CYBR 644 - Week 2
Which of the following best describes what a suicide hacker does?
Carrying out hack even with knowledge they'll be caught & punished
What should a pentester do prior to initiating a new penetration test?
Establish contract to declare scope and nature of test
If you have been contracted to perform an attack against a target system, you are what type of hacker?
Ethical Hacker, White Hat
A white box test means the tester has which of the following?
Full knowledge of network, systems, and infrastructure; More time probing vulnerabilities
In which phase of the attack methodology do we use google and social media to learn about our target?
Phase 1: Recon/OSINT
In which phase of the attack methodology do we correlate open ports and running services to a potential attack vector?
Phase 2.5: Scanning and enumeration
In which phase of the attack methodology do we try to identify hosts that we can then look for vulnerabilities on?
Phase 2: Scanning and enumeration
In which phase of the attack methodology do we actually "break in" to a system?
Phase 3: Gaining access/exploitation or Phase 4: Escalation of Priviledge
Which of the following best describes a vulnerability?
a weakness in an informaton system, system security procedures, internal controls, or implementation that could be exploited ofr triggered by a threat source
Which of the following descirbes a hacker who attacks without regard for being caught or punished?
Black Hat Hacker or Crackers
Which type of hacker may use their skills for both benign and malicious goals at different times?
Gray Hat Hacker
The group Anonymous is an example of what?
Hacktivist
Which of the following describes an attacker who goes after a target to draw attention to a cause?
Hacktivist
What level of knowledge about hacking does a script kiddie have?
Low-Skill Level Hacking
How is black box testing performed?
Pen Tester has no knowledge of Target of Evaluation
Which of the following does an ethical hacker require to start evaluating a system?
Scope and Goals, Written approval, identification of compliance and legal issues
What does TOE stand for?
Target Of Evaluation
Which of the following would most likely engage in the persuit of vulnerability research?
White Hat Hackers
Vulnerability research deals with which of the following?
helps identify and address weaknesses in systems and networks that could be exploited by cybercriminals.