.png){kind=logo}
Chapter 1
- Which of the following is best described as a weakness in a defined asset that could
be taken advantage of or exploited by some threat?
*a. vulnerability
- threat
- exposure
- hole
- What do you call an information resource or asset that is being protected from
attacks?
- key value
- main asset
- target asset
*b. target of evaluation
- How does an attacker usually gain access to a system?
- utilizing a threat vector
- by a breach in security
- through an inside exposure
*c. by a exploiting a vulnerability
- An owner's confidence that a system will behave according to its specifications is
referred to as:
- confidentiality
- reusability
- accountability
*d. assurance
- Which three concepts can be arranged in a triangle to depict how products are often
developed.
- functionality, resuability, availability
- security, availability, functionality
- functionality, availability, east of use
*b. security, functionality, ease of use
(Ethical Hacking and Countermeasures, Attack Phases, 2e EC-Council ) (Test Bank, Correct Answer are marked with*) 1 / 2
- What is the usually the first phase of an attack?
- scanning
- covering tracks
- gaining access
*d. reconnaissance
- Which tool can be used during the scanning phase of an attack?
- Spoofing
- Flooding
- Rootkit
*c. Traceroute
- Which technology is used to hide data in other data, such as hiding program code in a
graphic image?
*a. steganography
- tunneling
- encryption
- spoofing
- Which of the following is NOT a category of hacker attack?
- Operating system
- Application-level
- Shrink-wrap code
*b. Host-based
- What is one of the three questions that an ethical hacker's evaluation of a client's
information system seek to answer?
*a. What can an intruder do with information found on the target system?
- How much will it cost to patch the target system?
- Which software must be installed or repaired to secure the system?
- Which firewall device should be installed on the network perimeter?
- / 2
.png)