100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
Eerder door jou gezocht
ETHICAL HACKING ESSENTIALS EXAM ACTUAL EXAM QUESTION BANK COMPLETE 550 QUESTIONS AND DETAILED SOLUTIONS WITH RATIONALES JUST RELEASED THIS YEAR€14,82
In winkelwagen
ethical hacking essentials exam actual exam questi
Geschreven voor
ETHICAL HACKING ESSENTIALS
ETHICAL HACKING ESSENTIALS
Verkoper
Volgen
Ressy
Ontvangen beoordelingen
Voorbeeld van de inhoud
Page 1 of 296
ETHICAL HACKING ESSENTIALS EXAM ACTUAL
EXAM QUESTION BANK COMPLETE 550
QUESTIONS AND DETAILED SOLUTIONS WITH
RATIONALES JUST RELEASED THIS YEAR
Question:1. Which of the following would be the best example of a deterrent control?
A. A log aggregation system
B. Hidden cameras onsite
C. A guard posted outside the door
D. Backup recovery systems - CORRECT ANSWER✔✔C. If you're doing something as a deterrent,
you're trying to prevent an attack in the first place. In this physical security deterrent control, a
guard visible outside the door could help prevent physical attacks.
Question: 2. Enacted in 2002, this U.S. law requires every federal agency to implement
information security programs, including significant reporting on compliance and accreditation.
Which of the following is the best choice for this definition?
A. FISMA
B. HIPAA
C. NIST 800-53
1
SUCCESS!
,Page 2 of 296
D. OSSTMM - CORRECT ANSWER✔✔A. FISMA has been around since 2002 and was updated in
2014. It gave certain information security responsibilities to NIST, OMB, and other government
agencies, and declared the Department of Homeland Security (DHS) as the operational lead for
budgets and guidelines on security matters.
Question: 3. Brad has done some research and determined a certain set of systems on his
network fail once every ten years. The purchase price for each of these systems is $1200.
Additionally, Brad discovers the administrators on staff, who earn $50 an hour, estimate five
hours to replace a machine. Five employees, earning $25 an hour, depend on each system and
will be completely unproductive while it is down. If you were to ask Brad for an ALE on these
devices, what should he answer with?
A. $2075
B. $207.50
C. $120
D. $1200 - CORRECT ANSWER✔✔B. ALE = ARO × SLE. To determine ARO, divide the number of
occurrences by the number of years (1 occurrence / 10 years = 0.1). To determine SLE, add the
purchase cost (1200) plus the amount of time to replace (5 × 50 = 250) plus the amount of lost
work (5 hours × 5 employees × 25 = 625). In this case, it all adds up to $2075. ALE = 0.1 × 2075,
or $207.50.
Question: 4. An ethical hacker is hired to test the security of a business network. The CEH is
given no prior knowledge of the network and has a specific framework in which to work,
defining boundaries, nondisclosure agreements, and the completion date. Which of the
following is a true statement?
2
SUCCESS!
,Page 3 of 296
A. A white hat is attempting a black-box test.
B. A white hat is attempting a white-box test.
C. A black hat is attempting a black-box test.
D. A black hat is attempting a gray-box test. - CORRECT ANSWER✔✔A. In this example, an
ethical hacker was hired under a specific agreement, making him a white hat. The test he was
hired to perform is a no-knowledge attack, making it a black-box test.
Question: 5. When an attack by a hacker is politically motivated, the hacker is said to be
participating in which of the following?
A. Black-hat hacking
B. Gray-box attacks
C. Gray-hat attacks
D. Hacktivism - CORRECT ANSWER✔✔D. Hackers who use their skills and talents to forward a
cause or a political agenda are practicing hacktivism.
Question: 6. Two hackers attempt to crack a company's network resource security. One is
considered an ethical hacker, whereas the other is not. What distinguishes the ethical hacker
from the "cracker"?
A. The cracker always attempts white-box testing.
B. The ethical hacker always attempts black-box testing.
C. The cracker posts results to the Internet.
3
SUCCESS!
, Page 4 of 296
D. The ethical hacker always obtains written permission before testing. - CORRECT
ANSWER✔✔D. The ethical hacker always obtains written permission before testing and never
performs a test without it!
Question: 7. In which stage of an ethical hack would the attacker actively apply tools and
techniques to gather more in-depth information on the targets?
A. Active reconnaissance
B. Scanning and enumeration
C. Gaining access
D. Passive reconnaissance - CORRECT ANSWER✔✔B. The second of the five phases of an ethical
hack attempt, scanning and enumeration, is the step where ethical hackers take the information
they gathered in recon and actively apply tools and techniques to gather more in-depth
information on the targets.
Question: 8. Which type of attack is generally conducted as an inside attacker with elevated
privileges on the resources?
A. Gray box
B. White box
C. Black box
D. Active reconnaissance - CORRECT ANSWER✔✔B. A white-box attack is intended to simulate
an internal attacker with elevated privileges, such as a network administrator.
4
SUCCESS!
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Ressy. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €14,82. Je zit daarna nergens aan vast.
