Module 13: Attackers and Their Tools Quiz
What is an example of "hacktivism"?
A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
Which type of network threat is intended to prevent authorized users from accessing resources?
DoS attacks
What focus describes a characteristic of an indicator of attack (IOA)?
It focuses more on the motivation behind an attack and the means used to compromise vulnerabilities to gain access to assets.
Which statement describes cybersecurity?
It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
Which statement describes the term attack surface?
It is the total sum of vulnerabilities in a system that is accessible to an attacker.
What security tool allows a threat actor to hack into a wireless network and detect security vulnerabilities?
KisMac
What is the motivation of a white hat attacker?
discovering weaknesses of networks and systems to improve the security level of these systems
What characteristic describes a gray hat hacker?
individuals who commit cyber crimes but not for personal gain or to cause damage
What characteristic describes script kiddies?
inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit
Which risk management plan involves discontinuing an activity that creates a risk?
risk avoidance
Which risk management strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk?
risk reduction
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use forensic tools?
to detect any evidence of a hack or malware in a computer or network
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as Nmap, SuperScan, and Angry IP Scanner?
to probe network devices, servers, and hosts for open TCP or UDP ports
