Review Questions (Chapter1) - HOD401
b
13. Which type of hacker may use their skills for both benign and malicious goals at different times? a. White hat b. Gray hat c. Black hat d. Suicide hacker
d
14. What separates a suicide hacker from other attackers? a. A disregard for the law b. A desire to be helpful c. The intent to reform d. A lack of fear of being caught
a
15. Which of the following would most likely engage in the pursuit of vulnerability research? a. White hat b. Gray hat c. Black hat d. Suicide hacker
b
16. Vulnerability research deals with which of the following? a. Actively uncovering vulnerabilities b. Passively uncovering vulnerabilities c. Testing theories d. Applying security guidance
a
17. How is black-box testing performed? a. With no knowledge b. With full knowledge c. With partial knowledge d. By a black hat
c
18. A contract is important because it does what? a. Gives permission b. Gives test parameters c. Gives proof d. Gives a mission
a
19. What does TOE stand for? a. Target of evaluation b. Time of evaluation c. Type of evaluation d. Term of evaluation
c
2. Which of the following describes an attacker who goes after a target to draw attention to a cause? a. Terrorist b. Criminal c. Hacktivist d. Script kiddie
c
20. Which of the following best describes a vulnerability? a. A worm b. A virus c. A weakness d. A rootkit
a
3. What level of knowledge about hacking does a script kiddie have? a. Low b. Average c. High d. Advanced
c
5. A white-box test means the tester has which of the following? a. No knowledge b. Some knowledge c. Complete knowledge d. Permission
d
6. Which of the following describes a hacker who attacks without regard for being caught or punished? a. Hacktivist b. Terrorist c. Criminal d. Suicide hacker
b
7. What is a code of ethics? a. A law for expected behavior b. A description of expected behavior c. A corporate policy d. A standard for civil conduct
c
8. The group Anonymous is an example of what? a. Terrorists b. Script kiddies c. Hacktivists d. Grayware
e
9. Companies may require a penetration test for which of the following reasons? a. Legal reasons b. Regulatory reasons c. To perform an audit d. To monitor network performance e. All - d
b
4. Which of the following does an ethical hacker require to start evaluating a system? a. Training b. Permission c. Planning d. Nothing
a
1. If you have been contracted to perform an attack against a target system, you are what type of hacker? a. White hat b. Gray hat c. Black hat d. Red hat
c
10. What should a pentester do prior to initiating a new penetration test? a. Plan b. Study the environment c. Get permission d. Study the code of ethics
c
11. Which of the following best describes what a hacktivist does? a. Defaces websites b. Performs social engineering c. Hacks for political reasons d. Hacks with basic skills
b
12. Which of the following best describes what a suicide hacker does? a. Hacks with permission b. Hacks without stealth c. Hacks without permission d. Hacks with stealth