Laws
Penetration Testing
Hacker Type
100
True or False: Port scanning a company's network without theirpermission is perfectly legal everywhere.
False
100
You are hired to test a company's security. They give you no network diagrams and or system's source code. What model is this?
Black Box
100
Hacker that discovers a weakness in a bank’s website and secretly sells the information to criminals. What type of hacker is he?
Black Hat Hacker
200
What is the MOST important protection for an ethical hacker?
A Written Contract
200
You are hired to test a company's security. They give you full network diagrams and the system's source code. What model is this?
White Box
200
A hacker that accesses a company’s server without permission to “just poke around” but doesn’t steal anything. What hacker is he?
Grey Hat Hacker
300
What is the primary U.S. federal anti-hacking law?
A. Computer Fraud & Abuse Act (CFAA)
B. The Patriot Act
C. DMCA
A. Computer Fraud & Abuse Act(CFAA)
300
Which of these is not a Penetration Test framework/methodology:
A. OWASP
B. MITRE ATTACK
C. ITIL
C. ITIL (Information Technology Infrastructure Library)
300
Inexperienced hacker that uses pre-written tools.
Script Kiddie
400
Besides federal and state laws, you should also check your _________ before conducting any scanning from home.
A. ISP's Acceptable Use Policy Wrong Credit
B. Score
C. Local Sherriff's Office
A. ISP's Acceptable Use Policy
400
What is the last step in a Penetration Test?
Remediation/Follow Up
400
Hacker that uses Nmap and Metasploit to help organizations identify risks—only after signing a contract.
Ethical Hacker
500
Which of these is ALWAYS illegal when done without permission?
A. Port Scanning
B. Performing a Denial of Service (DoS) attack
C. Pineapple on Pizza
B. Performing a Denial of Service (DoS) attack
500
In a Penetration Test, what step does a hacker find the vulnerability and exposes it?
Exploitation
500
Is Mr. Robot an ethical or non ethical hacker?
Non-Ethical Hacker