Chapter 1 - Ethical Hacking Overview

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What professional level security certification did the "International Information Systems Security Certification Consortium" (ISC2) develop?

Certified Information Systems Security Professional (CISSP)

When a security professional is presented with a contract drawn up by a company's legal department, which allows them to "hack" the company's network, they should proceed by performing what precautionary step?

Consult their lawyer

What name is given to people who break into computer systems with the sole purpose to steal or destroy data?

Crackers

What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?

Vulnerability

What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted?

Electronic Communication Privacy Act

What type of laws should a penetration tester or student learning hacking techniques be aware of?

Local State Federal

What professional security certification requires applicants to demonstrate hands-on abilities to earn their certificate?

Offensive Security Certified Professional

What penetration model should a company use if they only want to allow the penetration tester(s) partial or incomplete information regarding their network system?

gray box

What penetration model would likely provide a network diagram showing all the company's routers, switches, firewalls, and intrusion detection systems, or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?

white box

What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network?

Acceptable Use Policy

What acronym represents the U.S. Department of Justice new branch that addresses computer crime?

CHIP

What security certification did the "The International Council of Electronic Commerce Consultants" (EC-Council) develop?

Certified Ethical Hacker (CEH)

What professional level security certification requires five years of experience and is designed to focus on an applicant's security-related managerial skills?

Certified Information Systems Security Professional

What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM) as its standardized methodology?

OPST

If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?

Red team

What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted?

black box

What organization disseminates research documents on computer and network security worldwide at no cost?

SANS

What subject area is not one of the 22 domains tested during the CEH exam?

Trojan hijacking

Penetration testing can create ethical, technical, and privacy concerns for a company's management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?

Create a contractual agreement

What specific term does the U.S. Department of Justice use to label all illegal access to computer or network systems?

Hacking

What term best describes a person who hacks computer systems for political or social reasons?

Hacktivist

What common term is used by security testing professionals to describe vulnerabilities in a network?

Holes

What derogatory title do experienced hackers, who are skilled computer operators, give to inexperienced hackers?

Script kiddies

Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?

Scripts


Set pelajaran terkait

Chapter 4 Human Resource Selection - Gatewood, Field, Barrick

View Set

Supply Chain Management Chapter 1 Study CWU

View Set

Tax Planning- Chapter 10 & 11 practice problems, Tax Planning C. 12 & 13 Practice questions, Tax Planning- Ch. 14 & 15 Practice Questions

View Set