Introduction

1. If you have been contracted to perform an attack against a target system, you are what type of hacker?

• A) White hat
• B) Gray hat
• C) Black hat
• D) Red hat

---

2. Which of the following describes an attacker who goes after a target to draw attention to a cause?

• A) Terrorist
• B) Criminal
• C) Hacktivist
• D) Script kiddie

---

3. What level of knowledge about hacking does a script kiddie have?

• A) Low
• B) Average
• C) High
• D) Advanced

---

4. Which of the following does an ethical hacker require to start evaluating a system?

• A) Training
• B) Permission
• C) Planning
• D) Nothing

---

5. A white-box test means the tester has which of the following?

• A) No knowledge
• B) Some knowledge
• C) Complete knowledge
• D) Permission

---

6. Which of the following describes a hacker who attacks without regard for being caught or punished?

• A) Hacktivist
• B) Terrorist
• C) Criminal
• D) Suicide hacker

---

7. What is a code of ethics?

• A) A law for expected behavior
• B) A description of expected behavior
• C) A corporate policy
• D) A standard for civil conduct

---

8. The group Anonymous is an example of what?

• A) Terrorists
• B) Script kiddies
• C) Hacktivists
• D) Grayware

---

9. Companies may require a penetration test for which of the following reasons?

• A) Legal reasons
• B) Regulatory reasons
• C) To perform an audit
• D) To monitor network performance

---

10. What should a pentester do prior to initiating a new penetration test?

• A) Plan
• B) Study the environment
• C) Get permission
• D) Study the code of ethics

---

11. Which of the following best describes what a hacktivist does?

• A) Defaces websites
• B) Performs social engineering
• C) Hacks for political reasons
• D) Hacks with basic skills

---

12. Which of the following best describes what a suicide hacker does?

• A) Hacks with permission
• B) Hacks without stealth
• C) Hacks without permission
• D) Hacks with stealth

---

13. Which type of hacker may use their skills for both benign and malicious goals at different times?

• A) White hat
• B) Gray hat
• C) Black hat
• D) Suicide hacker

---

14. What separates a suicide hacker from other attackers?

• A) A disregard for the law
• B) A desire to be helpful
• C) The intent to reform
• D) A lack of fear of being caught

---

15. Which of the following would most likely engage in the pursuit of vulnerability research?

• A) White hat
• B) Gray hat
• C) Black hat
• D) Suicide hacker

---

16. Vulnerability research deals with which of the following?

• A) Actively uncovering vulnerabilities
• B) Passively uncovering vulnerabilities
• C) Testing theories
• D) Applying security guidance

---

17. How is black-box testing performed?

• A) With no knowledge
• B) With full knowledge
• C) With partial knowledge
• D) By a black hat

---

18. A contract is important because it does what?

• A) Gives permission
• B) Gives test parameters
• C) Gives proof
• D) Gives a mission

---

19. What does TOE stand for?

• A) Target of evaluation
• B) Time of evaluation
• C) Type of evaluation
• D) Term of evaluation

---

20. Which of the following best describes a vulnerability?

• A) A worm
• B) A virus
• C) A weakness
• D) A rootkit