Free Essay

Certified Ethical Hacker

In: Computers and Technology

Submitted By bhavikkk
Words 1963
Pages 8
http://www.ipass4sure.com

312-50
ECCouncil
Certified Ethical Hacker

http://www.ipass4sure.com/exams.asp?examcode=312-50

The 312-50 practice exam is written and formatted by Certified Senior IT Professionals working in today's prospering companies and data centers all over the world! The 312-50 Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently. The 312-50 exam is very challenging, but with our 312-50 questions and answers practice exam, you can feel confident in obtaining your success on the 312-50 exam on your FIRST TRY! ECCouncil 312-50 Exam Features - Detailed questions and answers for 312-50 exam - Try a demo before buying any ECCouncil exam - 312-50 questions and answers, updated regularly - Verified 312-50 answers by Experts and bear almost 100% accuracy - 312-50 tested and verified before publishing - 312-50 exam questions with exhibits - 312-50 same questions as real exam with multiple choice options Acquiring ECCouncil certifications are becoming a huge task in the field of I.T. More over these exams like 312-50 exam are now continuously updating and accepting this challenge is itself a task. This 312-50 test is an important part of ECCouncil certifications. We have the resources to prepare you for this. The 312-50 exam is essential and core part of ECCouncil certifications and once you clear the exam you will be able to solve the real life problems yourself.Want to take advantage of the Real 312-50 Test and save time and money while developing your skills to pass your ECCouncil 312-50 Exam? Let us help you climb that ladder of success and pass your 312-50 now!

312-50

QUESTION 1: What is the essential difference between an 'Ethical Hacker' and a 'Cracker'? A. The ethical hacker does not use the same techniques or skills as a cracker. B. The ethical hacker does it strictly for financial motives unlike a cracker. C. The ethical hacker has authorization from the owner of the target. D. The ethical hacker is just a cracker who is getting paid. Answer: C Explanation: The ethical hacker uses the same techniques and skills as a cracker and the motive is to find the security breaches before a cracker does. There is nothing that says that a cracker does not get paid for the work he does, a ethical hacker has the owners authorization and will get paid even if he does not succeed to penetrate the target. QUESTION 2: What does the term "Ethical Hacking" mean? A. Someone who is hacking for ethical reasons. B. Someone who is using his/her skills for ethical reasons. C. Someone who is using his/her skills for defensive purposes. D. Someone who is using his/her skills for offensive purposes. Answer: C Explanation: Ethical hacking is only about defending your self or your employer against malicious persons by using the same techniques and skills. QUESTION 3: Who is an Ethical Hacker? A. A person whohacksfor ethical reasons B. A person whohacksfor an ethical cause C. A person whohacksfor defensive purposes D. A person whohacksfor offensive purposes Answer: C Explanation: The Ethical hacker is a security professional who applies his hacking skills for defensive purposes.

312-50 QUESTION 4: What is "Hacktivism"? A. Hacking for a cause B. Hacking ruthlessly C. An association which groups activists D. None of the above Answer: A Explanation: The term was coined by author/critic Jason Logan Bill Sack in an article about media artist Shu Lea Cheang. Acts of hacktivism are carried out in the belief that proper use of code will have leveraged effects similar to regular activism or civil disobedience. QUESTION 5: Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply) A. CHAT rooms B. WHOIS database C. News groups D. Web sites E. Search engines F. Organization's own web site Answer: A, B, C, D, E, F Explanation: A Security tester should search for information everywhere that he/she can access. You never know where you find that small piece of information that could penetrate a strong defense. QUESTION 6: What are the two basic types of attacks?(Choose two. A. DoS B. Passive C. Sniffing D. Active E. Cracking Answer: B, D

312-50

Explanation: Passive and active attacks are the two basic types of attacks. QUESTION 7: You are footprinting Acme.com to gather competitive intelligence. You visit the acme.com websire for contact information and telephone number numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve information from the website that is outdated? A. Visit google search engine and view the cached copy. B. Visit Archive.org site to retrieve the Internet archive of the acme website. C. Crawl the entire website and store them into your computer. D. Visit the company's partners and customers website for this information. Answer: B Explanation: The Internet Archive ( IA) is a non-profit organization dedicated to maintaining an archive of Web and multimedia resources. Located at the Presidio in San Francisco, California, this archive includes "snapshots of the World Wide Web" (archived copies of pages, taken at various points in time), software, movies, books, and audio recordings (including recordings of live concerts from bands that allow it). This site is found at www.archive.org. QUESTION 8: User which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud? A. 18 U.S.C 1029 Possession of Access Devices B. 18 U.S.C 1030 Fraud and related activity in connection with computers C. 18 U.S.C 1343 Fraud by wire, radio or television D. 18 U.S.C 1361 Injury to Government Property E. 18 U.S.C 1362 Government communication systems F. 18 U.S.C 1831 Economic Espionage Act G. 18 U.S.C 1832 Trade Secrets Act Answer: B Explanation: http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html QUESTION 9:

312-50 Which of the following activities will NOT be considered as passive footprinting? A. Go through the rubbish to find out any information that might have been discarded. B. Search on financial site such as Yahoo Financial to identify assets. C. Scan the range of IP address found in the target DNS database. D. Perform multiples queries using a search engine. Answer: C Explanation: Passive footprinting is a method in which the attacker never makes contact with the target systems. Scanning the range of IP addresses found in the target DNS is considered making contact to the systems behind the IP addresses that is targeted by the scan. QUESTION 10: Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic? A. Network aliasing B. Domain Name Server (DNS) poisoning C. Reverse Address Resolution Protocol (ARP) D. Port scanning Answer: B Explanation: This reference is close to the one listed DNS poisoning is the correct answer. This is how DNS DOS attack can occur. If the actual DNS records are unattainable to the attacker for him to alter in this fashion, which they should be, the attacker can insert this data into the cache of there server instead of replacing the actual records, which is referred to as cache poisoning. QUESTION 11: You are footprinting an organization to gather competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but not it is not there. How would it be possible for you to retrieve information from the website that is outdated? A. Visit google's search engine and view the cached copy. B. Visit Archive.org web site to retrieve the Internet archive of the company's website. C. Crawl the entire website and store them into your computer.

312-50 D. Visit the company's partners and customers website for this information. Answer: B Explanation: Archive.org mirrors websites and categorizes them by date and month depending on the crawl time. Archive.org dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the websiteis incorrect because that's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, archive.org QUESTION 12: A Certkiller security System Administrator is reviewing the network system log files. He notes the following: - Network log files are at 5 MB at 12:00 noon. - At 14:00 hours, the log files at 3 MB. What should he assume has happened and what should he do about the situation? A. He should contact the attacker's ISP as soon as possible and have the connection disconnected. B. He should log the event as suspicious activity, continue to investigate, and take further steps according to site security policy. C. He should log the file size, and archive the information, because the router crashed. D. He should run a file system check, because the Syslog server has a self correcting file system problem. E. He should disconnect from the Internet discontinue any further unauthorized use, because an attack has taken place. Answer: B Explanation: You should never assume a host has been compromised without verification. Typically, disconnecting a server is an extreme measure and should only be done when it is confirmed there is a compromise or the server contains such sensitive data that the loss of service outweighs the risk. Never assume that any administrator or automatic process is making changes to a system. Always investigate the root cause of the change on the system and follow your organizations security policy. QUESTION 13: To what does "message repudiation" refer to what concept in the realm of email security? A. Message repudiation means a user can validate which mail server or servers a message was passed through.

Pass4sure Certification Exam Features;
Pass4sure offers over 2500 Certification exams for professionals. More than 98,800 Satisfied Customers Worldwide. Average 99.8% Success Rate. Over 120 Global Certification Vendors Covered. Services of Professional & Certified Experts available via support. Free 90 days updates to match real exam scenarios. Instant Download Access! No Setup required. Price as low as $19, which is 80% more cost effective than others. Verified answers researched by industry experts. Study Material updated on regular basis. Questions / Answers are downloadable in PDF format. Mobile Device Supported (Android, iPhone, iPod, iPad) No authorization code required to open exam. Portable anywhere. Guaranteed Success. Fast, helpful support 24x7.

View list of All certification exams offered; http://www.ipass4sure.com/allexams.asp View list of All Study Guides (SG); http://www.ipass4sure.com/study-guides.asp View list of All Audio Exams (AE); http://www.ipass4sure.com/audio-exams.asp Download Any Certication Exam DEMO. http://www.ipass4sure.com/samples.asp To purchase Full version of exam click below; http://www.ipass4sure.com/allexams.asp
3COM CompTIA Filemaker ADOBE ComputerAssociates Fortinet APC CWNP Foundry Apple DELL Fujitsu BEA ECCouncil GuidanceSoftware BICSI EMC HDI CheckPoint Enterasys Hitachi Cisco ExamExpress HP Citrix Exin Huawei CIW ExtremeNetworks Hyperion and many others.. See complete list Here IBM IISFA Intel ISACA ISC2 ISEB ISM Juniper Legato Lotus LPI McAfee McData Microsoft Mile2 NetworkAppliance Network-General Nokia Nortel Novell OMG Oracle PMI Polycom RedHat Sair SASInstitute SCP See-Beyond Google Sun Sybase Symantec TeraData TIA Tibco TruSecure Veritas Vmware

Similar Documents

Free Essay

Ceh Course

...defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50 Who Should Attend This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Duration 5 days (9:00 – 5:00) Certification The Certified Ethical Hacker exam 312-50 may be taken on the last day of the training (optional). Students need to pass the online Prometric exam to receive CEH certification. Page 2 EC-Council Legal Agreement Ethical Hacking and Countermeasures course mission is to educate, introduce and demonstrate hacking tools for penetration testing purposes only. Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these...

Words: 458 - Pages: 2

Premium Essay

Ethical Hacking

...Ethical Hacking – Is There Such A Thing? Alexander Nevermind Nelson Stewart, PhD CIS 324 December 9, 2011 ABSTRACT ------------------------------------------------- When someone hears the word hacker, many things come to mind. Bad, thief, terrorist, crook and unethical are some words that may be used to describe a hacker. The reputation of a hacker is well deserved as many company networks have been compromised with viruses and spyware causing untold millions in damage, the theft of sensitive consumer information such as Social Security numbers and financial data and the unauthorized access of classified government information. To combat these issues, many companies employ individuals called ethical hackers who, by their direction and supervision look for vulnerabilities in network systems. There are naysayers who bristle at the term “ethical hacker” saying that a hacker is a hacker but those who hold such views could be missing the point. These subjects will be discussed in detail later in the text. ------------------------------------------------- Is there such a thing as “Ethical Hacking?” Define ethical hacking and support an argument in favor or against the concept. Consider who might believe/use ethical hacking and discuss if hacking, even for the purpose of protecting human rights, is ethical. You should extend the paper beyond the topics suggested in the questions within the paper description. Ethical hacking does exist, in fact, companies...

Words: 904 - Pages: 4

Premium Essay

Security Analyst

...Contents 1. Introduction 2. Assessment Test 3. Chapter 1: Getting Started with Ethical Hacking 1. Hacking: A Short History 2. What Is an Ethical Hacker? 3. Summary 4. Exam Essentials 5. Review Questions 4. Chapter 2: System Fundamentals 1. Exploring Network Topologies 2. Working with the Open Systems Interconnection Model 3. Dissecting the TCP/IP Suite 4. IP Subnetting 5. Hexadecimal vs. Binary 6. Exploring TCP/IP Ports 7. Understanding Network Devices 8. Working with MAC Addresses 9. Intrusion Prevention and Intrusion Detection Systems 10. Network Security 11. Knowing Operating Systems 12. Backups and Archiving 13. Summary 14. Exam Essentials 15. Review Questions 5. Chapter 3: Cryptography 2 1. Cryptography: Early Applications and Examples 2. Cryptography in Action 3. Understanding Hashing 4. Issues with Cryptography 5. Applications of Cryptography 6. Summary 7. Exam Essentials 8. Review Questions 6. Chapter 4: Footprinting and Reconnaissance 1. Understanding the Steps of Ethical Hacking 2. What Is Footprinting? 3. Terminology in Footprinting 4. Threats Introduced by Footprinting 5. The Footprinting Process 6. Summary 7. Exam Essentials 8. Review Questions 7. Chapter 5: Scanning Networks 1. What Is Network Scanning? 2. Checking for Live Systems 3. Checking for Open Ports 4. Types of Scans 5. OS Fingerprinting 6. Banner Grabbing 7. Countermeasures 8. Vulnerability Scanning 9. Drawing Network Diagrams 10. Using Proxies 11. Summary 12. Exam Essentials 13. Review Questions...

Words: 71242 - Pages: 285

Free Essay

Compare and Contrast Hackers, Crackers & Ceh

...others testing the boundaries is given the moniker “hacker," their mens rea is not malicious they simply seek to test, identify and communicate weaknesses in technology systems. The hacker label contrasts with "cracker" who seeks to discover weaknesses for personal or financial gain and is certainly malicious. Newer to the world of hackers and crackers is the certified ethical hacker. The EC-Council, responsible for the certified ethical hacker certification, distances itself from both labels and the negative connotations associated. This document will offer a comparison of crackers, hackers and the certified ethical hacker. The term hacker is said to have evolved out of MIT’s computer culture when the Tech Model Railroad Club hacked model trains to make them run faster. As Universities across the country embraced the hacker concept they remained isolated until the first year of ARPAnet in 1969, “the first transcontinental, high-speed computer network” ("Early Hackers," n.d., para. 3). For better or for worse, hacker has had quite a public history; it is the preferred label describing all activities from security research through credit card theft. For this reason, true hackers consider themselves “interested in the arcane and recondite workings of any computer operating system…Hackers constantly seek further knowledge, freely share what they have discovered, and never intentionally damage data.” ("Difference between hackers and crackers," n.d., para. 5) This definition is...

Words: 880 - Pages: 4

Free Essay

Ethical Hacking

...Topic #2 Research Topic – Ethical Hacking 1. http://www.networkworld.com/news/2009/042409-usenix-hacking.html This is a Network World article talking about the legal risks of ethical hacking. The article talks about whether or not ethical hackers risk prosecution themselves. The articles discusses developing a set of ethical guidelines that can be shown to the government when and if they starting taking a greater role in oversight. It mentions that it might be a good idea to work with law enforcements when it comes to ethical hacking. 2. https://www.eccouncil.org/certification/certified_ethical_hacker.aspx This site provides information about becoming a certified ethical hacker. The group doing the certifying is the International Council of E-Commerce Consultants (EC-Council). This is a member-based organization that certifies individuals in various e-business and information security skills. The site provides a great FAQ, exam info, where to get training, and the path to get certified as an ethical hacker. 3. http://www.go4expert.com/forums/forumdisplay.php?f=55 This is a great online forum for those who are ethical hackers, or interested in becoming one. The page warns that the forum is only for ethical or as a learning purpose. It gives many tips, tricks, and tutorials share amongst other ethical hackers in this online community. 4. http://www.purehacking.com/ This company offers penetration testing and other ethical hacking services for a company...

Words: 339 - Pages: 2

Free Essay

Hackers: Scourge of the Internet, or Information Superhero?

...Hackers: Scourge of the Internet, or Information Superhero? Kyle Gonzalez ITT Technical Institute Introduction “And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencys is sought... a bored is found.” – Hackers Manifesto It can be seen all over the news. Visa and PayPal taken offline by hackers, Sony’s PlayStation Network brought to its knees, a cyber defense contractor named Stratfor had its servers hacked and corporate emails leaked. Everything that people know about hacking can be summed up in news articles written by the uninformed. Hacking is bad, and there is no arguing that… Or is there? Most of what people know of hacking comes from the news or Hollywood movies such as Hackers and Swordfish. What they see is only one facet of this fascinating, yet misunderstood world. Hacking is not the evil act that some make it out to be. Hacking can also be a good thing. Enter the White Hat, or Ethical Hackers. These are the network security professionals in which no movies are based. Ethical hacking is used to help analyze networks for security flaws, stop attacks in progress and help keep companies in compliance with government regulations such as PCI or SOX. What is Ethical Hacking? Ethical hacking sounds like an oxymoron, but it does exist and is a very handsomely paying career field. The average ethical hacker can make anywhere...

Words: 2096 - Pages: 9

Premium Essay

Ethical Hacking

...Ethical Hacking 1 Running head: ETHICAL HACKING: Teaching Students to Hack Ethical Hacking: Teaching Students to Hack Regina D. Hartley East Carolina University Ethical Hacking 2 Abstract One of the fastest growing areas in network security, and certainly an area that generates much discussion, is that of ethical hacking. The purpose of this study is to examine the literature regarding how private sectors and educational institutions are addressing the growing demand for ethical hacking instruction. The study will also examine the opportunity for community colleges in providing this type of instruction. The discussion will conclude with a proposed model of ethical hacking instruction that will be used to teach a course in the summer semester of 2006 through the continuing education department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically...

Words: 6103 - Pages: 25

Free Essay

Hacking

...Certified Ethical Hacking - The 5 phases Every Hacker Must Follow The 5 Phases Every Hacker Must Follow Originally, to “hack” meant to possess extraordinary computer skills to extend the limits of computer systems. Hacking required great proficiency. However, today there are automated tools and codes available on the Internet that makes it possible for anyone with a will and desire, to hack and succeed. Mere compromise of the security of a system does not denote success. There are websites that insist on “taking back the net” as well as those who believe that they are doing all a favor by posting the exploit details. These can act as a detriment and can bring down the skill level required to become a successful attacker. The ease with which system vulnerabilities can be exploited has increased while the knowledge curve required to perform such exploits has shortened. The concept of the elite/super hacker is an illusion. However, hackers are generally intelligent individuals with good computer skills, with the ability to create and explore into the computer’s software and hardware. Their intention can be either to gain knowledge or to dig around to do illegal things. Attackers are motivated by the zeal to know more while malicious attackers would intend to steal data. In general, there are five phases in which an intruder advances an attack: 1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Covering Tracks For More Informaton contact EC-Council – (505)341-3228...

Words: 2322 - Pages: 10

Premium Essay

Ethical Hacking

...------------------------------------------------- When someone hears the word hacker, many things come to mind. Bad, thief, terrorist, crook and unethical are some words that may be used to describe a hacker. The reputation of a hacker is well deserved as many company networks have been compromised with viruses and spyware causing untold millions in damage, the theft of sensitive consumer information such as Social Security numbers and FINANCIAL data and the unauthorized access of classified government information. To combat these issues, many companies employ individuals called ethical hackers who, by their direction and supervision look for vulnerabilities in network systems. There are naysayers who bristle at the term “ethical hacker” saying that a hacker is a hacker but those who hold such views could be missing the point. These subjects will be discussed in detail later in the text. ------------------------------------------------- Is there such a thing as “Ethical Hacking?” Define ethical hacking and support an argument in favor or against the concept. Consider who might believe/use ethical hacking and discuss if hacking, even for the purpose of protecting human rights, is ethical. You should extend the paper beyond the topics suggested in the questions within the paper description. Ethical hacking does exist, in fact, companies employ individuals to attempt to penetrate networks and/or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer...

Words: 271 - Pages: 2

Free Essay

Ceh Practice Exam

...than 8 characters long. Question: 3 Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply). A. Linux passwords can be encrypted with MD5 B. Linux passwords can be encrypted with SHA C. Linux passwords can be encrypted with DES D. Linux passwords can be encrypted with Blowfish E. Linux passwords are encrypted with asymmetric algrothims Answer: A, C D Explanation: Linux passwords can be encrypted with several types of hashing algorithms. These include SHQ, MD5, and Blowfish. Question: 4 What are the two basic types of attacks?(Choose two. A. DoS B. Passive C. Sniffing D. Active Exam Name: Certified Ethical Hacker Exam Type: EC-Council Exam Code: 312-50 Total Questions: 255 Page 2 of 77 E. Cracsheets Answer: B, D Explanation: Passive and active attacks are the two basic types of attacks. Question: 5 Sniffing is considered an active attack. A. True...

Words: 2821 - Pages: 12

Premium Essay

Ethical Hacking

...2014 Ethical Hacking Ethical hacking is used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker works passed the system security to detect the vulnerabilities or weak points of a company’s network. Then this type of information is used to improve the company’s network from the bad hackers who exploit the company in a destructive way. In 1960s, U.S military began testing their own IT systems, but when Dan Farmer a security expert from San Francisco and a security programmer at the Netherlands University of Eindhoven had posted the techniques they used to gather information to the Usenet, that could have compromised the security of a number of target networks(Langely). Their goal was to raise the overall level of security on the internet. Dan farmer and Eindhoven were elected to share their work freely on the internet for others to learn. Eventually, they gather up the work they used and developed a program called Security Analysis Tool for Auditing Networks (Langely). This tool is used to perform an audit of the vulnerabilities of the system and how to eliminate the problem. The concept of ethical hacking started emerging in 1993 (Langely). According to some, ethical hacking does not exist and they feel hacking is just hacking, no matter how you put it. Therefore the one that is doing the hacking is a computer criminal. This is not the case, so in order for hacking it to be “ethical “you...

Words: 589 - Pages: 3

Premium Essay

Tesla Ratio

...Industry Analysis: Information Technology Information Assurance Cyber Defense Consulting I currently work for the Department of Defense as a military Cyber Warfare Officer. I am an EC-Council Certified Ethical Hacker (CEH) and Certified Network Defense Architect (CNDA). Barriers to entry: There are no extreme barriers to entry in the IT protection consulting industry. A firm will need a strong qualified staff that has not only the certifications and credentials to back up the proposed scope of work that is pitched to potential clients, but the skills and experience to execute the services advertised. The IT Information Assurance consulting field does not take a great deal of capitol to start up, but with the wave of these new firms entering the sector, it can be challenging to ascertain new clients. Barriers to exit: As with entry into the field of Cyber defense consulting, exiting this industry would not be difficult either. The only challenge that a firm might have with exiting the industry would be the ongoing investment of helping a company protect its information. If you have a running contract or agreement with a company and are currently providing them with defensive cyber operations (information assurance) services, then severing those ties may leave the client vulnerable to hackers or spillage of information. This could be mitigated by only providing consulting work, not touch labor. Customer Buying Power: The Cyber Defense industry’s buying power is increasing daily...

Words: 626 - Pages: 3

Premium Essay

It590 Journal 4

...difference between phishing and spear-phishing. Phishing is when a large scale of information is capture from various computer users. Spear-phishing is when they go through email address to select a particular group of recipients to target. I learned that you can still make money even when you are a cyber-criminal. However, it is kind of a good choice to make to give to companies that are looking for a protection shield. I had already learned about online voting which could be a quicker way to save time on manual counting. In conclusion, I have learned a variety of information that could carry me forward with my education of learning something new every time. Knowing that you can become a hacker and not charge for a crime is a serious matter. However, they must be known for an ethical hacker to be able to be...

Words: 273 - Pages: 2

Premium Essay

Understanding Port Scans and Ping Sweeps

...over recent years. At the same time, the security has become one of the major concerns in any company since there are a lot of techniques used by hackers to gain control of a PC system or a network. Furthermore, understanding of network computer activities such as port scans and ping sweeps not only helps to prevent any unauthorized accessed to the company system, but also helps to reduce the chance of being hacked. Generally speaking, ping sweep is a technique of sending multiple ICMP (Internet Control Message Protocol) packets to a target network by an attacker to identify any possible alive IP addresses on a particular network. An attacker is usually using an automated ping sweep tools such as fping and nmap to determine which IP addresses don’t have any network block on them (Preetham, 2002). In other words, by using ping sweep the attacker can not only to obtain an active IP address but also initiate a possible attack on that IP address and gain access to the valuable information. Needless to say that an IT administrator needs to be able to detect pings sweeps before the attacker can get any access to the company`s network. In addition to ping sweep, another technique such as port scan can be used by the attacker to determine open ports and running services on a targeted computer system. In fact, by scanning open ports, a hacker gets enough knowledge of the targeted system such as what operation system is installed and what applications or services...

Words: 577 - Pages: 3

Premium Essay

Unit 8 Lab Questions

...rigorous quantitative modeling methods are needed. The likelihood of a system being compromised depends on the probability that a newly discovered vulnerability will be exploited. Thus, the risk is better represented by the vulnerabilities which are not yet discovered and the vulnerability discovery rate rather than by the vulnerabilities that have been already discovered in the past and remedied by patches. 7. Based on the fundamental principle that prevention is better than cure, penetration testing (pen testing) is essentially an information assurance activity to determine if information is appropriately secured. Conducted by penetration testers, sometimes referred to as ‘white hats' or ethical hackers, they use the same tools and techniques as the bad guys (‘black hat hackers'), but in a...

Words: 489 - Pages: 2