Correct Terms Of Ethical Hacking In Following Quiz

1. A(n) _______ is an object, person, or other entity that represents an ongoing danger to an asset.

Vulnerability

Security

Control

Threat

A threat is a potential danger that could exploit a vulnerability in a system, whereas security, vulnerability, and control are related concepts but do not specifically represent an ongoing danger to an asset.

Explanation

A threat is a potential danger that could exploit a vulnerability in a system, whereas security, vulnerability, and control are related concepts but do not specifically represent an ongoing danger to an asset.

2. Duplication of software-based intellectual property is more commonly known as software ______.

Infringement

Piracy

Counterfeiting

Plagiarism

The unauthorized duplication of software-based intellectual property is commonly referred to as software piracy. It involves reproducing, distributing, or using software without the authorization of the rightful owner.

Explanation

The unauthorized duplication of software-based intellectual property is commonly referred to as software piracy. It involves reproducing, distributing, or using software without the authorization of the rightful owner.

3. A computer virus consists of segments of code that perform __________ actions.

Random

Malicious

Helpful

Innocent

Computer viruses are designed to cause harm to computer systems, making 'malicious' the correct term to describe their actions.

Explanation

Computer viruses are designed to cause harm to computer systems, making 'malicious' the correct term to describe their actions.

4. A(n) ________ is a malicious program that replicates itself constantly, without requiring another program environment.

Worm

Trojan horse

Spyware

Virus

Worms are standalone malware that can replicate themselves and spread to other computers on the same network. Unlike viruses, worms do not require a host program to attach to. Trojans are disguised as legitimate software, while spyware is designed to spy on the user's activity.

Explanation

Worms are standalone malware that can replicate themselves and spread to other computers on the same network. Unlike viruses, worms do not require a host program to attach to. Trojans are disguised as legitimate software, while spyware is designed to spy on the user's activity.

5. What is a momentary low voltage referred to as?

Sag

Surge

Dropout

Spike

A momentary low voltage event is called a 'sag', which is a temporary drop in voltage below the normal level. It is important to differentiate between sags, spikes, surges, and dropouts as each has its own distinct impact on electrical systems.

Explanation

A momentary low voltage event is called a 'sag', which is a temporary drop in voltage below the normal level. It is important to differentiate between sags, spikes, surges, and dropouts as each has its own distinct impact on electrical systems.

6. Some information gathering techniques are quite legal, for example, using a Web browser to perform market research. These legal techniques are called, collectively, competitive _________.

Surveillance

Analysis

Intelligence

Research

Competitive intelligence refers to the legal and ethical gathering of information about competitors and the competitive environment to help improve business decision-making. While analysis, surveillance, and research are related concepts, they do not encompass the specific focus of competitive intelligence.

Explanation

Competitive intelligence refers to the legal and ethical gathering of information about competitors and the competitive environment to help improve business decision-making. While analysis, surveillance, and research are related concepts, they do not encompass the specific focus of competitive intelligence.

7. When information gatherers employ techniques that cross the threshold of what is legal or ethical, they are conducting industrial _______.

Solicitation

Sabotage

Espionage

Coercion

Industrial espionage refers to the unauthorized and unethical acquisition of confidential information for competitive advantage. Sabotage, solicitation, and coercion do not specifically relate to the act of gathering confidential information in an unethical or illegal manner.

Explanation

Industrial espionage refers to the unauthorized and unethical acquisition of confidential information for competitive advantage. Sabotage, solicitation, and coercion do not specifically relate to the act of gathering confidential information in an unethical or illegal manner.

8. What is another term for an expert hacker?

Elite

Pro

Amateur

Novice

An expert hacker is commonly referred to as elite due to their high level of skill and expertise in hacking techniques.

Explanation

An expert hacker is commonly referred to as elite due to their high level of skill and expertise in hacking techniques.

9. Script kiddies are hackers of limited skill who use expertly written software to attack a system.

Novice hackers

Script amateurs

Kiddies

Code newbies

Script kiddies are individuals with minimal technical skills who use pre-written scripts or tools to launch attacks, often without fully understanding the process or technology involved.

Explanation

Script kiddies are individuals with minimal technical skills who use pre-written scripts or tools to launch attacks, often without fully understanding the process or technology involved.

10. What term describes a person who hacks the public telephone network to make free calls or disrupt services?

Phone phisher

Phreaker

Cybercriminal

Hacker

A phreaker is a person who engages in hacking the public telephone network to make free calls or disrupt services. While hackers may focus on various systems, cybercriminals engage in a wide range of criminal activities online, and phone phishers typically attempt to trick individuals into providing personal information over the phone.

Explanation

A phreaker is a person who engages in hacking the public telephone network to make free calls or disrupt services. While hackers may focus on various systems, cybercriminals engage in a wide range of criminal activities online, and phone phishers typically attempt to trick individuals into providing personal information over the phone.

11. ESD means electrostatic ___.

Shock

Current

Electricity

Discharge

ESD stands for ElectroStatic Discharge, which refers to the sudden flow of electricity between two electrically charged objects caused by contact, an electrical short, or dielectric breakdown.

Explanation

ESD stands for ElectroStatic Discharge, which refers to the sudden flow of electricity between two electrically charged objects caused by contact, an electrical short, or dielectric breakdown.

12. A(n) _____ is an act that takes advantage of a vulnerability to compromise a controlled system.

Breach

Infiltration

Attack

Exploit

An attack refers to an intentional action to compromise a system. While exploits, breaches, and infiltrations are related concepts, they do not fully capture the idea of an intentional act targeting system vulnerability.

Explanation

An attack refers to an intentional action to compromise a system. While exploits, breaches, and infiltrations are related concepts, they do not fully capture the idea of an intentional act targeting system vulnerability.

13. A(n) _______ is an identified weakness in a controlled system, where controls are not present or are no longer effective.

Exposure

Vulnerability

Threat

Breach

A vulnerability refers to a weakness in a controlled system where controls are lacking or ineffective, making it susceptible to exploitation. Threat, breach, and exposure are related but do not directly describe a system weakness in the same way vulnerability does.

Explanation

A vulnerability refers to a weakness in a controlled system where controls are lacking or ineffective, making it susceptible to exploitation. Threat, breach, and exposure are related but do not directly describe a system weakness in the same way vulnerability does.

14. What is the term for attempting to reverse-calculate a password?

Cracking

Spoofing

Hacking

Phishing

The act of attempting to reverse-calculate a password to gain unauthorized access is commonly referred to as cracking. Hacking involves finding weaknesses in a computer system, phishing involves attempting to obtain sensitive information through deceptive methods, and spoofing involves disguising communication from an unknown source as being from a known, trusted source.

Explanation

The act of attempting to reverse-calculate a password to gain unauthorized access is commonly referred to as cracking. Hacking involves finding weaknesses in a computer system, phishing involves attempting to obtain sensitive information through deceptive methods, and spoofing involves disguising communication from an unknown source as being from a known, trusted source.

15. What is a technique used to gain unauthorized access to computers, wherein the intruder sends messages with a source IP address that has been forged to indicate that the messages are coming from a trusted host?

Spoofing

Malware

Denial of Service

Phishing

Spoofing is a technique used to deceive computer systems by falsifying information, such as IP addresses, to gain unauthorized access. Phishing involves tricking individuals into providing sensitive information, malware is malicious software that can harm computer systems, and denial of service attacks disrupt network services by overwhelming systems with traffic.

Explanation

Spoofing is a technique used to deceive computer systems by falsifying information, such as IP addresses, to gain unauthorized access. Phishing involves tricking individuals into providing sensitive information, malware is malicious software that can harm computer systems, and denial of service attacks disrupt network services by overwhelming systems with traffic.

16. What is unsolicited commercial e-mail?

Phishing

Spam

Scam

Malware

Spam refers to unsolicited commercial e-mail, while phishing, malware, and scams may also involve malicious activities but are separate forms of cyber threats.

Explanation

Spam refers to unsolicited commercial e-mail, while phishing, malware, and scams may also involve malicious activities but are separate forms of cyber threats.

17. In the context of information security, what is the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker?

Malware

Phishing

Firewall

Social engineering

Social engineering is a psychological manipulation technique used by attackers to deceive individuals into divulging confidential information.

Explanation

Social engineering is a psychological manipulation technique used by attackers to deceive individuals into divulging confidential information.

18. A(n) _______ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.

Integer underflow

Stack overflow

Buffer overrun

Memory leak

A buffer overrun specifically refers to the scenario where more data is sent to a buffer than it can handle, causing an error. Memory leak refers to a situation where memory is allocated but not deallocated properly, leading to a loss of available memory. Stack overflow happens when a program exceeds the size of the stack, typically due to infinite recursion. Integer underflow occurs when an arithmetic operation results in a value that is smaller than the minimum representable value for that data type.

Explanation

A buffer overrun specifically refers to the scenario where more data is sent to a buffer than it can handle, causing an error. Memory leak refers to a situation where memory is allocated but not deallocated properly, leading to a loss of available memory. Stack overflow happens when a program exceeds the size of the stack, typically due to infinite recursion. Integer underflow occurs when an arithmetic operation results in a value that is smaller than the minimum representable value for that data type.