-
WHICH OF THE FOLLOWING STATEMENTS BEST DESCRIBES A WHITE HAT HACKER?
SECURITY PROFESSIONAL
FORMER BLACK HAT
FORMER GREY HAT
MALICIOUS HACKER
WHITE HAT
-
A SECURITY AUDIT PERFORMED ON THE INTERNAL NETWORK OF AN ORGANIZATION BY THE NETWORK ADMINISTRATION IS ALSO KNOWN AS
GREY-BOX TESTING
BLACK-BOX TESTING
WHITE-BOX TESTING
ACTIVE TESTING
PASSIVE TESTING
WHITE BOX
-
WHAT IS THE FIRST PHASE OF HACKING?
ATTACK
MAINTAINING ACCESS
GAINING ACCESS
RECONNAISSANCE
SCANNING
RECONNAISSANCE
-
WHAT TYPE OF ETHICAL HACK TESTS ACCESS TO THE PHYSICAL INFRASTRUCTURE?
INTERNAL NETWORK
REMOTE NETWORK
EXTERNAL NETWORK
PHYSICAL ACCESS
PHYSICAL ACCESS
-
THE SECURITY, FUNCTIONALITY, AND EASE OF USE TRIANGLE ILLUSTRATES WHICH CONCEPT?
AS SECURITY INCREASES, FUNCIONALITY AND EASE OF USE INCREASE
AS SECURITY DECREASES, FUNCTIONALITY AND EASE OF USE INCREASE
AS SECURITY DECREASES, FUNCTIONALITY AND EASE OF USE DECREASE
SECURITY DOES NOT AFFECT FUNTIONALITY AND EASE OF USE.
AS SECURITY DECREASES, FUNTIONALITY AND EASE OF USE INCREASE
-
WHICH TYPE OF HACKER REPRESENTS THE HIGHEST RISK TO YOUR NETWORK?
DISGRUNTLED EMPLOYEES
BLACK-HAT HACKERS
GRAY-HAT HACKERS
SCRIPT KIDDIES
DISGRUNTLED EMPLOYEES
-
WHAT ARE THE THREE PHASES OF A SECURITY EVALUATION PLAN? (CHOOSE THREE)
SECURITY EVALUATION
PREPARATION
CONCLUSION
FINAL
RECONNAISSANCE
DESIGN SECURITY
VULNERABILITY ASSESSMENT
- PREPARATION
- SECURITY EVALUATION
- AND CONCLUSION
-
HACKING FOR A CAUSE IS CALLED
ACTIVIVE HACKING
HACKTIVISM
ACTIVISM
BLACK HAT HACKING
HACKTIVISM
-
WHICH FEDREAL LAW IS MOST COMMONLY USED TO PROSECUTE HACKERS?
TITLE 12, 18, 20, OR 2?
18
-
WHEN A HACKER ATTEMPTS TO ATTACK A HOST VIA THE INTERNET, IT IS KNOWN AS WHAT TYPE OF ATTACK? REMOTE, PHYSICAL ACCESSL LOCAL ACCESS, OR AN INTERNAL ATTACK?
REMOTE ATTACK
-
WHICH LAW ALLOWS FOR GATHERING OF INFORMATION ON TARGETS?
FREEDOM OF INFORMATION ACT
GOVERNMENT PAPERWORK ELIMINATION ACT
USA PATRIOT ACT OF 2001
PRIVACY ACT OF 1794?
FREEDOM OF INFORMATION ACT
-
THE SECURELY PROTET YOURSELF AGAINS CYBER TRESPASS ACT PROHIBITS WHICH OF THE FOLLOWING?
SPAM
INSTALLING AND USING KEYSTROKE LOGGERS
USING VIEO SURVEILLANCE
IMPLEMENTING POP-UP WINDOWS
THE SPY ACT PROHIBITS SENDING SPAM, INSTALLIGN AND USING KEYSTROKE LOGGER, AND IMPLEMENTING POP-UP WINDOWS.
-
WHICH STEP IN THE FRAMWEWORK OF A SECURITY AUDIT IS CRITICAL TO PROTECT THE ETHICAL HACKER FROM LEGAL LIABILITY?
SIGNING AN ETHICAL HACKING AGREEMENT AND NDA WITH THE CLIENT PRIOR TO TESTING
-
WHICH OF THE FOLLOWING IS A SYSTEM, PROGRAM, OR NETWORK THAT IS SUBJECT OF A SECURITY ANALYSIS?
OWNED SYSTEM
VULNERABILITY
EXPLOITED SYSTEM
TARGET OF EVALUATION
TARGET OF EVALUATION
-
WHAT IS A CRACKER?
A CRAKER IS A HACKER WHO USES THEIR HACKING SKILLS FOR DESTRUCTIVE PURPOSES
-
WHAT IS MAC ADDRESS SPOOFING?
IS AN AUTHENTICATION ATTACK USED TO DEFEAT MAC ADDRESS FILTERS
-
WHAT LAW GIVES AUTHORITY TO INTERCEPT COIVE COMMUNICATIONS IN COMPUTER HACKING ATTEMPTS?
THE PATRIOT ACT
-
WHICH ITEMS SHOUD BE INCLUDED IN AN ETHICAL HACKING REPORT?
ALL INFORMATION ABOUT THE TESTING PROCESS, VULNERABILITES DISCOVERED IN THE NETWORK OR SYSTEM, AND SUGGESTED COUNTERMEASURES SHOULD BE INCLUDED IN THE ETHICAL HACKIGN REPORT.
-
WHAT TYPE OF PERSON POSES THE MOST THREAT TO AN ORGANIZATIONS SECURITY?
DISGRUNTLED EMPLOYEES POSE THE BIGGEST THREAT TO AN ORGANIZATIONS SECURITY BECAUSE OF THE INFORMATION AND ACCESS THAT THEY POSSESS.
-
WHICH OF THE FOLLOWING SHOULD BE INCLUDED IN AN ETHICAL HACKING REPORT?
FINDINGS OF THE TEST
RISK ANALYSIS
DOCUMENTATION OF LAWS
ETHICS DISCLOSURE?
FINDINGS OF THE TEST AND RISK ANALYSIS SHOULD BOTH BE INCLUDED IN AN ETHICAL HACKING REPORT.
|
|