Module 1 Key Terms

How many hosts can a CIDR /24 network have?

254

Initial Sequence Number (ISN)

A 32-bit number that tracks packets received by a node and allows reassembling large packets that have been broken up into smaller packets.

SYN-ACK

A computer responds to the SYN query, letting the other know it is there.

Connectionless

A delivery protocol where the sender does not need to verify whether the receiver is listening or ready to accept the packets.

Network Session Hijacking

A network attack that relies on guessing the ISNs of TCP packets.

Hacktivist

A person who hackers computer systems for political or social reasons.

White Box Model

A type of penetration testing method in which the tester is told what network topology and technology the company is using and is given permission to interview IT personnel and company employees.

The U.S. Department of Justice defines a hacker as which of the following? A. A person who accesses a computer or network without the owner's permission B. A penetration tester C. A person who uses phone services without payment D. A person who accesses a computer or network system with the owner's permission.

A. A person who accesses a computer or network without the owner's permission.

As a security tester, what should you do before installing hacking software on your computer? Choose all that apply. A. Check with local law enforcement agencies. B. Contact your hardware vendor. C. Contact your ISP. D. Research online for the laws in your area.

A. Check with local law enforcement agencies. D. Research online for the laws in your area.

Which federal law prohibits unauthorized access of classified information? A. Computer Fraud and Abuse Act, Title 18 B. Electronic Communication Privacy Act C. Stored Wire and Electronic Communications and Transactional Records Act D. Fifth Amendment

A. Computer Fraud and Abuse Act, Title 18

How can you find out which computer crime laws are applicable in your state? Choose all that apply. A. Contact your local law enforcement agencies. B. Contact your ISP. C. Contact your local computer store vendor. D. Research online for the laws in your area.

A. Contact your local law enforcement agencies. D. Research online for the laws in your area.

What's the hexadecimal equivalent of the binary number 1111 1111? A. FF B. 255 C. EE D. DD

A. FF

Which organization issues the Top 25 list of software errors? A. SANS Institute B. ISECOM C. EC-Council D. OPST

A. SANS Insitute

Which of the following protocols is connectionless? Choose all that apply. A. UDP B. IP C. TCP D. SPX

A. UDP B. IP

Before using hacking software over the Internet, you should contact which of the following? Choose all that apply. A. Your ISP B. Your Vendor C. Local law enforcement authorities to check for compliance D. The FBI

A. Your ISP C. Local law enforcement authorities to check for compliance

On a Windows computer, what command can you enter to show all open ports being used? A. netstat B. ipconfig C. ifconfig D. nbtstat

A. netstat

Which command verifies the existence of a node on a network? A. ping B. ipconfig C. netstat D. nbtstat

A. ping

A security tester should have which of the following attributes? Choose all that apply. A. Good listening skills B. Knowledge of networking and computer technology C. Good verbal and written communication skills D. An interest in securing networks and computer systems

All of the above

PenTest+

An advanced certification that verifies successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results.

Penetration Test

An ethical hacker attempts to break into a company's network or applications to find weak links.

What class is the IP address 172.16.0.1? A. Class A. B. Class B C. Class C D. Class D

B. Class B

What organization offers the PenTest1 certification exam? A. ISC2 B. CompTIA C. SANS Institute D. GIAC

B. CompTIA

What organization offers the CEH certification exam? A. ISC2 B. EC-Council C. CompTIA D. GIAC

B. EC-Council

Which federal law prohibits interrupting any communication, regardless of how it was transmitted? A. Computer Fraud and Abuse Act, Title 18 B. Electronic Communication Privacy Act C. Stored Wire and Electronic Communication and Transactional Records Act D. Fourth Amendment

B. Electronic Communication Privacy Act

What is an OSCP? A. Open Security Consultant Professional B. Offensive Security Certified Professional C. Official Security Computer Programmer D. OSSTMM Security Certified Professional

B. Offensive Security Certified Professional

The netstat command indicates that POP3 is in use on a remote server. Which port is the remote server most likely using? A. Port 25 B. Port 110 C. Port 143 D. Port 80

B. Port 110

What port, other than port 110, is used to retrieve email? A. Port 25 B. Port 143 C. Port 80 D. Port 135

B. Port 143

What is the Budapest Convention? A. A hacking convention held in Europe B. The first international treaty seeking to address Internet and computer crime C. International rules governing penetration testing D. A European treaty governing the protection of personal information

B. The first international treaty seeking to address Internet and computer crime

A ping command initially uses which ICMP type code? A. Type 0 B. Type 8 C. Type 14

B. Type 8

Which of the following is not a valid octal number? A. 5555 B. 4567 C. 3482 D. 7770

C. 3482

A penetration tester is which of the following? A. A person who breaks into a computer or network without permission from the owner. B. A person who uses telephone services without payment. C. A security professional hired to break into a network to discover vulnerabilities. D. A hacker who breaks into a system without permission but does not delete or destroy files.

C. A security professional hired to break into a network to discover vulnerabilities.

What portion of your ISP contract might affect your abilities to conduct a penetration test over the Internet? A. Scanning policy B. Port access policy C. Acceptable Use Policy D. Warranty Policy

C. Acceptable Use Policy

What numbering system is used to express IPv6 addresses? A. Binary B. Octal C. Hexadecimal D. Decimal

C. Hexadeximal

What protocol is used for reporting or informational purposes? A. IGMP B. TCP C. ICMP D. IP

C. ICMP

Some experienced hackers refer to inexperienced hackers who copy or use prewritten scripts or programs as which of the following? Choose all that apply. A. Script Monkeys B. Packet Kiddies C. Packet Monkeys D. Script Kiddies

C. Packet Monkeys D. Script Kiddies

Which protocol offers guaranteed delivery and is connection oriented? A. UDP B. IP C. TCP D. TFTP

C. TCP

Certified Ethical Hacker (CEH)

Certification designation developed by the International Council of Electronic Commerce Consultants (EC-Council).

Certified Information Systems Security Professional (CISSP)

Certification for security professionals issued by the International Information Systems Security Certification Consortium (ISC2).

TCP Flag

Critical component of a TCP header, which occupies 1 but of the TCP segment and can be set to 0 or 1.

The ISN is set at which step of the TCP three-way handshake? A. 1, 2, 3 B. 1, 3 C. 1 D. 1, 2

D. 1, 2

If you run a program in New York City that uses network resources to the extent that a user is denied access to them, what type of law have you violated? A. City B. State C. Local D. Federal

D. Federal

TCP communication can be likened to which of the following? A. Announcement over a loudspeaker B. Bullhorn at a sporting event C. Driving on a highway D. Phone conversation

D. Phone conversation

What port does DNS use? A. Port 80 B. Port 69 C. Port 25 D. Port 53

D. Port 53

A team composed of people with varies skills who attempt to penetrate a network is called which of the following? A. Green Team B. Blue Team C. Black Team D. Red Team

D. Red Team

Which federal law amended Chapter 119 of Title 18, U.S. Code? A. Computer Fraud and Abuse Act, Title 18 B. Electronic Communication Privacy Act C. Stored Wire and Electronic Communications and Transactional Records Act D. U.S. PATRIOT Act, Sec. 217: Interception of Computer Trespasser Communication

D. U.S. PATRIOT Act, Sec. 217: Interception of Computer Trespasser Communication

A written contract isn't necessary when a friend recommends a client. True or False?

False

Crackers

Hackers who break into systems to steal or destroy data.

Three-Way Handshake

Involves SYN, SYN-ACK, and ACK.

What does the command chmod u+x script.sh do?

It gives execute permission to the owner of the file script.sh.

OSSTMM Professional Security Tester (OPST)

It is a certification designated by the Institute for Security and Open Methodologies (ISECOM).

User Datagram Protocol (UDP)

It is a fast but unreliable delivery protocol that operates on the Transport layer.

Gray Box Model

It is a hybrid of the black and white box models. In this model, the company gives the tester only partial information.

Institute for Security and Open Methodologies (ISECOM)

It is a nonprofit organization that provides security training and certification programs for security professionals.

Red Team

It is a team that conducts penetration tests and is composed of people with varied skills who perform the tests.

Offensive Security Certified Professional (OCSP)

It is an advanced certification that requires students to demonstrate hands-on abilities to earn their certificates.

Transmission Control Protocol/Internet Protocol (TCP/IP)

It is the most widely used delivery protocol.

SysAdmin, Audit, Network, Security (SANS) Institute

It offers training and IT security certifications through Global Information Assurance Certification (GIAC)

Protocol

Language used by computers to communicate with one another over the Internet or across an office.

Port

Logical component of a TCP connection and can be assigned to a process that requires network connectivity.

Hacker

One who accesses a computer system or network without the authorization of the system's owner.

Internet Assigned Numbers Authority (IANA)

Provides a list of well-known ports.

List the six flags of a TCP packet.

SYN, ACK, PSH, URG, RST, FIN

List the three components of the TCP/IP three-way handshake.

SYN, SYN-ACK, ACK

ACK

Short for acknowledgment.

SYN

Short for synchronize. This packet is a query to the receiver asking if it is there.

Ethical hacker

Someone who is usually contracted to perform penetration tests or security tests.

Security Test

Testers do more than attempt to break in. They also analyze a company's security policy and procedures and report any vulnerabilities to management.

Open Source Security Testing Methodology Manual (OSSTMM)

The OPST certification uses this standardized methodology written by Peter Herzog.

Global Information Assurance Certification (GIAC)

The SysAdmin, Audit, Network, Security (SANS) Institute offers training and IT certification through Global Information Assurance Certification.

Connection-Oriented Protocol

The sender doesn't send any data to the destination node until the destination node acknowledges that it is listening to the sender.

Given an IP address of 192.168.1.17 and a subnet mask of 255.255.255.192, what are the subnet part of the address and the host part of the address?

The subnet part is binary 11000000.101010000.00000001.00000000 = 192.168.1.0. The host part is binary 10001 = 17.

Vulnerability Assessment

The tester attempts to enumerate all the vulnerabilities found in an application or on a system.

Black Box Model

Type of penetration-testing method in which management doesn't divulge to staff that penetration testing is being conducted, nor does it give the tester any diagrams or describe what technologies the company is using.

Internet Control Message Protocol (ICMP)

Used to send messages related to network operations.

What three models do penetration or security testers use to conduct tests?

White Box Black Box Gray Box

Script Kiddy

Younger, inexperienced hacker, also known as a packet monkey.

Packet Monkey

Younger, inexperienced hacker, also known as a script kiddie.