Apply Your Knowledge

As an ethical hacker, it is important to not only be able to test security systems, but also understand that a good policy structure drives effective security.

Exercises

1.1. Review the SANS Policy Project

While this Chapter discusses policy, laws, and rules of engagement, now is a good time to review the SANS policy page. This information should be useful when helping organizations promote the change to a more secure setting.

Estimated Time: 15 minutes.

  1. Go to the SANS policy page located at www.sans.org/resources/policies.
  2. Click on the example policy and templates hyperlink.
  3. Review the Acquisition Assessment Policy. It defines responsibilities regarding corporate acquisitions and the minimum requirements of an acquisition assessment to be completed by the information security group.
  4. Next, review the Risk Assessment Policy. This policy template defines the requirements and provides the authority for the information security team to identify, assess, and remediate risks to the organization's information infrastructure associated with conducting business.
  5. Finally, review the Ethics Policy. This template discusses ethics and defines the means to establish a culture of openness, trust, and integrity in the organization.

Exam Questions

1.

What is the main federal statute that addresses computer hacking under U.S. Federal Law?

A. Section 1028

B. Section 1029

C. Section 2510

D. Section 2701

   
2.

Which of the following addresses the secrecy and privacy of information?

A. Integrity

B. Confidentially

C. Availability

D. Authentication

3.

Hacker attacks, unauthorized access, and viruses and malware can all be described as what?

A. Risks

B. Threats

C. Vulnerabilities

D. Exploits

4.

Who are the individuals who perform legal security tests while sometimes performing questionable activities?

A. Grayhat hackers

B. Ethical hackers

C. Crackers

D. Whitehat hackers

5.

Which of the following is the most important step for the ethical hacker to perform during the pre-assessment?

A. Hack the web server.

B. Obtain written permission to hack.

C. Gather information about the target.

D. Obtain permission to hack.

6.

Which of the following is one primary difference between a malicious hacker and an ethical hacker?

A. Malicious hackers use different tools and techniques than ethical hackers do.

B. Malicious hackers are more advanced than ethical hackers because they can use any technique to attack a system or network.

C. Ethical hackers obtain permission before bringing down servers or stealing credit card databases.

D. Ethical hackers use the same methods but strive to do no harm.

   
7.

This type of security test might seek to target the CEO's laptop or the organization's backup tapes to extract critical information, usernames, and passwords.

A. Insider attack

B. Physical entry

C. Stolen equipment

D. Outsider attack

8.

Which of the following best describes an attack that altered the contents of two critical files?

A. Integrity

B. Confidentially

C. Availability

D. Authentication

9.

Which individuals believe that hacking and defacing websites can promote social change?

A. Ethical hackers

B. Grayhat hackers

C. Blackhat hackers

D. Hactivists

10.

In 2000, Mafiaboy launched an attack that knocked out eBay and Yahoo! for several hours. This attack targeted which of the following?

A. Integrity

B. Confidentially

C. Availability

D. Authentication

11.

This type of security test typically takes on an adversarial role and looks to see what an outsider can access and control.

A. Penetration test

B. High level evaluation

C. Network evaluation

D. Policy assessment

   
12.

How many components are in a security evaluation?

A. Two

B. Three

C. Four

D. Five

Answers to Exam Questions

A1:

1. B. Section 1029 is one of the main federal statutes that address computer hacking under U.S. federal law. All other answers are incorrect, as Sections 2510 and 2701 are part of the Electronic Communication Privacy Act and address information as storage and information in transit. Section 1028 is incorrect because it deals with fraud and related activity in connection with identification documents.

A2:

2. B. Confidentiality addresses the secrecy and privacy of information. Physical examples of confidentiality include locked doors, armed guards, and fences. Logical examples of confidentiality can be seen in passwords, encryption, and firewalls. Answer A is incorrect as integrity deals with the correctness of the information. Answer C is incorrect as availability deals with the issue that services and resources should be available when legitimate users need them. Answer D is incorrect as authentication is the means of proving someone is who he says he is. Authentication is typically verified by password, pins, tokens, or biometrics.

A3:

3. B. A threat is any agent, condition, or circumstance that could potentially cause harm, loss, damage, or compromise an IT asset or data asset. All other answers are incorrect because risk is the probability or likelihood of the occurrence or realization of a threat. A vulnerability is a weakness in the system design, implementation, software, code, or other mechanism. An exploit refers to a piece of software, tool, or technique that takes advantage of a vulnerability, leading to privilege escalation, loss of integrity, or denial of service on a computer system.

A4:

4. A. Grayhat hackers are individuals who vacillate between ethical and unethical behavior. Answer B is incorrect, as ethical hackers do not violate ethics or laws. Answer C is incorrect because crackers are criminal hackers, and answer D is incorrect, as whitehat hackers are another term for ethical hackers.

A5:

5. B. Obtain written permission to hack. Ethical hackers must always obtain legal, written permission before beginning any security tests. Answers A, C, and D are incorrect because ethical hackers should not hack web servers. They should gather information about the target, but this is not the most important step; obtaining permission is not enough to approve the test and should come in written form.

A6:

6. D. Ethical hackers use the same methods but strive to do no harm. Answers A, B, and C are incorrect because malicious hackers might use the same tools and techniques that ethical hackers do. Malicious hackers might be less advanced as even script kiddies can launch attacks; ethical hackers try not to bring down servers, and they do not steal credit card databases.

   
A7:

7. C. A stolen equipment test is performed to determine what type of information might be found. The equipment could be the CEO's laptop or the organization's backup tapes. Answer A is incorrect as insider attacks seek to determine what malicious insiders could accomplish. Answer B is incorrect, as physical entry attacks seek to test the physical controls of an organization such as doors, locks, alarms, and guards. Answer D is incorrect because outsider attacks are focused on what outsiders can access and, given that access, what level of damage or control they can command.

A8:

8. A. Integrity provides for the correctness of information. Integrity allows users of information to have confidence in its correctness. Integrity can apply to paper documents as well as electronic ones. Answer B is incorrect, as an attack that exposed sensitive information could be categorized as an attack on confidentiality. Answer C is incorrect because availability deals with the issue that services and resources should be available when legitimate users need them. Answer D is incorrect, as authentication is the means of proving someone is who he says he is. Authentication is typically verified by password, pins, tokens, or biometrics.

A9:

9. D. Hactivists seek to promote social change; they believe that defacing websites and hacking servers is acceptable as long as it promotes their goals. Regardless of their motives, hacking remains illegal, and they are subject to the same computer crime laws as any other criminal. Answer A is incorrect, as ethical hackers work within the boundaries of laws and ethics. Answer B is incorrect because grayhat hackers are those individuals who cross the line between legal and questionable behavior. Answer C is incorrect because blackhat hackers are criminal hackers and might be motivated to perform illegal activities for many different reasons.

A10:

10. C. The attack was considered DoS, which targets availability. Although it does not provide the attacker access, it does block legitimate users from accessing resources. Answer A is incorrect, as integrity provides for the correctness of information. Answer B is incorrect, as the confidentiality of information and data was not exposed. Answer D is incorrect because authentication is the means to prove a person's identity. Authentication is typically verified by password, pins, tokens, or bio-metrics.

A11:

11. A. A penetration test can be described as an assessment in which the security tester takes on an adversarial role and looks to see what an outsider can access and control. Answer B is incorrect because a high level evaluation examines policies and procedures; answer C is incorrect because a network evaluation consists of policy review, some scanning, and execution of vulnerability assessment tools. Answer D is incorrect, as a policy assessment is another name for a high level evaluation.

A12:

12. B. There are three components to a security evaluation, which include preparation, conducting the evaluation, and the conclusion. The conclusion is the post assessment period where reports are written and recommendations are made. As the evaluation process is composed of three components, answers A, C, and D are incorrect.

Suggested Reading and Resources

www.eccouncil.org/CEH.htmCEH certification details

www.usdoj.gov/criminal/cybercrime/usc1029.htmU.S. Department of Justice

http://securityfocus.com/news/7771Adrian Lamo NY Times court case

http://tlc.discovery.com/convergence/hackers/articles/history.htmlA history of hackers and hacking

http://searchnetworking.techtarget.com/general/0,295582,sid7_gci1083724,00.htmlGuide to penetration testing

http://www.networkcomputing.com/1201/1201f1b1.htmlVulnerability assessment methodologies

www.pbs.org/wgbh/pages/frontline/shows/cyberwarPBS Cyberwar special on hackers and red teams

www.sandia.gov/media/NewsRel/NR2000/redteam.htmGovernment red teams

http://www.cert.orgVulnerability and exploit information

www.microsoft.com/technet/security/topics/policiesandprocedures/secrisk/srsgch01.mspxRisk management and the role of policies

The Technical Foundations of Hacking

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software



Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net