Ethical Hacking Midterm Exam with Verified Solutions

Ethical Hacking Midterm Exam with Verified Solutions The U.S. Department of Justice defines a hacker as which of the following? - Answer -A person who accesses a computer or network without the owner's permission A penetration tester is which of the following? - Answer -A security professional who's hired to hack into a network to discover vulnerabilities Some experienced hackers refer to inexperienced hackers who copy or use prewritten scripts or programs as which of the following? (Choose all that apply.) - Answer -Packet monkeys Script kiddies What three models do penetration or security testers use to conduct tests? - Answer -white box black box gray box A team composed of people with varied skills who attempt to penetrate a network is referred to as which of the following? - Answer -Red team How can you find out which computer crime laws are applicable in your state? - Answer -Contact your local law enforcement agencies What portion of your ISP contract might affect your ability to conduct a penetration test over the Internet? - Answer -Acceptable use policy If you run a program in New York City that uses network resources to the extent that a user is denied access to them, what type of law have you violated? - Answer -Federal Which federal law prohibits unauthorized access of classified information? - Answer -Computer Fraud and Abuse Act, Title 18 Which federal law prohibits intercepting any communication, regardless of how it was transmitted? - Answer -Electronic Communication Privacy ActWhich federal law amended Chapter 119 of Title 18, U.S. Code? - Answer -U.S. Patriot Act, Sec. 217: Interception of Computer Trespasser Communications To determine whether scanning is illegal in your area, you should do which of the following? - Answer - Refer to state laws What organization offers the Certified Ethical Hacker (CEH) certification exam? - Answer -EC-Council What organization designates a person as a CISSP? - Answer -International Information Systems Security Certification Consortium (ISC2) What is an OSCP? - Answer -Offensive Security Certified Professional As a security tester, what should you do before installing hacking software on your computer? - Answer - Check with local law enforcement agencies Before using hacking software over the Internet, you should contact which of the following? (Choose all that apply.) - Answer -Your ISP Local law enforcement authorities to check for compliance Which organization issues the Top 20 list of current network vulnerabilities? - Answer -SANS Institute A written contract isn't necessary when a friend recommends a client.