Ethical Hacking Chapter 1 Questions fully solved

Ethical Hacking Chapter 1 QuestionsPenetration-Testing Methodologies - correct answer 1. Black Box 2. White Box 3. Gray Box Computer Fraud Abuse Act - correct answer This law makes it a federal crime to access classified information or financial information without authorization. CAN-SPAM Act - correct answer Anti spam Electronic Communication Privacy Act - correct answer These laws make it illegal to intercept any communication, regardless of how it was transmitted. Certified Ethical Hacker (CEH) - correct answer A certification designated by the EC-Council. Certified Information Systems Security Professional (CISSP) - correct answer Non-vendor-specific, certification issued by the International Information Systems Security Certification Consortium Inc. (ISC2) crackers - correct answer Hackers who break into systems with the intent of doing harm or destroying data. ethical hackers - correct answer Users who attempt to break into a computer system or network with the owner's permission. Global Information Assurance Certification (GIAC) - correct answer An organization founded by the SANS Institute in 1999 to validate the skills of security professionals. GIAC certifications encompass many areas of expertise in the security field. gray box model - correct answer A hybrid of the black box and white box models for penetration testing. In other words - correct answer the company might give a tester some information about which OSs are running but not provide any network topology information (diagrams of routers, switched, switches, intrusion detection systems firewalls, and so forth). hacker - correct answer A user who attempts to break into a computer system or network without authorization fromt he owner Institute for Security and Open Methodologies (ISECOM) - correct answer A nonprofit organization that provides training and certification programs for security professionals. Open Source Security Testing Methodology Manual (OSSTMM) - correct answer This security manual developed by Peter Herzog has become one of the most widely used security-testing methodologies to date. OSSTMM Professional Security Tester (OPST) - correct answer An ISECOM-designated certification for penetration and security testers. See also Institute for Security and Open Methodologies (ISECOM). Packet monkeys - correct answer A derogatory term for unskilled crackers or hackers who steal program code and use it to hack into network systems instead of creating the programs themselves. penetration test - correct answer In this test a security professional performs an attack on a network with permission from the owner to discover vulnerabilities; penetration testers are also called ethical hackers. red team - correct answer A group of penetration testers who work together to break into a network. script kiddies - correct answer Similar to packet monkeys, a term for unskilled hackers or crackers who use scripts or programs written by others to penetrate networks. security test - correct answer In this test, security professionals do more than attempt to break into a