click below
click below
Normal Size Small Size show me how
CEH
Certified Ethical Hacker
Question | Answer |
---|---|
What is Threat Modeling | It is determining the security issues that are most important to an organization and then identifying the possible events that could affect those issues. |
What is Risk Management | It is determining the proper course of action to take when threats are identified |
What is a Threat | Potential events, neither good nor bad, just possible |
What is a Weakness | A flaw that leaves an asset vulnerable to attack |
What is a Exposure | A point of access to a weakness |
What is a Vulnerability | An instance of the exposure of a weakness |
What is a Exploit | The act of taking advantage of a vulnerability |
What is the objective of an Ethical Hacker | It is to properly assess, test, and monitor all security controls and be able to provide the organization with reliable advice on what can be done to improve security levels. |
Are low budgets the cause of weak security | No |
Name the 6 types of attacks | Social Engineering, Network-based, Operating System, Application-level, Shrink wrap and malicious code, Misconfiguration |
What are the 5 phases of an attack | Reconnaissance, Scanning, Gaining access, Maintaining access, Clearing tracks |
What is TOE | Target of Evaluation |
What is Reconnaissance | The first and most important step in an attack. It involves finding out as much information as possible about the TOE. A passive information gathering approach is taken and will not raise any alarms. This is often the longest phase of an attack. |
What are the 4 most common types of Intellectual Property (IP) | Copyrights, Patents, Trademarks and Trade Secrets |
What year was the "Computer Fraud and Abuse Act" passed | 1984 |
What is an Open Source License | It makes the source code of an application available to whoever is interested in enhancing the application's functions. The developer is generally not compensated for the use of his code, although stipulations can accompany its use |
What does OSI stand for | Open Source Inittative |
What does OSD stand for and what does it do | Open Source Definition - it sets forth certain conditions that must be met before the free distribution of an applications source code will be approved by the OSI (Open Source Initiative |
What is a viral license | It states that someone cannot take an open source application, modify it and then close it as an original application. Also, the original attributes of the software are retained |
Learn about Creative Commons (ShareALike License) Copy Left (An example is the GPL) | |
What is the Computer Fraud and Abuse Act | |
What is the "Computer Misuse Act" of 1990 (United Kingdom) | |
What is the "Freedom of Information Act" | |
What is the "U.S. I-Spy Act" or "Internet Spyware Prevention Act of 2005" | |
What is the "U.S.A. Patriot Act", better known as "Patriot Act" | |
What is California SB 1386 | |
What is the "Digital Millennium Copyright Act" (DMCA) | |
What is the "Sarbanes-Oxley Act" (SOX) | |
What is the "Graham-Leach Bliley Act" (GLBA) | |
What is the "Health Insurance Portability and Accountability Act" (HIPAA) | |
What does RIR stand for? | Regional Internet Registrars |