.png){kind=logo}
QUESTIONS AND ANSWERS
Exam
INTRO TO ETHICAL HACKING EXAM (ACTUAL EXAM )
LATEST WITH CORRECT QUESTIONS AND ANSWERS
GRADE
TESTED AND CONFIRMED A+ ANSWERS
3DES - CORRECT ANSWER: DES used to encrypt each block three times , each with
a different key
Access Control List - CORRECT ANSWER: info about what kind of access certain
parties are allowed to have to a given system Read , write , execute
Access Control Models - CORRECT ANSWER: Discretionary ( DAC )
Mandatory ( MAC ) Rule - based Role - based ( RBAC ) Attribute - based ( ABAC )
Accountability - CORRECT ANSWER: Refers to making sure that a person is
responsible for their actions .-It provides us with the means to trace activities in our environment back to their source .-Depends on identification , authentication , and access control being present so that we can know who a given transaction is associated with , and what permissions were used to allow them to carry it out .
Acess Control - CORRECT ANSWER: Allowing - lets us give a particular party access to a given source Denying - opposite of gaining access Limiting - allowing some access to our resource , only up to a certain point Revoking - takes access away from former user
AES - CORRECT ANSWER: uses three different ciphers : one with a 128 - bit key , one with a 192 - bit key , and one with a 256 - bit key , all having a block length of 128 bits
Asymmetric cryptography - CORRECT ANSWER: a public key and a private key . The
public key is used to encrypt data sent from the sender to the receiver and is shared with everyone . Private keys are used to decrypt data that arrives at the receiving end and are very carefully guarded by the receive ( aka the public key cryptography )
Asymmetric Key Algorithms - CORRECT ANSWER: Secure Sockets Layer ( RSA )
Elliptic Curve Cryptography ( ECC ) Pretty Good Privacy ( PGP ) Transport Layer Security ( TLS )
If you need a professional to complete your college homework at a small fee, then reach out to amazingclasshelp.com
Attack Types - CORRECT ANSWER: Interception
Interruption Modification Fabrication
Attack types and their effect - CORRECT ANSWER: Interception is the ONLY attack
that affects on confidentiality. Interruption, modification, and fabrication affects integrity and availability because most of the time they're impacting data.
Attribute - based ( ABAC ) - CORRECT ANSWER: based on attributes , such as of a
person , resource , or an environment
Auditing - CORRECT ANSWER: the examination and review of an organization's
records to ensure accountability through technical means .
Authentication - CORRECT ANSWER: verifying that a person is who they claim to be
Authorization - CORRECT ANSWER: what the user can access , modify , and delete
Availability - CORRECT ANSWER: For one's AUTHORIZED to ACCESS data when
needed
BinScope Binary Analyzer - CORRECT ANSWER: a tool developed by Microsoft to
examine source code for general good practices
Block Cipher - CORRECT ANSWER: takes a predetermined number of bits , known as
a block , in the plaintext message and encrypts that block
Brute Force - CORRECT ANSWER: an attack by submitting password attempts until
eventually guessed correctly
Buffer overflows - CORRECT ANSWER: a vulnerability that occurs when we do not
properly store the size of the data input into our applications , causing the program to crash and an attacker to take advantage
Certificates - CORRECT ANSWER: link a public key to a particular individual and are often used as a form of electronic identification for that particular person
Childrens ' Online Privacy Protection Act (COPPA) - CORRECT ANSWER: sets rules
on data collection for children under 13 to protect their online privacy
CIA Triad - CORRECT ANSWER: Confidential - allowing only those authorized to
access the data requested Integrity - keeping data unaltered in an unauthorized manner and reliable Availability - the ability for those authorized to access data when needed
If you need a professional to complete your college homework at a small fee, then reach out to Homeworkanalyzers.com
Compliance - CORRECT ANSWER: conforming to a rule , such as specification , policy , standard or law
Confidentiality - CORRECT ANSWER: WHO can access the data
Containment - CORRECT ANSWER: involves taking steps to ensure that the situation does not cause any more damage than it already has , or to at least lessen any ongoing harm
Cross - Site Scripting ( XSS ) - CORRECT ANSWER: an attack carried out by placing code in the form of a scripting language into a Web page , or other media , that is interpreted by a client browser , including Adobe Flash animation and some types of video files
Cryptography - CORRECT ANSWER: the practice of keeping information secure
through the use of codes and ciphers
DDOS - CORRECT ANSWER: a type of cyber attack where an attacker floods a
website or network with so much traffic that it becomes unavailable to legitimate users .
Deep packet inspection - CORRECT ANSWER: analyzing the actual content of the
traffic that is flowing through them
Defense in-Depth - CORRECT ANSWER: using a variety of security measures that will still achieve a successful defense should one or more of the defensive measures fail
DES - CORRECT ANSWER: a block cipher based on symmetric key cryptography and
uses a 56 - bit key . Not that secured any more .
Detection and Analysis (Identification) - CORRECT ANSWER: detect the occurrence of an issue and decide whether or not it is actually an incident so that we can respond appropriately to it .
Digital Signatures - CORRECT ANSWER: ensure that the message was legitimately
sent by the expected party , and to prevent the sender from denying that he or she sent the message , known as nonrepudiation
Discretionary ( DAC ) - CORRECT ANSWER: owner of resources determines who gets
access and what level
DMZ - CORRECT ANSWER: a layer of protection that separates a device from the rest of a network and used to host public facing services such as websites .
Elliptic Curve Cryptography ( ECC ) - CORRECT ANSWER: can secure all browser
connections to the Web servers
.png)