Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Ethical Hacking Ch.1 Overview test with complete verified solutions.docx
Typology: Exams
1 / 5
black box model - answer A model for penetration testing in which management doesn't divulge to IT security personnel that testing will be conducted or give the testing team a description of the network topology. In other words, testers are on their own. Certified Ethical Hacker (CEH) - answer A certification designated by the EC-Council.
Certified Information Systems Security Professional (CISSP) - answer Non-vendor- specific certification issued by the International Information Systems Security Certification Consortium, Inc. (ISC2). crackers - answer Hackers who break into systems with the intent of doing harm or destroying data. ethical hackers - answer Users who attempt to break into a computer system or network with the owner's permission. Global Information Assurance Certification (GIAC) - answer An organization founded by the SANS Institute in 1999 to validate the skills of security professionals. GIAC certifications encompass many areas of expertise in the security field. gray box model - answer A hybrid of the black box and white box models for
penetration testing. In other words, the company might give a tester some information about which OSs are running but not provide any network topology information (diagrams of routers, switches, intrusion detection systems, firewalls, and so forth). hacker - answer A user who attempts to break into a computer system or network without authorization from the owner. Institute for Security and Open Methodologies (ISECOM) - answer A nonprofit organization that provides training and certification programs for security professionals. Open Source Security Testing Methodology Manual (OSSTMM) - answer This security manual developed by Peter Herzog has become one of the most widely used security-testing methodologies to date.
OSSTMM Professional Security Tester (OPST)
scripts or programs written by others to penetrate networks. security test - answer In this test, security professionals do more than attempt to break into a network; they also analyze security policies and procedures, report vulnerabilities to management, and recommend solutions. SysAdmin, Audit, Network, Security (SANS) Institute - answer Founded in 1989, this organization conducts training worldwide and offers multiple certifications through GIAC in many aspects of computer security and forensics. white box model - answer A model for penetration testing in which testers can speak with company staff and are given a full description of the network topology and technology.