Ethical Hacking Final Exam Study Guide with Questions and Correct Answers
2 views 0 purchase
Course
Ethical Hacking
Institution
Ethical Hacking
Which of the following is a non-profit organization that is in favor of hacking in the traditional sense and advocates for the expression of electronic freedom? a) Freetonic b) Free Internet c) Electronic Frontier Foundation d) Anonymous Electronic Frontier Foundation
is considered a hacktivist gr...
Ethical Hacking Final Exam Study Guide
with Questions and Correct Answers
Which of the following is a non-profit organization that is in favor of hacking in the
traditional sense and advocates for the expression of electronic freedom?
a) Freetonic
b) Free Internet
c) Electronic Frontier Foundation
d) Anonymous ✅Electronic Frontier Foundation
is considered a hacktivist group.
a) Skids
b) Free Internet
c) Hack Justice
d) WikiLeaks ✅WikiLeaks
For the U.S. Department of Justice, which of the following is not treated the same with
regard to the law for combatting cybercrimes because their activities may not break the
law?
a) Hackers
b) Crackers
c) Packet monkeys
d) None of the above ✅None of the above
Which of the following is not considered a type of social engineering activity that an
ethical hacking can conduct?
a) Sending phishing email to a company's employees.
b) Making phone calls targeting a company's employees in attempt to test the likelihood
that some of them may give away login credentials
c) Using the kindness card when talking to a company's employees in an attempt make
them comfortable and reveal secrets that may jeopardize the company's network
security
d) Contacting companies' employees through social media to establish trust with the
goal of getting them to reveal sensitive information
e) None of the above ✅None of the above
Analyzing computer programs manually trying to discover bad programming that is done
without security in mind is part of what ethical hackers do.
a) True
b) False ✅True
This is called code review.
Which of the following should be used to scan a Windows-based computer in order to
generate a report showing the applications installed and the potential exposures?
, a) Netsparker
b) AirCrack
c) MBSA
d) All of the above ✅MBSA
Netsparker is a scanner for scanning Web applications for vulnerabilities. AirCrack is
packet sniffer a key cracking tool for wireless networks.
Which of the following is typically automated using computer-based tools? (Choose the
best answer?
a) A Security test
b) A penetration test
c) A vulnerability assessment
d) Shoulder surfing ✅A vulnerability assessment
Vulnerability assessment is an activity that security testers conduct in order to know
about potential systems' vulnerabilities before engaging in their testing. Penetration
testing involves probing or attacking a system in order to exploit potential vulnerabilities.
One of the differences between penetration testing and security testing is that security
testing involves analyzing a company's security policies in order to find potential
weaknesses that may jeopardize security.
Which of the following may not be included in a penetration test report?
a) How risks of exploiting exposures are rated
b) Recommendations about dealing with potential exposures
c) Technical details about vulnerabilities, and possible mitigation options
d) Details about attacks conducted
e) None of the above ✅None of the above
A ________________________ can help determine that a company's specific security
procedures are not implemented.
a) Penetration testing
b) Security testing
c) Vulnerability assessment
d) Only a and b ✅Security testing
An ethical hacker can launch a denial of service attack against a company's server.
a) True
b) False ✅True
During the last few months, almost all of InfoSec Inc.'s computers have been infected by
a malicious piece of software called Mytob. The malware was able to harvest email
addresses from the Windows address book. The malware primarily spread using its own
SMTP email engine. Mytob has the potential of deleting files on the infected computers
and seriously slowing down communication on the network by consuming the victims'
processing capacity. Which of the following best describes this malware?
a) A DoS attack
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller twishfrancis. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.
