Ethical Hacking Midterm

What specific term does the U.S. Department of Justice use to label all illegal access to computer or network systems?

Hacking

What type of testing procedure involves the tester(s) analyzing the company's security policy and procedures, and reporting any vulnerabilities to management?

Security test

What derogatory title do experienced hackers, who are skilled computer operators, give to inexperienced hackers?

Script kiddies

What term best describes a person who hacks computer systems for political or social reasons?

Hacktivist

What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted?

Black box

Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?

Scripts

What type of laws should a penetration tester or student learning hacking techniques be aware of?

All of the above

What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network?

Acceptable Use Policy

What penetration model would likely provide a network diagram showing all the company's routers, switches, firewalls, and intrusion detection systems, or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?

White box

What penetration model should a company use if they only want to allow the penetration tester(s) partial or incomplete information regarding their network system?

Gray box

What security certification did the "The International Council of Electronic Commerce Consultants" (EC-Council) develop?

Certified Ethical Hacker (CEH)

What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted?

Electronic Communication Privacy Act

What acronym represents the U.S. Department of Justice new branch that addresses computer crime?

CHIP

Penetration testing can create ethical, technical, and privacy concerns for a company's management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?

Create a contractual agreement

If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?

Red team

What common term is used by security testing professionals to describe vulnerabilities in a network?

Holes

What name is given to people who break into computer systems with the sole purpose to steal or destroy data?

Crackers

Penetration testers and security testers need technical skills to perform their duties effectively.

True

Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law.

False

As a security tester, you can make a network impenetrable.

False

Protocol used to send messages related to network operations

ICMP

Attack that relies on guessing the ISNs of TCP packets

Network session hijacking

Occupies one bit of the TCP segment and can be set to 0 (off) or 1 (on)

TCP flag

A logical component of a TCP connection that can be assigned to a process that requires network connectivity

port

Fast but unreliable delivery protocol that operates at the Transport layer

UDP

A protocol where the sender doesn't send any data to the destination node until the destination node acknowledges that it's listening to the sender

Connection-oriented protocol

A 32-bit number that tracks packets received by a node and allows reassembling large packets that have been broken up into smaller packets

ISN

A protocol that does not need to verify whether the receiver is listening or ready to accept the packets

Connectionless protocol

A common language used so computers can communicate with one another

Protocol

A TCP/IP process that is used to establish a connection before data is sent

Three-way handshake

An octal digit can be represented with only three bits because the largest digit in octal is seven.

True

In the TCP/IP stack, the Transport layer includes network services and client software.

False

What protocol is the most widely used and allows all computers on a network to communicate and function correctly?

TCP/IP

What does the acronym TCP represent?

Transmission Control Protocol

In the TCP/IP stack, what layer is concerned with physically moving bits across the network's medium?

Network

What layer protocols operate as the front end to the lower-layer protocols in the TCP/IP stack?

Application

What type of network attack relies on guessing a TCP header's initial sequence number, or ISN?

Session hijacking

What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity?

Port

What port is typically reserved and utilized by the Secure Hypertext Transfer Protocol to create a secure connection to a Web server?

443

What layer, in the TCP/IP protocol stack, is responsible for encapsulating data into segments?

Transport layer

What connection-oriented protocol is utilized by the Transport layer?

TCP

What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets?

ISN

What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?

UDP

What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?

ICMP

What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?

127 address

What IPv4 address class has the IP address 221.1.2.3?

Class C

What is the decimal equivalent of the binary number 11000001?

193

What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail?

Virus

What type of virus is used to lock a user's system, or cloud accounts until the system's owner complies by paying the attacker a monetary fee?

Ransomware

hich type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file?

Macro

A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following?

Worm

What type of malicious computer programs present themselves as useful computer programs or applications?

Trojan programs

Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect?

Rootkit

Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing?

Backdoor

Which of the following sometimes displays a banner that notifies the user of its presence?

Adware

If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use?

Spyware

Which type of program can mitigate some risks associated with malware?

Antivirus

In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use.

True

A DDoS attack is launched against a host from a single server or workstation.

False

A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker?

Social engineering

What type of attack causes the victim's computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes?

Ping of Death

When a programmer exploits written code that doesn't check for a defined amount of memory space they are executing which of the following attacks?

Buffer overflow

Which type of attack cripples the network and prevents legitimate users from accessing network resources?

Denial-of-Service

When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following?

Zombies

What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?

Eavesdropping

What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system?

Keyloggers

Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?

Signatures

What is the passive process of finding information on a company's network called?

Footprinting

What tool can be used to read and write data to ports over a network?

Netcat

Which utility is used to gather IP and domain information?

Whois

When an individual attempts to discover as much information legally possible about their competition, what information gathering technique are they performing?

Competitive intelligence

Wget is a *nix system command that can be used to retrieve HTTP, HTTPS, and FTP files over the Internet.

True

Walking is an automated way to discover pages of a Web site by following links.

False

Network attacks can often begin by gathering information from a company's Web site.

True

The HTTP CONNECT method starts a remote application-layer loopback of the request message.

False

Which of the following is a text file generated by a Web server and stored on a user's browser?

Cookie

Which technique can be used to read PINs entered at ATMs or at other areas when a pin code is entered?

Shoulder surfing

Which process utilizes the knowledge of human nature to get information from people to use for executing an attack on a computer network?

Social engineering

What 1-pixel x 1-pixel image file is referenced in an tag, and usually works with a cookie to collect informationabout the person visiting the Website?

Web bug

Which type of social engineering attack attempts to discover personal information through the use of email?

Phishing

What social engineering tactic can be utilized to acquire old notes that may contain written passwords or other items that document important information?

Dumpster diving

What tactic is being used when an attacker trailing closely behind an employee enters a restricted area without any security credentials by utilizing their proximity to another employee with security clearance?

Piggybacking

When an attacker chooses to combine social engineering with exploiting vulnerabilities carried out by e-mail, what type of attack is being performed?

Spear phishing

What type of general commands allow a security tester to pull information from a Web server using a web browser?

HTTP

To see additional parameters that can be used with the Netcat command, what should you type at the command prompt?

nc -h

Which process enables you to see all the host computers on a network and basically give you a diagram of an organization's network?

Zone transfers

What utility can be used to intercept detailed information from a company's Web site?

Zed Attack Proxy

To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to perform what procedure on a range of IP addresses?

Ping

In any *NIX system, after saving a script named "script_name," you need to make it executable so that you can run it. Which command will accomplish this task from the command line?

chmod +x script_name

Port scanning is a method of finding out which services a host computer offers.

True

You can search for vulnerabilities in a host computer by using a port-scanning tool.

True

An open port allows access to specific applications and cannot be vulnerable to attack.

False

In a NULL scan, all packet flags are turned on.

False

Attackers typically use ACK scans to get past a firewall or other filtering devices.

True

What network security tool, usually included with Kali Linux, allows a user to ping multiple IP addresses?

Fping

Which of the following describes a flexible program that automates a task that takes too much time to perform manually?

Customized script

Which of the following describes a text file containing multiple commands that would usually be entered manually at the command prompt?

Script

In a Linux script, which of the lines is important because it identifies the file as a script?

!#/bin/sh

In a normal TCP session, the sender sends a packet to another computer with which of the following flags set?

SYN flag

Closed ports respond to a NULL scan with what type of packet?

RST