What is an event?

What is an incident?

13. Which of the following is not a category of hacker?
a. Gray-hat.
b. White-hat.
c. Code phreak.
d. Script kiddie.

Which of the following is the most common computer attack?
a. Advances Persistent Threat.
b. SQL injection.
c. Man-In-The-Middle.
d. Cross Site Scripting.

Which of the following is a characteristic of Black-box testing?
a. The pentester is familiarized with the network.
b. The pentester has no knowledge of the network.
c. The pentester is an employee of the network.
d. The pentester may not use social engin

Which of the following is an event?
a. An organizations employee loses their laptop with sensitive company information on it.
b. A systems boot sequence continuously fails.
c. A hacker takes down the UC network for 1 hour.
d. A high level employee has a r

Which of the following is an incident?
a. Packet flooding of a network.
b. A companies CEO’s AD account is accessed by an unauthorized user.
c. The CEO’s computer crashes several times in one day.
d. A company’s network experiences unusually high traffic

Which of the following is not an administrative defense against hacking?
a. Guidelines.
b. Policies.
c. Compliance.
d. Rules.

The first worm ever was dispersed in 1988 by:

Which of the following is a characteristic of White-box testing?
a. The pentester is familiarized with the network.
b. The pentester has no knowledge of the network.
c. The pentester is an employee of the network.
d. The pentester must use social engineer

Which of the following is an event?
a. An organizations employee loses their laptop with sensitive company information on it.
b. A systems boot sequence continuously fails.
c. A hacker takes down the UC network for 1 hour.
d. A high level employee has a r

Network perimeter identification of incidents occurs in all of the following except:
a. DMZ Systems.
b. Firewalls.
c. IDS/IPS.
d. Access Points.

Which of the following is not a physical defense against hacking?
a. Cameras.
b. Lighting.
c. Guards.
d. Biometrics.

Which of the following is a target of foot printing?
a. Possible exploits.
b. Network ranges.
c. Web-server user accounts.
d. The CEO’s license plate number.

Penetration testing process:
a. Planning, Discovery, Attack, Reporting.
b. Discovery, Planning, Attack, Reporting.
c. Attack, Reporting, Discovery, Planning.
d. Attack, Discovery, Planning, Reporting.

Which of the following is the correct plan for reaction to adverse events?
a. Preparation, Detection, Containment, Eradication, Recovery, Follow-Up.
b. Detection, Eradication, Containment, Recovery, Follow-Up, Preparation.
c. Preparation, Detection, Eradi

Host identification of incidents occurs in all of the following except
a. Anti-Virus software.
b. Local firewalls.
c. User noticing “strange activity”.
d. Operating system log.

Which of the following is not a hacker fallacy?
a. Not-Mine-Don’t-Care.
b. No-Harm-Done.
c. Computer-Game.
d. Candy-From-A-Baby.

Of the following which is a technique of using a modem to scan a list of telephone numbers, dialing every number in an area code to search for computers, Bulletin board systems, and fax machines?
a. Algorithm automation.
b. Algorithm kitting.
c. War drivi

Which of the following is not a port scanning countermeasure?
a. Full network DMZ.
b. White Listing.
c. Security Awareness Training.
d. Port Scanning.

What are some types of events that are logged into a computer? (Name 4)

To further investigate an incident a system back-up should be made during which phase?
a. Detection.
b. Preparation.
c. Containment.
d. Recovery.

Which of the following is not a motivation to hack?
a. Hacktivism.
b. Fun.
c. Money.
d. Charity.

Of the following applications, which one is an example of a data-sending Trojan?
a. SubSixes
b. Siera Spy Generator
c. Fireeater 2000
d. eBlaster

Which of the following is not a penetration tester attack?
a. Insider Attack.
b. Stolen Equipment Attack.
c. APT Attack.
d. Social Engineering Attack.