Ethical Hacking Phases and Techniques

Questions and Answers

What are the six phases of ethical hacking?

• Scanning, gaining access, maintaining access, compiling reports, tracking
• Researching, scanning, hacking, tracking, reporting
• Reconnaissance, scanning, gaining access, maintaining access, clearing tracks, reporting (correct)
• Gathering information, hacking, cracking, reporting, maintaining access

What is the main aim of ethical hackers?

• To conduct cyber attacks
• To identify vulnerabilities in systems (correct)
• To sell vulnerabilities to black hat hackers
• To create vulnerabilities in systems

What is the purpose of reconnaissance in ethical hacking?

• Launching cyber attacks on the target system
• Creating fake data about the target system
• Encrypting data on the target system
• Gathering information about the target system (correct)

What does foot printing involve in ethical hacking?

Collecting information like domain names and IP addresses (A)

What is the role of fingerprinting in ethical hacking?

Determining the operating system of a target computer (D)

Which tools are commonly used in ethical hacking for reconnaissance and scanning?

Nmap and Metasploit (D)

What is the final phase in the ethical hacking process?

Reporting (B)

Which type of hackers are also known as 'crackers'?

Black hat hackers (A)

What differentiates ethical hackers from black hat hackers?

Ethical hackers work with permission to improve security. (D)

What is the primary objective of ethical hacking?

To enhance security and protect against malicious attacks (B)

In ethical hacking, what does the reconnaissance phase primarily involve?

Gathering information about the target system (D)

What is the significance of fingerprinting in ethical hacking?

Identifying the operating system of a target computer (B)

Which type of hacker is known for carrying out unauthorized activities on systems for personal gain?

Black hat hackers (C)

What is one of the main purposes of foot printing in ethical hacking?

Collecting information like domain names and IP addresses (D)

Which tool is commonly used for information gathering in the reconnaissance phase of ethical hacking?

Nmap (B)

What is a key responsibility of ethical hackers after completing the various phases of hacking?

Clearing tracks to hide their activities (C)

What distinguishes grey hat hackers from other types of hackers?

They operate in a legal gray area. (D)

Why do ethical hackers use tools like Metasploit in their work?

To simulate attacks and test system defenses. (A)

What is the main goal of ethical hackers when using tools like Nmap and Metasploit during the reconnaissance phase?

To identify vulnerabilities in systems (B)

Which of the following methods is NOT part of the reconnaissance phase in ethical hacking?

Gaining access (C)

What type of information is typically collected during foot printing in ethical hacking?

Network configurations (A)

Why is reconnaissance considered a crucial phase in the ethical hacking process?

To gather essential information about the target system (B)

Which method is used by ethical hackers to determine the operating system of a target computer?

Fingerprinting through sniffer traces (A)

What distinguishes the activities of grey hat hackers in comparison to other types of hackers?

They are involved in both ethical and unethical activities (C)

In ethical hacking, what is the primary purpose of maintaining access during the hacking process?

To ensure continuous access after initial entry (C)

What role does reporting play in the ethical hacking process?

To share findings, tools used, vulnerabilities found, and exploit processes (C)

Why is it important for ethical hackers to clear tracks after gaining access to a system?

To ensure that their activities remain undetected (C)

Study Notes

• Hacking originated in the early 1960s at MIT, evolving into a discipline with ethical hacking being a legal form of hacking done with permission.
• Different types of hackers include white hat hackers (ethical hackers), black hat hackers (crackers), grey hat hackers, and suicide hackers/hacktivists.
• Ethical hacking consists of six phases: reconnaissance, scanning, gaining access, maintaining access, clearing tracks, and reporting.
• Reconnaissance involves gathering information about the target system through active and passive methods like foot printing and after foot printing.
• Foot printing involves collecting information like domain names, IP addresses, employee details, and network configurations to understand the target system.
• Fingerprinting in ethical hacking determines the operating system of a target computer through active (crafting packets) and passive (sniffer traces) methods.
• Tools like Nmap and Metasploit are commonly used in ethical hacking for reconnaissance, scanning, and gaining access phases.
• Ethical hackers aim to identify vulnerabilities in systems to enhance security and protect against malicious attacks.
• The ethical hacking process includes compiling a report with findings, tools used, success rate, vulnerabilities found, and exploit processes.
• Detailed examples of how reconnaissance is conducted, including obtaining domain information, IP addresses, network mapping, and using tools like Nmap for information gathering.