CEH-Bk1_Ch01-Review Question Answers

CEH-Bk1_Ch01-Review Question Answers

• What does the term ethical hacking mean?

An ethical hacker is someone who has all of the skills of a malicious hacker, but is on the client’s side. Ethical hackers usually employ the same tools and techniques as attackers, with the important exception that once access is gained, no damage is done. They evaluate system security, update the administrators regarding any discovered vulnerabilities, and recommend procedures for patching those vulnerabilities.

• Why is security against hacking necessary?

Today, almost every company is becoming completely networked, exchanging information almost instantly. Even the most routine tasks rely on computers for storing and accessing information. A company’s intellectual assets not only differentiate it from its competition, but can also mean the difference between profit and loss. Consequently, it is of the utmost importance to secure these assets from outside threats. The scope of information security is vast, and the objective of this course is to give participants a comprehensive body of knowledge to help them secure information assets under their care.

• What is the role of the ethical hacker?

Most companies use IT professionals to audit their systems for known vulnerabilities. While this is a beneficial practice, crackers are usually more interested in using newer, lesser-known vulnerabilities, so these by-the- numbers system audits will not suffice. A company will need someone who can think like a cracker, keeps up with the newest vulnerabilities and exploits, and recognize potential vulnerabilities where others cannot. This is the role of the ethical hacker.

• Who should choose ethical hacking as a profession?

Now, with the permeation of computers into the workplace and home, there is an increased dependency on computers. Any disruption in their operation or integrity can mean the loss of time, the loss of money, and sometimes even the loss of life. This has increased the demand for dedicated security professionals to constantly monitor and defend ICT (Information and Communication Technology) resources. Anyone interested in doing this should consider it as a profession.

• What are the similarities and differences between limited vulnerability analysis

and penetration testing?Limited vulnerability analysis involves focusing on the most open-entry points to the client’s systems from the Internet, as well as the most critical (Ethical Hacking and Countermeasures, Attack Phases, 2e EC-Council) 1 / 3

systems and data. Once they are identified, potential entry points and mission critical systems are scanned for known vulnerabilities using standard connection techniques.During attack and penetration testing, discovery scans are conducted to gain as much information as possible about the target environment. Similar to a limited vulnerability analysis, penetration scans can be performed from both the Internet and internal network perspective. Unlike limited vulnerability analysis, however, attack and penetration testing goes one step further in that the ethical hacker will try to exploit vulnerabilities, simulating a real attack.

• What are the different phases of malicious hacking?

In general, there are five phases that make up an attack:

1. Reconnaissance: The attacker gathers information about a target using

active or passive means.

• Scanning: The attacker begins to actively probe the target for vulnerabilities

that can be exploited.

• Gaining Access: If a vulnerability is detected, the attacker exploits it to gain

access to the system.

4. Maintaining Access: Once access is gained, the attacker usually maintains

access to fulfill the goal of the attack.

5. Covering Tracks: The attacker tries to destroy all evidence of the attack.

• What are the different types of hacker attacks?

Hacker attacks can be categorized as:

• Operating system attacks • Application-level attacks • Shrink-wrap code attacks • Misconfiguration attacks

• Describe hacktivism.

Hacktivism is when hackers break into government or corporate computer systems as an act of protest. Hacktivists use hacking to increase awareness of their social or political agendas, as well as themselves, in both the online and offline arenas.

• What are the different approaches and technologies used by ethical hackers?

To put it simply, ethical hackers must be computer experts. They must have a strong grasp on programming and networking, and should be comfortable with 2 / 3

installing and maintaining systems using all popular operating systems (Windows, Mac, Linux, etc.).Ethical hackers must possess detailed knowledge of both hardware and software. While it is not always necessary to have detailed knowledge of security, it is certainly an advantage. Management skills pertaining to these systems are necessary for the actual vulnerability testing and for preparing the report after the testing is carried out.Any ethical hacker must have plenty of patience; the analysis stage consumes more time than the testing stage. One evaluation may take from a few days to several weeks, depending on the nature of the task. When ethical hackers encounter unfamiliar systems, it is imperative to take the time to learn everything about the systems in order to try and find their vulnerable spots.

Each ethical hacking assignment has six basic steps:

• Talk with the client about the importance of security and the necessity of

testing.

• Prepare NDA (nondisclosure agreement) documents and have the client

sign them.

• Prepare an ethical hacking team and create a schedule for testing.
• Conduct the test.
• Analyze the results and prepare the report.
• Deliver the report to the client.
• List the Web sites that provide vulnerability databases.

US-CERT (http://www.us-cert.gov)

National Vulnerability Database (http://nvd.nist.gov)

Securitytracker (http://www.securitytracker.com)

SecuriTeam (http://www.securiteam.com)

Secunia (http://www.secunia.com)

HackerWatch (http://www.hackerwatch.org)

• / 3