EXPLAIN WHAT WHITE-HAT, BLACK-HAT AND GREY-HAT HACKERS ARE.

23 Jun EXPLAIN WHAT WHITE-HAT, BLACK-HAT AND GREY-HAT HACKERS ARE.

EXPLAIN WHAT WHITE-HAT, BLACK-HAT AND GREY-HAT HACKERS ARE.
September 20, 2018Posted by: kajo No Comments
Questions
for Unit 1

1.
Explain
the Morris Worm and its significance?

2.
Explain
what White-Hat, Black-Hat and Grey-Hat hackers are.

3.
What
is ECPA and what does it regulate?

4.
What
is SOX and what does it regulate?

5.
What
is the main motivation for hackers today and what was the previous motivation
for earlier generations of hackers?

6.
Explain
the 6 different fallacies of hacking?

7.
What
is ethical hacking?

8.
What
role does professional organizations and certifying bodies play in regards to
ethical standards?

9.
What
is the issue with conducting security assessments without prior authorization?

Questions for Unit 2

1.
From
Chapter 2 of The Art of Intrusion, what are some of the countermeasures that
can be used to reduce the threat of terrorist hacking?

2.
From Chapter
1 of The Art of Intrusion, explain the importance of doing research to discover
exploitable vulnerabilities when it comes to defending an existing computer
system or network?

3.
Explain
asymmetric encryption?

4.
What
is MD5 hashing?

5. What
is IPSEC and what is it used for?

6. What
does hashing provide?

7.
What
is the purpose of Authenticity in regards to cryptography?

8.
What
is the importance of the encryption key to stored data?

9.
What
are digital signatures used for?

10.What are the requirements of symmetric key
encryption and what is the greatest danger with symmetric key encryption?

11.What is a birthday attack?

12.What s SSL encryption used for?

Questions for Unit 3

1.
What
is a split-horizon DNS configuration and how can it be used to defend against
footprinting? Chapter 5 The Art of Intrusion

2.
What
are the valid footprinting techniques?

3.
What
can be discovered by using Google Hacking?

4.
What
is EDGAR and what is it used for?

5.
Which
techniques can be used to secure DNS?

6.
What
can Internet Archives be used for and what are a few names of some?

7.
What
are some key DNS words that can be used to help identify potential targets?

8.
What
can be done to help prevent search engine exposures?

9.
What
is ICANN and what can it be used for?

10.How can penetration testers use a physical
address of a company?

11.Explain footprinting and why it can be
useful?

12.How can newsgroups be used against a
company?

Questions for Unit 4

1.
What
basic defenses against social engineering are provided in chapter 10, The Art
of Intrusion?

2.
Explain
how War-dialing works.

3.
How
does a SYN scan work as a network attack and what types of defenses can it
bypass?

4.
How
would you use NMAP to treat all hosts as online?

5.
Explain
OS fingerprinting?

6.
How
can null sessions be used with enumeration?

7.
What
types of information can NetBIOS enumeration provide?

8.
What
can be discovered with ARIN lookups?

9.
What
is a privilege escalation attack and how does it work?

10.What is a back door and what are some tools
that can be used to create a back door from the command line?

Questions for Unit 5

1.
What
is tailgating in terms of penetration testing? Chapter 6

2.
Explain
what web site defacement is.

3.
What
type of tool are Nessus and Open VAS?

4. Explain what NAT is in relation to IP
addresses.

5.
What
is cross-site scripting (and give an example) and how might you defend against
it?

6.
What
does Brutus do and what type of tool s it?

7.
What
are some types of information that can be discovered through an insecure login
system?

8.
What
is SQL injection and what can it do?

9.
Why
is a unique identifier important for each and every session to have?

10.Why is proper tracking of database user
actions important?

11.What are the issues and concerns about
database attacks such as injection attacks for organizations?

12.How can database attacks be defended
against?

13.What does a typical web site banner look