Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 1: Ethical Hacking Overview

Full screen (f)
exit full mode
Question
What acronym represents the U.S.Department of Justice new branch that addresses computer crime?

A) GIAC
B) OPST
C) CHIP
D) CEH
Use Space or
up arrow
down arrow
to flip the card.
Question
What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM)as its standardized methodology?

A) CEH
B) OPST
C) CISSP
D) GIAC
Question
What subject area is not one of the 22 domains tested during the CEH exam?

A) Sniffers
B) Social engineering
C) Footprinting
D) Trojan hijacking
Question
What security certification did the "The International Council of Electronic Commerce Consultants" (EC-Council)develop?

A) Security+
B) OSSTMM Professional Security Tester (OPST)
C) Certified Information Systems Security Professional (CISSP)
D) Certified Ethical Hacker (CEH)
Question
What type of laws should a penetration tester or student learning hacking techniques be aware of?

A) local
B) state
C) federal
D) all of the above
Question
What term best describes a person who hacks computer systems for political or social reasons?

A) cracktivist
B) hacktivist
C) sniffer
D) script kiddy
Question
What policy,provide by a typical ISP,should be read and understood before performing any port scanning outside of your private network?

A) Port Scanning Policy
B) Acceptable Use Policy
C) ISP Security Policy
D) Hacking Policy
Question
An ethical hacker is a person who performs most of the same activities a hacker does,but with the owner or company's permission.
Question
What penetration model should a company use if they only want to allow the penetration tester(s)partial or incomplete information regarding their network system?

A) gray box
B) white box
C) black box
D) red box
Question
What professional level security certification did the "International Information Systems Security Certification Consortium" (ISC2)develop?

A) Security+
B) OSSTMM Professional Security Tester (OPST)
C) Certified Information Systems Security Professional (CISSP)
D) Certified Ethical Hacker (CEH)
Question
What type of testing procedure involves the tester(s)analyzing the company's security policy and procedures,and reporting any vulnerabilities to management?

A) penetration test
B) security test
C) hacking test
D) ethical hacking test
Question
What specific term does the U.S.Department of Justice use to label all illegal access to computer or network systems?

A) Hacking
B) Cracking
C) Security testing
D) Packet sniffing
Question
What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted?

A) black box
B) white box
C) red box
D) silent box
Question
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system.What type of resource are these penetration testers utilizing?

A) kiddies
B) packets
C) scripts
D) tasks
Question
What penetration model would likely provide a network diagram showing all the company's routers,switches,firewalls,and intrusion detection systems,or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?

A) black box
B) white box
C) red box
D) blue box
Question
Port scanning is a noninvasive,nondestructive,and legal testing procedure that is protected by federal law.
Question
Penetration testers and security testers need technical skills to perform their duties effectively.
Question
As a security tester,you can make a network impenetrable.
Question
What derogatory title do experienced hackers,who are skilled computer operators,give to inexperienced hackers?

A) script kiddies
B) repetition monkeys
C) packet sniffers
D) crackers
Question
Even though the Certified Information Systems Security Professional (CISSP)certification is not geared toward the technical IT professional,it has become one of the standards for many security professionals.
Question
What name is given to people who break into computer systems with the sole purpose to steal or destroy data?

A) packet monkeys
B) crackers
C) script kiddies
D) bots
Question
Why is it a challenge and concern for an ethical hacker to avoid breaking any laws?
Question
In the context of penetration testing,what is the gray box model?
Question
What organization disseminates research documents on computer and network security worldwide at no cost?

A) EC-Council
B) SANS
C) ISECOM
D) ISC2
Question
What common term is used by security testing professionals to describe vulnerabilities in a network?

A) bytes
B) packets
C) bots
D) holes
Question
What is the SANS Institutes "Top 25 Software Errors" list?
Question
What are four different skills a security tester needs to be successful?
Question
If you work for a company as a security professional,you will most likely be placed on a special team that will conduct penetration tests.What is the standard name for a team made up of security professionals?

A) pen team
B) blue team
C) red team
D) security team
Question
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?

A) health
B) technical
C) vulnerability
D) network
Question
What professional security certification requires applicants to demonstrate hands-on abilities to earn their certificate?

A) Offensive Security Certified Professional
B) Certified Ethical Hacker
C) Certified Information Systems Security Professional
D) CompTIA Security+
Question
Penetration testing can create ethical,technical,and privacy concerns for a company's management team.What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?

A) create a contractual agreement
B) create a lab demonstration
C) create a virtual demonstration
D) create a slide presentation
Question
When a security professional is presented with a contract drawn up by a company's legal department,which allows them to "hack" the company's network,they should proceed by performing what precautionary step?

A) consult the company's lawyer
B) consult their lawyer
C) sign the contract
D) begin testing immediately
Question
Why are employees sometimes not told that the company's computer systems are being monitored?
Question
A Security professional may think they are following the requirements set forth by the client who hired them to perform a security test,don't assume that management will be happy with the test results.Provide an example of an ethical hacking situation that might upset a manager.
Question
List at least five domains tested for the Certified Ethical Hacker (CEH)exam.
Question
Describe some actions which security testers cannot perform legally.
Question
Why are ethical hackers employed or contracted by a company to conduct vulnerability assessments,penetration tests,and security tests?
Question
What professional level security certification requires five years of experience and is designed to focus on an applicant's security-related managerial skills?

A) Certified Information Systems Security Professional
B) Offensive Security Certified Professional
C) OSSTMM Professional Security Tester
D) Certified Ethical Hacker
Question
Why should a security professional or student learning hacking techniques be aware of the local,state,and federal laws that apply to their field of study?
Question
What federal law makes it illegal to intercept any type of communication,regardless of how it was transmitted?

A) Fraud and Abuse Act
B) Interception Abuse Act
C) Electronic Communication Privacy Act
D) The Computer Fraud Act
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A group of people with varied skills who perform penetration tests
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An ethical attempt to break into a company's network or applications to find weak links
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Hybrid of the white and black box models used for penetration testing
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Analysis of a company's security policy and procedures followed with a report disclosing any vulnerabilities to management
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Inexperienced people who copy code or use tools created by knowledgeable programmers
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An attempt to identify all the unprotected areas found in an application or on a system
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A test that does not divulge to staff that penetration testing is being conducted or disclose what technologies the company is using to the security professional
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A person who breaks into systems to steal or destroy data
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An individual who breaks into a company's computer system legally when employed or contracted by that company
Question
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An individual who breaks into a computer system illegally
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 1: Ethical Hacking Overview
1
What acronym represents the U.S.Department of Justice new branch that addresses computer crime?

A) GIAC
B) OPST
C) CHIP
D) CEH
C
2
What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM)as its standardized methodology?

A) CEH
B) OPST
C) CISSP
D) GIAC
B
3
What subject area is not one of the 22 domains tested during the CEH exam?

A) Sniffers
B) Social engineering
C) Footprinting
D) Trojan hijacking
D
4
What security certification did the "The International Council of Electronic Commerce Consultants" (EC-Council)develop?

A) Security+
B) OSSTMM Professional Security Tester (OPST)
C) Certified Information Systems Security Professional (CISSP)
D) Certified Ethical Hacker (CEH)
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
What type of laws should a penetration tester or student learning hacking techniques be aware of?

A) local
B) state
C) federal
D) all of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
What term best describes a person who hacks computer systems for political or social reasons?

A) cracktivist
B) hacktivist
C) sniffer
D) script kiddy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
What policy,provide by a typical ISP,should be read and understood before performing any port scanning outside of your private network?

A) Port Scanning Policy
B) Acceptable Use Policy
C) ISP Security Policy
D) Hacking Policy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
An ethical hacker is a person who performs most of the same activities a hacker does,but with the owner or company's permission.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
What penetration model should a company use if they only want to allow the penetration tester(s)partial or incomplete information regarding their network system?

A) gray box
B) white box
C) black box
D) red box
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
What professional level security certification did the "International Information Systems Security Certification Consortium" (ISC2)develop?

A) Security+
B) OSSTMM Professional Security Tester (OPST)
C) Certified Information Systems Security Professional (CISSP)
D) Certified Ethical Hacker (CEH)
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
What type of testing procedure involves the tester(s)analyzing the company's security policy and procedures,and reporting any vulnerabilities to management?

A) penetration test
B) security test
C) hacking test
D) ethical hacking test
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
What specific term does the U.S.Department of Justice use to label all illegal access to computer or network systems?

A) Hacking
B) Cracking
C) Security testing
D) Packet sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
What penetration model should be used when a company's management team does not wish to disclose that penetration testing is being conducted?

A) black box
B) white box
C) red box
D) silent box
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system.What type of resource are these penetration testers utilizing?

A) kiddies
B) packets
C) scripts
D) tasks
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
What penetration model would likely provide a network diagram showing all the company's routers,switches,firewalls,and intrusion detection systems,or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?

A) black box
B) white box
C) red box
D) blue box
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Port scanning is a noninvasive,nondestructive,and legal testing procedure that is protected by federal law.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
Penetration testers and security testers need technical skills to perform their duties effectively.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
As a security tester,you can make a network impenetrable.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
What derogatory title do experienced hackers,who are skilled computer operators,give to inexperienced hackers?

A) script kiddies
B) repetition monkeys
C) packet sniffers
D) crackers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Even though the Certified Information Systems Security Professional (CISSP)certification is not geared toward the technical IT professional,it has become one of the standards for many security professionals.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
What name is given to people who break into computer systems with the sole purpose to steal or destroy data?

A) packet monkeys
B) crackers
C) script kiddies
D) bots
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Why is it a challenge and concern for an ethical hacker to avoid breaking any laws?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
In the context of penetration testing,what is the gray box model?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
What organization disseminates research documents on computer and network security worldwide at no cost?

A) EC-Council
B) SANS
C) ISECOM
D) ISC2
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
What common term is used by security testing professionals to describe vulnerabilities in a network?

A) bytes
B) packets
C) bots
D) holes
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
What is the SANS Institutes "Top 25 Software Errors" list?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
What are four different skills a security tester needs to be successful?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
If you work for a company as a security professional,you will most likely be placed on a special team that will conduct penetration tests.What is the standard name for a team made up of security professionals?

A) pen team
B) blue team
C) red team
D) security team
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?

A) health
B) technical
C) vulnerability
D) network
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
What professional security certification requires applicants to demonstrate hands-on abilities to earn their certificate?

A) Offensive Security Certified Professional
B) Certified Ethical Hacker
C) Certified Information Systems Security Professional
D) CompTIA Security+
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Penetration testing can create ethical,technical,and privacy concerns for a company's management team.What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?

A) create a contractual agreement
B) create a lab demonstration
C) create a virtual demonstration
D) create a slide presentation
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
When a security professional is presented with a contract drawn up by a company's legal department,which allows them to "hack" the company's network,they should proceed by performing what precautionary step?

A) consult the company's lawyer
B) consult their lawyer
C) sign the contract
D) begin testing immediately
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Why are employees sometimes not told that the company's computer systems are being monitored?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
A Security professional may think they are following the requirements set forth by the client who hired them to perform a security test,don't assume that management will be happy with the test results.Provide an example of an ethical hacking situation that might upset a manager.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
List at least five domains tested for the Certified Ethical Hacker (CEH)exam.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Describe some actions which security testers cannot perform legally.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Why are ethical hackers employed or contracted by a company to conduct vulnerability assessments,penetration tests,and security tests?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
What professional level security certification requires five years of experience and is designed to focus on an applicant's security-related managerial skills?

A) Certified Information Systems Security Professional
B) Offensive Security Certified Professional
C) OSSTMM Professional Security Tester
D) Certified Ethical Hacker
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Why should a security professional or student learning hacking techniques be aware of the local,state,and federal laws that apply to their field of study?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
What federal law makes it illegal to intercept any type of communication,regardless of how it was transmitted?

A) Fraud and Abuse Act
B) Interception Abuse Act
C) Electronic Communication Privacy Act
D) The Computer Fraud Act
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A group of people with varied skills who perform penetration tests
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An ethical attempt to break into a company's network or applications to find weak links
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Hybrid of the white and black box models used for penetration testing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Analysis of a company's security policy and procedures followed with a report disclosing any vulnerabilities to management
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
Inexperienced people who copy code or use tools created by knowledgeable programmers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An attempt to identify all the unprotected areas found in an application or on a system
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A test that does not divulge to staff that penetration testing is being conducted or disclose what technologies the company is using to the security professional
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
A person who breaks into systems to steal or destroy data
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An individual who breaks into a company's computer system legally when employed or contracted by that company
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
Match each item with a statement below.a.script kiddies
b.red team
c.black box model
d.crackers
e.vulnerability assessment
f.security test
g.hacker
h.gray box model
i.ethical hacker
j.penetration test
An individual who breaks into a computer system illegally
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree