Introduction To Ethical Hacking

Question 1

What is hack value ?

Answer 1

An items worth or interest to hacker

Question 2

What is a zero-day attack ?

Answer 2

Threats and vulnerabilities that can be exploited before a fix is ready

Question 3

What is a vulnerability ?

Answer 3

It refers to a weakpoint in any system or network

Question 4

What is an exploit ?

Answer 4

A breach of a systems security through vulnerabilities

Question 5

What is doxing ?

Answer 5

Publishing information about an individual

Question 6

What is meant by the term payload ?

Answer 6

Actual section of the information or data in a frame as opposed to metadata

Question 7

What is a bot ?

Answer 7

Software designed to control the target remotely and to execute predefined tasks

Question 8

What are the three elements of Information Security ?

Answer 8

Confidentiality, Integrity and Availability

Question 9

What is confidentiality ?

Answer 9

Only authorized personnel can see or work with digital assets

Question 10

What is integrity ?

Answer 10

Ensuring assets have not been altered in an unauthorised manner

Question 11

What is availability ?

Answer 11

Ensuring timely and reliable access to systems

Question 12

What are the security controls for Confidentiality ?

Answer 12

Encryption, Authentication and Access Control

Question 13

What are the security controls for Integrity

Answer 13

Audit Logs, Quality Assurance

Question 14

What are the security controls for Availability

Answer 14

Business Continuity Plans, Backup storage, sufficient capacity

Question 15

What is non repudiation ?

Answer 15

The assurance of communication and its authenticity so that the sender is unable to deny the sent message

Question 16

What controls enforce Non Repudiation

Answer 16

Digital signatures, digital contracts

Question 17

What three aspects of a system measure its level of security

Answer 17

Security, Usability and Functionality

Question 18

What are the three attack vectors

Answer 18

Motive, Method, Vulnerability

Question 19

What are some of the common motives for an attack

Answer 19

financial gain, religious or political, disruption, manipulation of data

Question 20

What is an advance persistent threat ?

Answer 20

The process of stealing information through a continuous procedure

Question 21

Whats the difference between viruses and worms

Answer 21

Worms have the ability to replicate

Question 22

What is insider threat ?

Answer 22

A threat originating from a user within the system

Question 23

What is a botnet ?

Answer 23

Groups of bots connected together through the internet to perform a distributed attack continuously

Question 24

What are the main threat categories ?

Answer 24

Network, Host, Application

Question 25

Give some examples of Network level threats ?

Answer 25

Scanning, DOS, Spoofing, MiM, DNS poisoning, Password based

Question 26

Give some example of Host based attacks ?

Answer 26

Malware, Privelege Escalation, Backdoors, Logon Bypass

Question 27

Give some examples of Application threats

Answer 27

Improper Data/Validation, Information Disclosure, Buffer Overflow, Sql Injection, Improper error handling

Question 28

What is a buffer overflow ?

Answer 28

When more data is attributed to a fixed block of memory prevented by code auditing, use of safe functions, patches, compiler tools, bounds checking

Question 29

Give an example of a misconfiguration attack ?

Answer 29

Leaving password or other settings at the default

Question 30

What is information warfare ?

Answer 30

The use of information and communication technology to get a competitive advantage over a rival.

Question 31

What are some typical examples of defensive information warfare ?

Answer 31

Prevention, Deterrence, Detection and Response

Question 32

What are some examples of Offensive information warfare ?

Answer 32

Various implementations of threat

Question 33

What are the seven steps in the Cyber Kill chain ?

Answer 33

Reconaissence, Weaponisation, Delivery, Exploitation, Installation, Command and Control, Actions on objectives

Question 34

What are the seven steps of the cyber kill chain ?

Answer 34

Reconnaissance, Weaponisation, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives

Question 35

What takes place in the Reconaissence phase of the Cyber Kill Chain ?

Answer 35

Collection of information on the target using DNS lookups, Social Engineering, Network Scanning etc. Security team should monitor port scanning on web servers, website logs and vulnerability scanning on public servers.

Question 36

What takes place in the Weaponisation phase of the Cyber Kill Chain ?

Answer 36

Preparing to exploit the vulnerability such as developing the payload. Security teams should monitor malware analysis sites, building detection rules

Question 37

What takes place in the Delivery phase of the Cyber Kill Chain ?

Answer 37

Launching of the attack via phising emails, malware on usb, direct server exploitations.

Question 38

What takes place in the Exploitation phase of the Cyber Kill Chain ?

Answer 38

Gaining access to the victim and can be combatted by phising training, user awareness training, endpoint hardening, penetration testing

Question 39

What takes place in the Installation phase of the Cyber Kill Chain ?

Answer 39

Establishes persistency by establishing a backdoor or opening a connection combatted by endpoint auditing, suspicious file creations, registry changes applications using administrator priveleges.

Question 40

What takes place in the Command and Control phase of the Cyber Kill Chain ?

Answer 40

The communication is opened between victim and C2 server. This is the last chance in the kill chain to prevent damage. Require proxies for all traffic and monitoring sessions.

Question 41

What takes place in the Actions on Objectives phase of the Cyber Kill Chain ?

Answer 41

This is where the C2 server carries out its objectives such as data modification, data exfiltration or privelege escalation. Countered by incident playbooks, incident readiness, response and escalation.

Question 42

What takes place in the Actions on Objectives phase of the Cyber Kill Chain ?What

Answer 42

This is where the C2 server carries out its objectives such as data modification, data exfiltration or privelege escalation. Countered by incident playbooks, incident readiness, response and escalation.

Question 43

What are the five essential hacking phases?

Answer 43

Reconnaissence, Scanning, Gaining Access, Maintaining Access, Clearing Tracks

Question 44

What is the difference between passive and active reconaissence

Answer 44

Passive - No direct contact with target | Active - Interaction with target

Question 45

What happens in the gaining access hacking phase ?

Answer 45

Hacker gains control of the operating system

Question 46

Which hacking phase sees the escalation of priveleges ?

Answer 46

Maintaining Access - This is also where backdoors and trojans are implanted

Question 47

What happens in the clearing tracks phase of hacking?

Answer 47

Overwriting of logs

Question 48

What are information security controls ?

Answer 48

Safeguards and controls to minimize cyber risk

Question 49

What is information assurance ?

Answer 49

Use of CIA - made up of Policies and Procedures

Question 50

What are the steps to enforce security policies ?

Answer 50

``` 1 Risk Assessment - Identify Risk 2 Guidelines - Learn Standards 3 Management - Include senior management 4 Penalties - Set Penalties 5 Finalization - Ready Final Version 6 Agreement 7 Enforcement - Deploy the policy 8 Training - Train Employees 9 Review and Update ```

Question 51

What are the four categories of Security Policy ?

Answer 51

Promiscuous - no restriction Permissive - restricts only widely known dangerous attacks Prudent - Max and strongest allow known and necessary risks Paranoid - Denys everything

Question 52

What is covered by an Enterprise Information Security Architecture ?

Answer 52

Identifying assets Monitoring and detection of Network behaviour Paying attention to various threats Detection and Recovery of security breaches Risk Assesment Cost-effectiveness

Question 53

What is threat modelling ?

Answer 53

The process of identifying, diagnosing and assessing the threats and vulnerabilities of a application or system

Question 54

What are the five key stages of threat modelling ?

Answer 54

``` Identification of Objectives Application Overview Decompose Application Identify Threats Identify vulnerabilities ```

Question 55

What is incident management ?

Answer 55

The procedure and method of handling any incident that occurs

Question 56

What are the 8 steps in incident response ?

Answer 56

``` Preparation Detection and Analysis Classification Notification Containment Forensic Investigation Eradication and Recovery Post Incident activities ```

Question 57

What are the typical members of an incident response team ?

Answer 57

IT personnell, HR, Public Relations Officers, Chief Security Officer, Local Law

Question 58

What are the responsibilities of the incident response team?

Answer 58

``` Examine and Evaluate the event Document If required get support of expert Collection of Facts Report ```

Question 59

What is vulnerability assessment ?

Answer 59

The process of examining an application or system to withstand any threat

Question 60

What are the five phases of vulnerability assessment ?

Answer 60

Aquisition - reviews applicable previous vulnerabilites Identification - gathering of technical information Analysis - Risk assessment and analysis Evaluation - Inspection of identified vulnerabilities Reporting - Tasks covered, Recommendations, Methods and tools used

Question 61

What are the types of penetration testing ?

Answer 61

Black, Gray and White box

Question 62

What are the three main phases of penetration testing ?

Answer 62

Pre - Attack Information gathering Attack - Penetration, Acquiring the target Post - Attack Securing cleaning and reporting

Question 63

Name some security testing methodologies ?

Answer 63

OWASP, Open Source Security Testing Methodology Manual, EC-Council licensed penetration tester