Module 13: Attackers and Their Tools Quiz Answers

1. What is an example of “hacktivism”?

  • A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
  • A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
  • A country tries to steal defense secrets from another country by infiltrating government networks.
  • Criminals use the Internet to attempt to steal money from a banking company.

Explanation: Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.

2. Which statement describes cybersecurity?

  • It is a framework for security policy development.
  • It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
  • It is a standard-based model for developing firewall technologies to fight against cybercriminals.
  • It is the name of a comprehensive security application for end users to protect workstations from being attacked.

Explanation: Cybersecurity is the ongoing effort to protect Internet-connected network systems and all of the data associated with the systems from unauthorized use or harm.

3. What focus describes a characteristic of an indicator of attack (IOA)?

  • It focuses more on threat avoidance after an attack and the potential cost implications.
  • It focuses more on the risk management strategies after an attack and compromise of systems.
  • It focuses more on the motivation behind an attack and the means used to compromise vulnerabilities to gain access to assets.
  • It focuses more on the mitigation after an attack and the potential compromised vulnerabilities.

Explanation: Indicators of attack (IOA) focus more on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets. IOAs are concerned with the strategies that are used by attackers and can help generate a proactive security approach.

4. What is the motivation of a white hat attacker?

  • discovering weaknesses of networks and systems to improve the security level of these systems
  • fine tuning network devices to improve their performance and efficiency
  • studying operating systems of various platforms to develop a new system
  • taking advantage of any vulnerability for illegal personal gain

Explanation: White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.

5. Which risk management plan involves discontinuing an activity that creates a risk?

  • risk retention
  • risk reduction
  • risk sharing
  • risk avoidance

Explanation: During a risk assessment it may be determined that an activity involves more risk than benefit. In such a situation an organization may decide to avoid the risk altogether by discontinuing the activity. This is known as risk avoidance.

6. Which type of network threat is intended to prevent authorized users from accessing resources?

  • reconnaissance attacks
  • trust exploitation
  • access attacks
  • DoS attacks

Explanation: Network reconnaissance attacks involve the unauthorized discovery and mapping of the network and network systems. Access attacks and trust exploitation involve unauthorized manipulation of data and access to systems or user privileges. DoS, or Denial of Service attacks, are intended to prevent legitimate users and devices from accessing network resources.

7. What security tool allows a threat actor to hack into a wireless network and detect security vulnerabilities?

  • NMap
  • Click fuzzers
  • KisMac
  • SuperScan

Explanation: Aircrack-ng, Kismet, InSSIDer, KisMAC, Firesheep, and NetStumbler are examples of tools used to hack into a wireless network.

8. Which statement describes the term attack surface?

  • It is the network interface where attacks originate.
  • It is the total number of attacks toward an organization within a day.
  • It is the group of hosts that experiences the same attack.
  • It is the total sum of vulnerabilities in a system that is accessible to an attacker.

Explanation: An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker. The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

9. Which risk management strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk?

  • risk avoidance
  • risk transfer
  • risk reduction
  • risk acceptance

Explanation: Risk reduction strategy reduces exposure to risk or reduces the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy. This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk.

10. What characteristic describes script kiddies?

  • inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit
  • hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards
  • hackers who rally and protest against different political and social ideals
  • threat actors who steal government secrets, gather intelligence, and sabotage networks of foreign governments, terrorist groups, and corporations

Explanation: Script kiddies refers to teenagers or inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit.

11. What characteristic describes a gray hat hacker?

  • individuals who commit cyber crimes but not for personal gain or to cause damage
  • individuals who use programming skills for good, ethical, and legal purposes
  • individuals who design risk adoption strategies
  • unethical criminals who violate computer and network security for personal gain or for malicious reasons

Explanation: Gray hat hackers are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage.

12. A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use forensic tools?

  • to reverse engineer binary files when writing exploits and when analyzing malware
  • to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
  • to detect any evidence of a hack or malware in a computer or network
  • to obtain specially designed operating systems preloaded with tools optimized for hacking

Explanation: Ethical hacking involves using many different types of tools to test the network and end devices. To validate the security of a network and its systems, many network penetration testing tools have been developed. These tools are used to test the vulnerability and susceptibility of networks to be cracked, probed, hacked, captured, and hijacked. Many of the tools are Linux or Linux based and can be used by both white and black hats.

13. A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as Nmap, SuperScan, and Angry IP Scanner?

  • to probe network devices, servers, and hosts for open TCP or UDP ports
  • to reverse engineer binary files when writing exploits and when analyzing malware
  • to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
  • to detect any evidence of a hack or malware in a computer or network

Explanation: Ethical hacking involves using many different types of tools to test the network and end devices. Network scanning tools are used to probe network devices, servers, and hosts for open TCP or UDP ports. Examples of scanning tools include Nmap, SuperScan, Angry IP Scanner, and NetScanTools.


guest
0 Comments
Inline Feedbacks
View all comments