1. What is an example of "hacktivism"?

  • A. Criminals use the Internet to attempt to steal money from a banking company.
  • B. A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
  • C. A country tries to steal defense secrets from another country by infiltrating government networks.
  • D. A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.

Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.

2. Which statement describes cybersecurity?

  • A. It is the name of a comprehensive security application for end users to protect workstations from being attacked.
  • B. It is a framework for security policy development.
  • C. It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
  • D. It is a standard-based model for developing firewall technologies to fight against cybercriminals.

Cybersecurity is the ongoing effort to protect Internet-connected network systems and all of the data associated with the systems from unauthorized use or harm.

3. What focus describes a characteristic of an indicator of attack (IOA)?

  • A. It focuses more on the mitigation after an attack and the potential compromised vulnerabilities.
  • B. It focuses more on the risk management strategies after an attack and compromise of systems.
  • C. It focuses more on threat avoidance after an attack and the potential cost implications.
  • D. It focuses more on the motivation behind an attack and the means used to compromise vulnerabilities to gain access to assets.

Indicators of attack (IOA) focus more on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets. IOAs are concerned with the strategies that are used by attackers and can help generate a proactive security approach.

4. What is the motivation of a white hat attacker?

  • A. Studying operating systems of various platforms to develop a new system
  • B. Taking advantage of any vulnerability for illegal personal gain
  • C. Fine tuning network devices to improve their performance and efficiency
  • D. Discovering weaknesses of networks and systems to improve the security level of these systems

White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.

5. Which risk management plan involves discontinuing an activity that creates a risk?

  • A. Risk avoidance
  • B. Risk retention
  • C. Risk reduction
  • D. Risk sharing

During a risk assessment it may be determined that an activity involves more risk than benefit. In such a situation an organization may decide to avoid the risk altogether by discontinuing the activity. This is known as risk avoidance.

6. Which type of network threat is intended to prevent authorized users from accessing resources?

  • A. Trust exploitation
  • B. Access attacks
  • C. Reconnaissance attacks
  • D. DoS attacks

Network reconnaissance attacks involve the unauthorized discovery and mapping of the network and network systems. Access attacks and trust exploitation involve unauthorized manipulation of data and access to systems or user privileges. DoS, or Denial of Service attacks, are intended to prevent legitimate users and devices from accessing network resources.

7. What security tool allows a threat actor to hack into a wireless network and detect security vulnerabilities?

  • A. NMap
  • B. Click fuzzers
  • C. SuperScan
  • D. KisMac

Aircrack-ng, Kismet, InSSIDer, KisMAC, Firesheep, and NetStumbler are examples of tools used to hack into a wireless network.

8. Which statement describes the term attack surface?

  • A. It is the network interface where attacks originate.
  • B. It is the total number of attacks toward an organization within a day.
  • C. It is the total sum of vulnerabilities in a system that is accessible to an attacker.
  • D. It is the group of hosts that experiences the same attack.

An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker. The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

9. Which risk management strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk?

  • A. Risk acceptance
  • B. Risk reduction
  • C. Risk avoidance
  • D. Risk transfer

Risk reduction strategy reduces exposure to risk or reduces the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy. This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk.

10. What characteristic describes script kiddies?

  • A. Threat actors who steal government secrets, gather intelligence, and sabotage networks of foreign governments, terrorist groups, and corporations
  • B. Hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards
  • C. Hackers who rally and protest against different political and social ideals
  • D. Inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit

Script kiddies refers to teenagers or inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit.

11. What characteristic describes a gray hat hacker?

  • A. Individuals who design risk adoption strategies
  • B. Individuals who use programming skills for good, ethical, and legal purposes
  • C. Individuals who commit cyber crimes but not for personal gain or to cause damage
  • D. Unethical criminals who violate computer and network security for personal gain or for malicious reasons

Gray hat hackers are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage.

12. A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use forensic tools?

  • A. To detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
  • B. To reverse engineer binary files when writing exploits and when analyzing malware
  • C. To obtain specially designed operating systems preloaded with tools optimized for hacking
  • D. To detect any evidence of a hack or malware in a computer or network

Ethical hacking involves using many different types of tools to test the network and end devices. To validate the security of a network and its systems, many network penetration testing tools have been developed. These tools are used to test the vulnerability and susceptibility of networks to be cracked, probed, hacked, captured, and hijacked. Many of the tools are Linux or Linux based and can be used by both white and black hats.

13. A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as Nmap, SuperScan, and Angry IP Scanner?

  • A. To reverse engineer binary files when writing exploits and when analyzing malware
  • B. To detect any evidence of a hack or malware in a computer or network
  • C. To detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
  • D. To probe network devices, severs, and hosts for open TCP or UDP ports

Ethical hacking involves using many different types of tools to test the network and end devices. Network scanning tools are used to probe network devices, servers, and hosts for open TCP or UDP ports. Examples of scanning tools include Nmap, SuperScan, Angry IP Scanner, and NetScanTools.