1. List the five steps of the hacking process.
Ans:
Foot printing
Scanning and Enumeration
System Hacking
Deploy Payload cover tracks
2. In order to exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior devising an attack and penetration test plan?
Ans: Reconnaissance
3. What application and tools can be used to perform this initial reconnaissance and probing step?
Ans: Google hacking site
4. How can social engineering be sued to gather information or data about the organizations IT infrastructure?
Ans: social engineering is a type of information gathering, social engieneering can include, impersonation of someone over the phone, sending emails or IM chats asking for information, phishing can be used to gather information that can be used to gain access to secure systems or information.
5. What does the Enumeration step of the five step hacking process entail and how is it vital to the hacker’s objective?
Ans: this portion of an attack involves actual interaction with the target, the attack is getting information back from the target at this point, it is vital because the target is returning information such as usernames group and share names. This information is useful because the attacker now know what kind of information they can extract and if it is valuable or not.
6. Explain how an attacker will avoid being detected following a successful penetration attack?
Ans: cover their tracks buy purging the attack system to destroy evidence of the crime
7. What method does an attacker use to regain access to an already penetrated system?
Ans: planting a backdoor will allow a hacker to regain access to an already hacked system for later use if needed.
8. As a security professional, you have been asked to perform an intrusive penetration test which involves cracking into the organization’s WLAN for