CEH Ch 1 Questions

What is the Computer Security Act of 1987?

It was intended to improve the security and privacy of sensitive information in federal computer systems and to establish minimally acceptable security practices for such systems.

What are Ethernet frames?

In an Ethernet TCP/IP network, computers talk to other systems using a format of bits arranged in specific order which are called frames.

What are the 5 network security zones?

1. Internet (Outside the boundary and uncontrolled), 2. Internet DMZ (a controlled, buffer network between you and the uncontrolled chaos of the internet) 3. Production Network Zone (A very restricted zone that strictly controls direct access from uncontrolled zones) 4. Intranet Zone (Controlled zone that has little to no heavy restrictions) 5. Management Network Zone (Highly secured zone with very strict policies)

What are the protocol data units (PDUs) at each layer of the OSI model?

Application - data; Presentation - data; Session - data; Transport - Segment; Network - Packet; Data Link - Frame; Physical - Bit

What is the Three Way (TCP) Handshake?

A three-step process computers execute to negotiate a connection with one another. The three steps are SYN, SYN/ACK, and ACK.

Enacted in 2002, this U.S. law requires every Federal Agency to implement information security programs, including significant reporting on compliance and accreditation. Which of the following is the best choice for this definition? A. FISMA B. HIPAA C. NIST 800-53 D. OSSTM

A. FISMA has been around since 2002 and was updated in 2014. It gave certain information security responsibilities to NIST, OMB, and other government agencies, and declared the Department of Homeland Security (DHS) as the operational lead for budgets and guidelines on security matters.

An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, nondisclosure agreements, and the completion date. Which of the following is a true statement? A. A white hat is attempting a black-box test. B. A white hat is attempting a white-box test. C. A black hat is attempting a black-box test. D. A black hat is attempting a gray-boxy test.

A. In this example, an ethical hacker was hired under a specific agreement, making him a white hat. The test he was hired to perform is a no-knowledge attack, making it a black-box test.

Your company has a document that spells out exactly what employees are allowed to do on their computer systems. It also defines what is prohibited and what consequences await those who break the rules. A copy of this document is signed by all employees prior to their network access. Which of the following best describes this policy? A. Information Security Policy B. Special Access Policy C. Information Audit Policy D. Network Connection Policy

A. The Information Security Policy defines what is allowed and not allowed, and what the consequences are for misbehavior in regard to resources on the corporate network. Generally this is signed by employees prior to their account creation.

What are the 7 layers of the OSI model?

Application layer, Presentation layer, Session layer, Transport layer, Network layer, Data link layer, Physical layer

What are the four layers of the TCP/IP stack?

Application, Transport, Internet, Network Access

Joe is a security engineer for a firm. His company downsizes, and Joe discovers he will be laid off within a short amount of time. Joe plants viruses and sets about destroying data and settings throughout the network, with no regard to being caught. Which type of hacker is Joe considered to be? A. Hactivist B. Suicide hacker C. Black hat D. Script kiddie

B. A suicide hacker doesn't care about being caught. Jail time and punishment mean nothing to these guys. While sometimes they are tied to a political or religious group or function, sometimes they're just angry folks looking to make an entity pay for some perceived wrongdoing.

Which type of attack is generally conducted as an inside attacker with elevated privileges on the resources? A. Gray box B. White box C. Black box D. Active reconnaissance

B. A white-box attack is intended to simulate an internal attacker with elevated privileges, such as a network administrator.

Brad has done some research and determined a certain set of systems on his network fail once every ten years. The purchase price for each of these systems is $1200. Additionally, Brad discovers the administrators on staff, who earn $50 an hour, estimate five hours to replace a machine. Five employees, earning $25 an hour, depend on each system and will be completely unproductive while it is down. If you were to ask Brad for an ALE on these devices, what should he answer with? A. $2075 B. $207.50 C. $120 D. $1200

B. ALE = ARO x SLE. To determine ARO, divide the number of occurrences by the number of years (1 occurrence /10 years = 0.1). To determine SLE, add the purchase cost (1200) plus the amount of time to replace (5 x 50 = 250) plus the amount of lost work (5 hours x 5 employees x 25 =625). In this case, it all adds up to $2075. ALE = 0.1 x 2075, or 207.50

Which of the following best describes an effort to identify systems that are critical for continuation of operations for the organization? A. BCP B. BIA C. MTD D. DRP

B. The Business Impact Analysis best matches this description. Although maximum tolerable downtime is part of the process, and a continuity plan certainly addresses it, a BIA is the actual process to identify those critical systems.

Sally is a member of a pen test team newly hired to test a bank's security. She begins searching for IP addresses the bank may own by searching public records on the Internet. She also looks up news articles and job postings to discover information that may be valuable. What phase of the pen test is Sally working? A. Preparation B. Assessment C. Conclusion D. Reconnaissance

B. The assessment phase, which EC-Council also likes to interchangeably denote as the "conduct" phase sometimes, is where all the activity takes place--including the passive information gathering performed by Sally in this example.

In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in-depth information on the targets? A. Active reconnaissance B. Scanning and enumeration C. Gaining Access D. Passive reconnaissance

B. The second of the five phases of an ethical hack attempt, scanning and enumeration, is the step where ethical hackers take the information they gathered in recon and actively apply tools and techniques to gather more in-depth information on the targets.

Elements of security include confidentiality, integrity, and availability. Which technique provides for integrity? A. Encryption B. UPS C. Hashing D. Passwords

C. A hash is a unique numerical string, created by a hashing algorithm on a given piece of data, used to verify data integrity. Generally, hashes are used to verify the integrity of files after download (comparison to the hash value on the site before download) and/or to store password values. Hashes are created by a one-way algorithm.

Which of the following would be the best example of a deterrent Control? A. A log aggregation system B. Hidden cameras on site C. A guard Posted outside the door D. Backup recovery systems

C. If you're doing something as a deterrent, you're trying to prevent an attack in the first place. In this physical security deterrent control, a guard visible outside the door could help prevent physical attacks.

When an attack by a hacker is politically motivated, the hacker is said to be participating in which of the following? A. Black-hat hacking B. Gray-Box attacks C. Gray-hat attacks D. Hactivism

D. Hackers who use their skills and talents to forward a cause or a political agenda are practicing hactivism.

Two hackers attempt to crack a company's network resource security. One is considered an ethical hacker, whereas the other is not. What distinguishes the ethical hacker from the "cracker"? A. The cracker always attempts white-box testing. B. The ethical hacker always attempts black-box testing. C. The cracker posts results to the Internet. D. The ethical hacker always obtains written permission before testing.

D. The ethical hacker always obtains written permission before testing and never performs a test without it?

Which of the following Common Criteria processes refers to the system or product being tested? A. ST B. PP C. EAL D. TOE

D. The target of evaluation (TOE) is the system or product being tested.

What is the Electronics Communications Privacy Act?

ECPA was enacted in 1986 by the U.S. Congress to extend restrictions on government wire taps of telephone calls to include transmissions of electronic data by computers.

What is the Privacy Act of 1974?

Establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies.

What is the PATRIOT Act?

Passed in the weeks after 9/11, the Patriot Act was designed to enable the government to fight terrorism. PATRIOT gives sweeping search and surveillance to domestic law enforcement and foreign intelligence agencies and eliminates checks and balances that previously gave courts the opportunity to ensure that those powers were not abused.

What are the three points of the Security triangle?

Security, Functionality, and Usability

What are the domains that COBIT categorizes control objectives into?

The Control Objects for Information and Related Technology (COBIT) domains are: Planning & organization, Acquisition & Delivery, Delivery & Support, Monitoring and Evaluation.

What is CISPA?

The Cyber Intelligence Sharing & Protection Act was a proposed law in the U.S. which would allow for the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies.

What is FISMA?

The Federal Information Security Management Act (FISMA), passed in 2002, requires that federal agencies implement an information security program that covers the agency's operations. FISMA also requires that government agencies include the activities of contractors in their security management programs.

What is PCI-DSS?

The Payment Card Industry Data Security Standard. A security standard for organizations handling credit cards, ATM cards, and other point-of-sales cardsThe standards apply to all groups and organizations involved in the entirety of the payment process--from card issuers, to merchants, to those storing and transmitting card information--and consist of 12 requirements.

What is the Consumer Data Security & Notification Act?

To protect consumers by requiring reasonable security policies and procedures to protect data containing personal information, and to provide for nationwide notice in the event of a breach of security.