Intro To Ethical Hacking Exam with Correct Solutions 2024/2025

Intro To Ethical Hacking Exam with Correct Solutions 2024 Confidentiality - Answer -Confidentiality Confidentiality is the assurance that the information is accessible only to those who are authorized to have access. Confidentiality breaches may occur due to improper data handling or a hacking attempt. Confidentiality controls include data classification, data encryption, and proper equipment disposal (i.e. of DVDs, CDs, etc.). integrity - Answer -Integrity Integrity is the trustworthiness of data or resources in the prevention of improper and unauthorized changes—the assurance that information is sufficiently accurate for its purpose. Measures to maintain data integrity may include a checksum (a number produced by a mathematical function to verify that a given block of data is not changed) and access control (which ensures that only the authorized people can update, add, and delete data to protect its integrity). Availability - Answer -Availability Availability is the assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users. Measures to maintain data availability can include redundant systems' disk arrays and clustered machines, antivirus software to stop malware from destroying networks, and distributed denial-of-service (DDoS) prevention systems. Authenticity - Answer -Authenticity Authenticity refers to the characteristic of a communication, document, or any data that ensures the quality of being genuine or uncorrupted. The major role of authentication is to confirm that a user is genuine, one who he / she claims to be. Controls such as biometrics, smart cards, and digital certificates ensure the authenticity of data, transactions, communications, or documents. Non repudiation - Answer -Non-Repudiation Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message, and that the recipient cannot deny having received the message. Individuals and organization use digital signatures to ensure non-repudiation. Facilitating the rise of scrip kiddies - Answer -The ease with which system vulnerabilities can be exploited has increased while the knowledge curve required to perform such exploits has decreased. The concept of the elite "super attacker" is an illusion. However, the fast-evolving genre of "script kiddies" is a growing threat.Level of security in any system can be defined by the strength of three components: - Answer - Functionality: The set of features provided by the system. Usability: The GUI components used to design the system for ease of use. Security: Restrictions imposed on accessing the components of the system. The relationship between these three components is demonstrated by using a triangle because increase or decrease in any one of the component automatically affects the other two components. Moving the ball towards any of the three components means decreasing the intensity of other two components. Cloud computing threats - Answer -Cloud Computing Threats: Cloud computing is an on-demand delivery of IT capabilities in which IT infrastructure and applications are provided to subscribers as a metered service over a network. Clients can store sensitive information on the cloud. Flaw in one client's application cloud could potentially allow attackers to access another client's data.. Apt - Answer -Advanced Persistent Threats (APT): Advanced Persistent Threat (APT) is an attack that focuses on stealing information from the victim machine without its user being aware of it. These attacks are generally targeted at large companies and government networks. APT attacks are slow in nature, so the effect on computer performance and Internet connections is negligible. APTs exploit vulnerabilities in the applications running on a computer, operating system, and embedded systems. Viruses and worms - Answer -Viruses and Worms: Viruses and worms are the most prevalent networking threats, capable of infecting a network within seconds. A virus is a self-replicating program that produces a copy of itself by attaching to another program, computer boot sector or document. A worm is a malicious program that replicates, executes and spreads across network connections. Viruses make their way into the computer when the attacker shares a malicious file containing it with the victim through the Internet, or through any removable media. Worms enter a network when the victim downloads a malicious file, opens a spam mail or browses a malicious website. Random ware - Answer -Ransomware: Ransomware is a type of a malware, which restricts access to the computer system's files and folders and demands an online ransom payment to the malware creator(s) in order to remove the restrictions. It attachments to email messages, infected software applications, compromised websites.