IPv4 address class has the IP address 221.1.2.3?
Class C
Which class of IP addresses are reserved for multicast and experimental addressing?
Class D and Class E
What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted?
Electronic Communication Privacy Act
What is the greatest advantage of whitelisting?
Helps prevent malicious code from being introduced into corporate networks
What advantage does subnetting offer?
Increased Security
What layer, in the TCP/IP stack, is responsible for routing a packet to a destination address?
Internet
What type of physical security device can be used by both security professionals and attackers?
Keyloggers
What term references half a byte?
Nibble
What advanced professional security certification requires applicants to demonstrate hands-on abilities to earn their certificate?
Offensive Security Certified Professional
What type of network attack relies on guessing a TCP header's initial sequence number, or ISN?
Session hijacking
Why are hackers able to bypass some security systems using IPv6?
Some router-filtering devices, firewalls, and intrusion detection systems (IDSs) are not configured to enable IPv6.
What does the acronym TCP represent?
Transmission Control Protocol
Why is UDP widely used on the Internet?
UDP is widely used because of its speed.
In the TCP/IP stack, what layer is concerned with physically moving bits across the network's medium?
Network
What connection-oriented protocol is utilized by the Transport layer?
TCP
What is the function of the Domain Name System?
The DNS server resolves the name of a URL to an IP address.
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?
127 address
In binary, what is the largest number that can be represented by four low-order bits?
15
What is the decimal equivalent of the binary number 11000001
193
How many characters are required to write a hexadecimal number?
2
How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix?
254
Approximately how many IP addresses are allowed under IPv4?
4.3 billion
What port does the Domain Name System, or DNS service use?
53
How many bits are needed to represent a character in base-64?
6
What is the largest digit in an octal number?
7
What derogatory title do experienced hackers give to inexperienced hackers who copy code or use tools created by knowledgeable programmers without understanding how the tools work?
packet monkey
If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use?
spyware
How can a security tester ensure a network is nearly impenetrable?
unplug the network cable
Even though a security professional might think they are following the requirements set forth by the client who hired them to perform a security test, management may be dissatisfied. Which of the following is an example of an ethical hacking situation that might upset a manager?
The security testing reveals all the usernames and passwords of company personnel to the tester without the manager's prior consent.
If the low-order bit is turned on in a binary digit, what can be assumed?
The value is odd
What is true regarding physical network security?
There's a higher chance of threat from insiders within a company versus outsiders.
Why should a security professional fully understand the TCP header components?
To understand the basic methods of hacking into networks
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
What type of malicious computer programs present themselves as useful computer programs or applications?
Trojan programs
How can a nondisclosure agreement allay management fears about password discovery?
Correct. A nondisclosure agreement (NDA) should be in place to assure clients that testers will not reveal or use any information they find.
What may occur when a broadcast address is mistaken as a valid host address?
Denial-of-service attack.
What specific term does the U.S. Department of Justice use to label all illegal access to computer or network systems?
Hacking
What is the difference between penetration tests and security tests?
In a penetration test, an ethical hacker attempts to break into a company's network or applications to find weak links. In a security test, testers do more than attempt to break in; they also analyze a company's security policy and procedures and report any vulnerabilities to management.
Which of the following actions could be prosecuted under the Stored Wire and Electronic Communications and Transactional Records Act?
Incorrect. The Economic Espionage Act offers trade secret protection to both businesses and the government
Why have some judges dismissed charges for those accused of port scanning?
Incorrect. The federal government currently doesn't view port scanning as a violation of the U.S. Constitution.
Why might companies prefer black box testing over white box testing?
Many companies don't want a false sense of security.
Which type of security is specifically concerned with computers or devices that are part of a network infrastructure?
Network Security
An application is working with real-time data and needs the data to be sent immediately. Which flag should be set to accomplish this?
PSH Flag
What type of attack causes the victim's computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes?
Ping of Death
What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity?
Port
What port would a successful Trojan program most likely use?
Port 53
Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party?
Session hijacking
Which of the following statements about port scanning is true?
Some states consider port scanning as noninvasive or nondestructive in nature and deem it legal
What can be inferred about successful security professionals?
Successful security professionals have a combination of technical and soft skills.
What protocol is the most widely used and allows all computers on a network to communicate and function correctly?
TCP/IP
Why should a company employ an ethical hacker?
The benefit of an ethical hacker discovering vulnerabilities outweighs the cost of paying for the penetration/security test services.
What numbering system is used by computer engineers to make computers, and why was this numbering system selected?
The binary number system was chosen because logic chips make binary decisions (true/false, on/off).
Which of the following might be a violation of a contract between an independent contractor and a company that hires them to run security tests?
The independent contractor runs a program that prevents the employees from doing their jobs.
Which of the following is a possibility when you work as a security professional?
All are possibilitites
What layer protocols operate as the front end to the lower-layer protocols in the TCP/IP stack?
Application
Why is it a challenge and concern for an ethical hacker to avoid breaking any laws
The laws are constantly changing.
How do spyware and adware differ?
The main purpose of adware is to determine a user's purchasing habits, but spyware sends information, including confidential information, from the infected computer to the attacker.
Communication between two devices is not properly functioning. What is the most likely cause of the communication issues?
The protocols on each device differ.
Which of the following program files would most likely not be included in a whitelist?
Unknown.exe
The most insidious attacks against networks and computers worldwide take place via Trojan programs. Why do Trojan attacks continue to occur?
Users simply click Allow when warned about suspicious activity on a port.
Which of the following statements about written contracts is true?
Written contracts are always a good business practice.
What skill is most important when developing a written agreement between a security professional and a company that will be hiring them to execute a security assessment?
an understanding of the laws that apply to your location
Protecting an organization from malware attacks is difficult because new viruses, worms, and Trojans appear daily. What can mitigate some of these risks by detecting many malware programs?
antivirus software
What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted?
black box
Which of the following attacks occurs when a programmer exploits written code that doesn't check for a defined amount of memory space?
buffer overflow
An organization wants to install a physical security system which will protect its assets and document an individual's time of entry. Which option will allow them to accomplish both tasks?
card access
In Unix and Linux systems, what command allows you to alter the permissions of files and directories?
chmod
When a security professional is presented with a contract drawn up by a company's legal department, which allows them to "hack" the company's network, they should proceed by performing what precautionary step?
consult their lawyer
Penetration testing can create ethical, technical, and privacy concerns for a company's management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?
create a contractual agreement
Which type of attack cripples the network and prevents legitimate users from accessing network resources?
denial-of-service
An attacker is using Wireshark to capture network communications. Later these captured packets are reconstructed, and the attacker searches for confidential information that can be used to extend the attack. What malicious procedure is occuring?
eavesdropping
What term refers to a person who performs most of the same activities a hacker does, but with the owner or company's permission?
ethical hacker
What penetration model should a company use if they only want to allow the penetration tester(s) partial or incomplete information regarding their network system?
gray box
Which penetration model allows for an even distribution of time and resources along with a fairly comprehensive test?
gray box
Which term best describes malicious programmatic behaviors of known viruses that antivirus software companies compare to every file on a computer?
heuristics
What common term is used by security testing professionals to describe vulnerabilities in a network?
holes
What is the typical format for Class C addresses?
network.network.network.node
Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect?
rootkit
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?
scripts
What type of testing procedure involves the tester(s) analyzing the company's security policy and procedures, and reporting any vulnerabilities to management?
security test
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?
vulnerability
What policy, provided by a typical ISP, should be read and understood before performing any port scanning outside of your private network?
Acceptable Use Policy
With which type of laws should a penetration tester or student learning hacking techniques be familiar?
all of the above
Which of the following physical security options avoids the issue of combination or key sharing?
Biometric devices
What skills does a security professional need to be successful?
Both knowledge of network and computer technology and the ability to communicate with management and IT personnel.
What acronym represents the U.S. Department of Justice branch that addresses computer crime?
CHIP
Which of the following activities is not illegal?
Discovering passwords of company personnel when testing for vulnerabilities
Which of the following statements about antivirus software is true?
Even with antivirus software, protecting an organization from malware attacks is difficult because new viruses, worms, and Trojans appear daily.
Which of the following reasons explains why night-shift employees have easier access to physical network infrastructure?
Fewer employees are around during nonstandard business hours.
What is critical to remember when studying for a network security certification exam?
Following the laws and behaving ethically are more important than passing an exam
What penetration model would likely provide a network diagram showing all the company's routers, switches, firewalls, and intrusion detection systems, or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?
White box
What line of defense allows only approved programs to run on a computer?
Whitelisting
All of the following are good resources for finding more information about contracts for independent security consultants except one. Which is the exception?
Your own attorney
