Introduction to Ethical Hacking Practice Questions and Correct Answers
1 view 0 purchase
Course
Ethical Hacking
Institution
Ethical Hacking
What is Hack Value? Refers to whether or not a target is worth attacking. If the possible gain of an attack is greater than the time spent and the resources expended, then it has hack value.
What is a Vulnerability? A vulnerability is a weakness which can compromise a system and be exploited in an...
Introduction to Ethical Hacking Practice
Questions and Correct Answers
What is Hack Value? ✅Refers to whether or not a target is worth attacking. If the
possible gain of an attack is greater than the time spent and the resources expended,
then it has hack value.
What is a Vulnerability? ✅A vulnerability is a weakness which can compromise a
system and be exploited in an attack.
What is an Exploit? ✅An exploit is a piece of code which takes advantage of an
identified vulnerability to deliver a payload.
What is a Payload? ✅A payload is malicious code that is executed through an exploit.
What is a Zero-day Attack? ✅"Zero-day" refers to a vulnerability that hasn't been
discovered by the vendor.
- If a hacker discovers this vulnerability and exploits it, then that is defined as a zero-day
attack.
- Even if the vendor becomes aware of the vulnerability, the zero-day attack can still
take place so long as the vendor does not release a patch.
What is Daisy-chaining? ✅Daisy chaining is an attack in which hackers gain access to
one computer or network and then use that computer to access the next computer or
network.
What is Doxing? ✅Doxing refers to acquiring and publishing a person's personal
information.
- Can be used as a form of blackmail
What is a Bot? ✅Bots are malicious programs used by hackers to control machines
they've successfully infected.
- Hackers usually use bots on multiple machines, creating a botnet which then they can
use for ddos attacks.
What is Information Security? ✅Information security refers to a set of processes and
activities performed in order to protect information. The main objective is to prevent
unauthorized users from stealing or misusing information or services.
What are the five elements of information security? ✅1. Confidentiality
2. Integrity
3. Availability
4. Authenticity
,5. Non-repudiation
What does Confidentiality ensure? ✅Confidentiality ensures that the information is
available ONLY to people who have the authorization to access it.
What does Integrity ensure? ✅Integrity ensures the accuracy of the information. Using
hashing helps in keeping the integrity of information.
What does Availability ensure? ✅Availability ensures that the resources are available
whenever the authorized user needs them.
What does Authenticity ensure? ✅Authenticity ensures that users are actually who
they present themselves to be, or that the document or information presented is not
corrupted.
- i.e. does not just ensure the authenticity of the user, but also that of the information
What does Non-repudiation ensure? ✅Non-repudiation ensures that a person cannot
deny the authenticity of their signature on a document or a message sent by them
What is Functionality? ✅Functionality refers to the features of the system.
- i.e. what the system is capable of doing.
What is usability? ✅Usability refers to the GUI (Graphical User Interface) of the system
and how user friendly it is.
- i.e. ease of use.
What is security? ✅Security refers to how processes of the system are used and who
is using them.
- i.e. what is authorized to be done within the system, and who is authorized to do those
things.
What is GUI? ✅Graphical User Interface is a form of user interface that allows users to
interact with electronic devices through graphical icons and audio indicator such as
primary notation, instead of text-based user interfaces, typed command labels or text
navigation. GUIs were introduced in reaction to the perceived steep learning curve of
command-line interfaces (CLIs), which require commands to be typed on a computer
keyboards.
- i.e. funny bright buttons so that we wee brained hominids can talk to computers easier
What is the difference between a threat and an attack? ✅- A security threat refers to
anything that has a potential of causing damage to a system.
- A security attack refers to an attempt to gain unauthorized access to a system or
network.
, What are the motives behind security attacks? ✅Motive comes from the thought that a
system has valuable information stored and as such is a potential target for an attack.
- I'm not sure if this applies to dos attacks, though. they said revenge was a motive a hot
while ago, so I dunnoooo.
What are the most common motives behind cyber attacks? ✅1. Interrupting the flow of
business activities and processes
2. Stealing valuable information
3. Data manipulation
4. Stealing money and important financial information
5. Revenge
6. Ransom
What are the three components of a cyber attack? ✅1. Motive
2. Vulnerability
3. Exploit
What are attack vectors? ✅Attack vectors are means by which hackers deliver a
payload to systems and networks.
What are the most common attack vectors? ✅1. Cloud Computing Threats
2. Advanced Persistent Threats
3. Viruses and Worms, Ransomware
4. Mobile Threats
5. Botnets
6. Insider attacks
7. Phishing
8. Web Application Threats
9. IoT Threats
What are Cloud Computing Threats? ✅Cloud Computing Threats include stealing
information from other cloud users, data loss, and attack on sensitive information.
What are Advanced Persistent Threats? ✅Refer to stealing information without the
target being aware of the attack.
What are Viruses and Worms? ✅Viruses and worms replicate themselves to programs
and documents on the victim machine.
- Worms are capable of infecting systems and networks in a matter of seconds,
whereas viruses require someone to transfer an infected file from their machine to
another in order for that machine to become infected.
- Worms transfer themselves to machines via the local network.
What are the key differences between a virus and a worm? ✅- In order for a virus to
spread, it requires a person to transfer an infected file from their computer to another. A
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller twishfrancis. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.
