Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Computer Security and Penetration Testing, Second Edition
Review Questions with Answers
Chapter 1: Ethics of Hacking and Cracking
1. Using the W/B Hat model, which hacker is more likely to make up a Web site to teach new
hackers how to hack a network?
2. Using the W/B Hat model, which hacker is most likely to work as a network administrator?
3. Using the W/B Hat model, which hacker is most likely to share information?
4. Using the W/B Hat model, which hacker is selling credit card numbers to criminals online?
5. When presenting a talk to a group of business leaders, are you more likely to use the W/B Hat
model to explain the dangers posed by hackers or the Hacker Profiles model? If the business
leaders were the Chief Information Officers of their respective companies, would you reverse
6. If your web site is hacked and all the pages call up the same anti-war slogan and picture, which
profile of hacker has hit your site?
7. If it is discovered that the CEO's e-mail browser is set to automatically copy all her outgoing mail
to an unknown account called asmith@thecompany.com, what profile of hacker is probably
responsible?
8. What Hacker Profile tries out attack scripts they find on the internet, “just to see what happens?”
9. Name a trend that has arisen from the hacker mindset of the 1950s?
10. What are the motivations for the Hacker Profile, “professional criminal?”
Indicate whether the sentence or statement is true or false.
11. ______ As a security tester, you can make a network impenetrable.
12. ______ An ethical hacker is a person who performs most of the same activities a cracker does,
but only late at night.
13. The SysAdmin, Audit, Network, Security (SANS) Institute offers training and IT security
certifications through Global Information Assurance Certification (GIAC).
14. ______ The GIAC program offers a certification that focuses on reverse-engineering malware.
15. ______ All states look at port scanning as noninvasive or nondestructive in nature and deem it
legal.
16. ______ Old-Guard hackers brag incessantly about their successful exploits.
Match each term with the correct statement below.
a. script c. novice
b. port scanning d. ethical hacker
17. ______ Way to find open ports on a system
18. ______ Copies code from knowledgeable programmers instead of creating the code
himself/herself
19. ______ Set of instructions that runs in sequence to perform tasks on a computer system
20. ______ Sometimes employed by companies to perform penetration tests
