Ethical Hacking and Countermeasures Study Guide Questions
Course Introduction
This course provides a comprehensive overview of ethical hacking concepts, tools, and methodologies used to assess and fortify the security of information systems. Students will learn about various types of cyber-attacks, vulnerabilities, and penetration testing techniques, with an emphasis on legal and ethical considerations. The curriculum includes hands-on labs where learners simulate real-world attacks to identify weaknesses and practice implementing effective countermeasures. By the end of the course, students will be equipped to evaluate security posture, defend against common threats, and adhere to industry standards and best practices in ethical hacking.
Recommended Textbook
Computer Security Principles and Practice 2nd Edition by William Stallings
Available Study Resources on Quizplus
24 Chapters
1078 Verified Questions
1078 Flashcards
Source URL: https://quizplus.com/study-set/3971 Page 2
Chapter 1: Computer Systems Overview
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79799
Sample Questions
Q1) A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations,organizational assets,or individuals.
A)low
B)moderate
C)normal
D)high
Answer: D
Q2) Masquerade,falsification,and repudiation are threat actions that cause __________ threat consequences.
A)unauthorized disclosure
B)disruption
C)deception
D)usurpation
Answer: C
Q3) Computer security is protection of the integrity,availability,and confidentiality of information system resources.
A)True
B)False
Answer: True
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Cryptographic Tools
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79788
Sample Questions
Q1) Like the MAC,a hash function also takes a secret key as input.
A)True
B)False
Answer: False
Q2) On average,__________ of all possible keys must be tried in order to achieve success with a brute-force attack.
A)one-fourth
B)half
C)two-thirds
D)three-fourths
Answer: B
Q3) A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key.
A)digital signature
B)keystream
C)one way hash function
D)secret key
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: User Authentication
Available Study Resources on Quizplus for this Chatper
44 Verified Questions
44 Flashcards
Source URL: https://quizplus.com/quiz/79782
Sample Questions
Q1) The most common means of human-to-human identification are __________.
A)facial characteristics
B)retinal patterns
C)signatures
D)fingerprints
Answer: A
Q2) Memory cards store and process data.
A)True
B)False
Answer: False
Q3) Each individual who is to be included in the database of authorized users must first be __________ in the system.
A)verified
B)identified
C)authenticated
D)enrolled
Answer: D
Q4) A host generated random number is often called a __________.
Answer: nonce
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Access Control
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79781
Sample Questions
Q1) A __________ is a mapping between a user and an activated subset of the set of roles to which the user is assigned.
Q2) An access right describes the way in which a subject may access an object.
A)True
B)False
Q3) The __________ functions include the following: create a user session with a default set of active roles; add an active role to a session; delete a role from a session; and check if the session subject has permission to perform a request operation on an object.
Q4) __________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.
A)Audit control
B)Resource control
C)System control
D)Access control
Q5) The default set of rights should always follow the rule of least privilege or read-only access
A)True
B)False
6
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Database Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79780
Sample Questions
Q1) In a ___________ administration a small number of privileged users may grant and revoke access rights.
Q2) SQL Server allows users to create roles that can then be assigned access rights to portions of the database.
A)True
B)False
Q3) A __________ database is one that provides data of a statistical nature such as counts and averages.
Q4) In addition to granting and revoking access rights to a table,in a ___________ administration the owner of the table may grant and revoke authorization rights to other users,allowing them to grant and revoke access rights to the table.
Q5) To create a relationship between two tables,the attributes that define the primary key in one table must appear as attributes in another table,where they are referred to as a foreign key.
A)True B)False
Q6) Fixed server roles operate at the level of an individual database. A)True
B)False
7
To view all questions and flashcards with answers, click on the resource link above.
Chapter 6: Malicious Software
Available Study Resources on Quizplus for this Chatper
44 Verified Questions
44 Flashcards
Source URL: https://quizplus.com/quiz/79779
Sample Questions
Q1) Countermeasures for malware are generally known as _________ mechanisms because they were first developed to specifically target virus infections.
Q2) __________ will integrate with the operating system of a host computer and monitor program behavior in real time for malicious actions.
A)Fingerprint-based scanners
B)Behavior-blocking software
C)Generic decryption technology
D)Heuristic scanners
Q3) A bot propagates itself and activates itself,whereas a worm is initially controlled from some central facility.
A)True
B)False
Q4) Developed by IBM and refined by Symantec,the __________ provides a malware detection system that will automatically capture,analyze,add detection and shielding,or remove new malware and pass information about it to client systems so the malware can be detected before it is allowed to run elsewhere.
Q5) The four phases of a typical virus are: dormant phase,triggering phase,execution phase and __________ phase.
To view all questions and flashcards with answers, click on the resource link above.
Page 8
Chapter 7: Denial-Of-Service Attacks
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79778
Sample Questions
Q1) A DoS attack targeting application resources typically aims to overload or crash its network handling software.
A)True
B)False
Q2) The attacker needs access to a high-volume network connection for a SYN spoof attack.
A)True
B)False
Q3) The ______ attacks the ability of a network server to respond to TCP connection requests by overflowing the tables used to manage such connections.
A)DNS amplification attack
B)SYN spoofing attack
C)basic flooding attack
D)poison packet attack
Q4) ______ attacks are a variant of reflector attacks and also involve sending a packet with a spoofed source address for the target system to intermediaries.
Q5) The standard protocol used for call setup in VoIP is the ________ Protocol.
Q6) A _______ flood refers to an attack that bombards Web servers with HTTP requests.
To view all questions and flashcards with answers, click on the resource link above. Page 9
Chapter 8: Intrusion Detection
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79777
Sample Questions
Q1) _________ involves the collection of data relating to the behavior of legitimate users over a period of time.
A)Profile based detection
B)Signature detection
C)Threshold detection
D)Anomaly detection
Q2) The IDS component responsible for collecting data is the user interface.
A)True
B)False
Q3) Anomaly detection is effective against misfeasors.
A)True
B)False
Q4) The _________ (RFC 4766)document defines requirements for the Intrusion Detection Message Exchange Format (IDMEF).
Q5) _________ are among the most difficult to detect and prevent.
A)Organized groups of hackers
B)Insider attacks
C)Outsider attacks
D)Crackers
Q6) The three classes of intruders are masquerader,clandestine user and _________.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Firewalls and Intrusion Prevention Systems
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79776
Sample Questions
Q1) _________ control determines the direction in which particular service requests may be initiated and allowed to flow through the firewall.
A)Behavior
B)User
C)Direction
D)Service
Q2) ________ control controls access to a service according to which user is attempting to access it.
A)User
B)Direction
C)Service
D)Behavior
Q3) The countermeasure to tiny fragment attacks is to discard packets with an inside source address if the packet arrives on an external interface.
A)True
B)False
Q4) A __________ firewall controls the traffic between a personal computer or workstation on one side and the Internet or enterprise network on the other side.
Q5) Snort Inline adds three new rule types: drop,reject,and _________.
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Buffer Overflow
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79798
Sample Questions
Q1) The JAVA programming language is extremely vulnerable to buffer overflows.
A)True
B)False
Q2) Several of the items in the CWE/SANS Top 25 Most Dangerous Software Errors list,Risky Resource Management category,are buffer overflow variants.
A)True
B)False
Q3) In 2004 the ________ exploited a buffer overflow in Microsoft Windows 2000/XP Local Security Authority Subsystem Service.
A)Morris Internet Worm
B)Code Red Worm
C)Sasser Worm
D)Slammer Worm
Q4) The function of the _______ was to transfer control to a user command line interpreter that gave access to any program available on the system with the privileges of the attacked program.
Q5) ______ defenses aim to harden programs to resist attacks in new programs.
Page 12
Q6) _______ defenses aim to detect and abort attacking existing programs.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 11: Software Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79797
Sample Questions
Q1) Two key areas of concern for any input are the _______ of the input and the meaning and interpretation of the input.
Q2) The process of transforming input data that involves replacing alternate,equivalent encodings by one common value is called _________.
Q3) Program input data may be broadly classified as textual or ______.
Q4) A _________ attack occurs when the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.
A)command injection
B)SQL injection
C)code injection
D)PHP remote code injection
Q5) A ________ occurs when multiple processes and threads compete to gain uncontrolled access to some resource.
Q6) In the ________ attack the user supplied input is used to construct a SQL request to retrieve information from a database.
Q7) The major advantage of ________ is its simplicity and its freedom from assumptions about the expected input to any program,service,or function.
Page 13
To view all questions and flashcards with answers, click on the resource link above.
Chapter 12: Operating System Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79796
Sample Questions
Q1) Unix and Linux systems use a ________ which restricts the server's view of the file system to just a specified portion.
Q2) Configuration information in Windows systems is centralized in the _______,which forms a database of keys and values.
Q3) Security concerns that result from the use of virtualized systems include ______.
A)guest OS isolation
B)guest OS monitoring by the hypervisor
C)virtualized environment security
D)all of the above
Q4) ______ virtualization systems are typically seen in servers,with the goal of improving the execution efficiency of the hardware.
Q5) Lower layer security does not impact upper layers.
A)True
B)False
Q6) Most large software systems do not have security weaknesses.
A)True
B)False
Q7) System security begins with the installation of the ________.
Page 14
To view all questions and flashcards with answers, click on the resource link above.
Chapter 13: Trusted Computing and Multilevel Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79795
Sample Questions
Q1) A subject can exercise only accesses for which it has the necessary authorization and which satisfy the MAC rules.
A)True
B)False
Q2) Problems with providing strong computer security involve only the design phase.
A)True
B)False
Q3) The _________ Model was developed for commercial applications in which conflicts of interest can arise.
A)Biba
B)Clark-Wilson Integrity
C)Bell-Lapadula
D)Chinese Wall
Q4) The ________ is the government agency that monitors the evaluation process.
A)sponsor
B)certifier
C)evaluator
D)developer
Q5) "No read up" is also referred to as the _________ property.
To view all questions and flashcards with answers, click on the resource link above. Page 15
Chapter 14: It Security Management and Risk Assessment
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79794
Sample Questions
Q1) A(n)_________ is a weakness in an asset or group of assets that can be exploited by one or more threats.
Q2) The __________ approach to risk assessment aims to implement a basic general level of security controls on systems using baseline documents,codes of practice,and industry best practice.
Q3) The level of risk the organization views as acceptable is the organization's __________.
Q4) A(n)_________ is anything that has value to the organization.
Q5) The four approaches to identifying and mitigating risks to an organization's IT infrastructure are: baseline approach,detailed risk analysis,combined approach,and __________ approach.
Q6) The assignment of responsibilities relating to the management of IT security and the organizational infrastructure is not addressed in a corporate security policy.
A)True
B)False
Q7) ISO details a model process for managing information security that comprises the following steps: plan,do,________,and act.
To view all questions and flashcards with answers, click on the resource link above. Page 16
Q8) Not proceeding with the activity or system that creates the risk is _________.
Chapter 15: It Security Controls, plans, and Procedures
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79793
Sample Questions
Q1) The recommended controls need to be compatible with the organization's systems and policies.
A)True
B)False
Q2) _______ controls focus on security policies,planning,guidelines,and standards that influence the selection of operational and technical controls to reduce the risk of loss and to protect the organization's mission.
A)Management
B)Technical
C)Preventative
D)Supportive
Q3) The follow-up stage of the management process includes _________.
A)maintenance of security controls
B)security compliance checking
C)incident handling
D)all of the above
Q4) Controls can be classified as belonging to one of the following classes: management controls,operational controls,technical controls,detection and recovery controls,preventative controls,and _______ controls.
To view all questions and flashcards with answers, click on the resource link above. Page 17
Chapter 16: Physical and Infrastructure Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79792
Sample Questions
Q1) ________ threats are specifically designed to overcome prevention measures and seek the most vulnerable point of attack.
A)Human-caused
B)Technical
C)EMI
D)Environmental
Q2) Relative humidity should be maintained between ________ to avoid the threats from both low and high humidity.
A)20% and 80%
B)40% and 60%
C)50% and 50%
D)30% and 70%
Q3) A person that becomes statically charged can damage electronic equipment by an electric discharge.
A)True
B)False
Q4) An _______ condition occurs when the IS equipment receives less voltage than is required for normal operation.
Q5) The most essential element of recovery from physical security breaches is ____.
To view all questions and flashcards with answers, click on the resource link above. Page 18
Chapter 17: Human Resources Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79791
Sample Questions
Q1) To emphasize the importance of security awareness,an organization should have a security awareness policy document that is provided to all employees.
A)True
B)False
Q2) ________ need training on the development of risk management goals,means of measurement,and the need to lead by example in the area of security awareness.
A)Executives
B)Analysts
C)Managers
D)Trainers
Q3) A _______ policy states that the company may access,monitor,intercept,block access,inspect,copy,disclose,use,destroy,or recover using computer forensics any data covered by this policy.
A)standard of conduct
B)unlawful activity prohibited
C)company rights
D)business use only
To view all questions and flashcards with answers, click on the resource link above.
19
Chapter 18: Security Auditing
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79790
Sample Questions
Q1) Applications,especially applications with a certain level of privilege, present security problems that may not be captured by system-level or user-level auditing data.
A)True
B)False
Q2) According to ISO 27002,the person(s)carrying out the audit should be independent of the activities audited.
A)True
B)False
Q3) ______ is the identification of data that exceed a particular baseline value.
A)Anomaly detection
B)Real-time analysis
C)Thresholding
D)All of the above
Q4) _________ is a form of auditing that focuses on the security of an organization's IS assets.
Q5) SIEM software has two general configuration approaches: agentless and ______.
Q6) Windows is equipped with three types of event logs: system event log,security event log,and ________ event log.
To view all questions and flashcards with answers, click on the resource link above. Page 20
Q7) ______ is the process of defining normal versus unusual events and patterns.
Chapter 19: Legal and Ethical Aspects
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79789
Sample Questions
Q1) ______ is intended to permit others to perform,show,quote,copy,and otherwise distribute portions of the work for certain purposes.
A)Reverse engineering
B)Personal privacy
C)Fair use
D)Encryption research
Q2) An example of a patent from the computer security realm is the RSA public-key cryptosystem.
A)True
B)False
Q3) _____ strengthens the protection of copyrighted materials in digital format.
A)HIPPA
B)DMCA
C)WIPO
D)DRM
Q4) _______ or cybercrime,is a term used broadly to describe criminal activity in which computers or computer networks are a tool,a target,or a place of criminal activity.
Q5) Privacy is broken down into four major areas: anonymity,unlinkability,unobservability,and _________.
To view all questions and flashcards with answers, click on the resource link above. Page 21
Chapter 20: Symmetric Encryption and Message
Confidentiality
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79787
Sample Questions
Q1) With ______ encryption each vulnerable communications link is equipped on both ends with an encryption device.
Q2) For general-purpose stream-oriented transmission you would typically use _______ mode.
A)CTR
B)CFB
C)ECB
D)CBC
Q3) For general-purpose block-oriented transmission you would typically use _______ mode.
A)CBC
B)CTR
C)CFB
D)OFB
Q4) Public-key encryption was developed in the late ________.
A)1950s
B)1970s
C)1960s
D)1980s
Q5) The three most important symmetric block ciphers are: 3DES,AES,and _____.
To view all questions and flashcards with answers, click on the resource link above. Page 22
Chapter 21: Public-Key Cryptography and Message
Authentication
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79786
Sample Questions
Q1) The purpose of the algorithm is to enable two users to exchange a __________ securely that can then be used for subsequent encryption of messages.
Q2) The _________ attack exploits the common use of a modular exponentiation algorithm in RSA encryption and decryption,but can be adapted to work with any implementation that does not run in fixed time.
A)mathematical
B)timing
C)chosen ciphertext
D)brute-force
Q3) The __________ uses an algorithm that is designed to provide only the digital signature function and cannot be used for encryption or key exchange.
A)ECC
B)RSA
C)DSS
D)XOR
Q4) If speed is a concern,it is fully acceptable to use _________ rather than SHA as the embedded hash function for HMAC.
Q5) NIST has published FIPS PUB 186,which is known as the ___________.
Page 23
To view all questions and flashcards with answers, click on the resource link above.
Chapter 22: Internet Security Protocols and Standards
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79785
Sample Questions
Q1) The default algorithms used for signing S/MIME messages are SHA-1 and the
Q2) MIME provides the ability to sign and/or encrypt e-mail messages.
A)True
B)False
Q3) SMTP is used between the message user agent and the mail submission agent.
A)True
B)False
Q4) _________ is a specification for cryptographically signing e-mail messages,permitting a signing domain to claim responsibility for a message in the mail stream.
Q5) The _________ is used to convey SSL-related alerts to the peer entity.
Q6) Transport mode provides protection primarily for lower-layer protocols.
A)True
B)False
Q7) A message store cannot be located on the same machine as the MUA.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 24
Chapter 23: Internet Authentication Applications
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79784
Sample Questions
Q1) An alternative to each server being required to confirm identities of clients who request service is to use an _______ that knows the passwords of all users and stores them in a centralized database.
Q2) _______ is movement of data in a business process.
A)Provisioning
B)Workflow automation
C)Revocation
D)Initialization
Q3) A software utility initially developed at MIT and available both in the public domain and in commercially supported versions,________ is the defacto standard for remote authentication.
Q4) In Kerberos,the ___________ decrypts the ticket and authenticator,verifies the request,and creates ticket for requested server.
Q5) An obvious security risk is that of impersonation.
A)True
B)False
Q6) ________ allows end entities to restore their encryption/decryption key pair from an authorized key backup facility.
Q7) In a generic identity management architecture a ________ is an identity holder.
Page 25
To view all questions and flashcards with answers, click on the resource link above.
Chapter 24: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/79783
Sample Questions
Q1) Like TKIP,CCMP provides two services: message integrity and ________.
Q2) At the top level of the group key hierarchy is the ___________.
Q3) WPA2 incorporates all of the features of the IEEE 802.11i WLAN security specifications.
A)True
B)False
Q4) The final form of the 802.11i standard is referred to as ________.
A)WEP
B)RSN
C)Wi-Fi
D)WPA
Q5) The MAC service data unit contains any protocol control information needed for the functioning of the MAC protocol.
A)True
B)False
Q6) The principal threats to wireless transmission are disruption,_____________,and altering or inserting messages.
Q7) The 802.11i RSN security specification defines the following services: authentication,privacy with message integrity,and ________.
To view all questions and flashcards with answers, click on the resource link above. Page 26