Which of the following describes an instance of legal hacking?

The option that describes an instance of legal hacking is:

Penetration testing for a company.

Penetration testing is a legal and authorized activity where security professionals assess a company's systems for vulnerabilities, typically with the company's consent.

What is NOT true of white hat hackers?

options:

They are breaking the law and are at risk of legal repercussions.
They are breaking the law and are at risk of legal repercussions.

They contribute to robust security systems.
They contribute to robust security systems.

They alert companies of security vulnerabilities.
They alert companies of security vulnerabilities.

They use the same methods as black hat hackers.

The statement that is NOT true of white hat hackers is:

They are breaking the law and are at risk of legal repercussions.

White hat hackers operate legally and with permission, typically working to improve security rather than breaking the law.

It is legal to practice hacking websites as long as you are a student learning about cybersecurity

true or false

False.

It is not legal to practice hacking on websites without explicit permission from the owner, regardless of whether you are a student learning about cybersecurity. Unauthorized access to computer systems, even for educational purposes, can lead to legal repercussions. Ethical hacking should only be performed within the bounds of the law, typically under a structured environment (like a lab or a platform designed for training) or with proper authorization.

Alice is buying books from an online retail site, and she finds that she is able to change the price of a book from $19.99 to $1.99.

Which part of the CIA triad has been broken?

In this scenario, the part of the CIA triad that has been broken is Integrity.

Integrity refers to the accuracy and reliability of data. By being able to change the price of a book from $19.99 to $1.99, Alice has compromised the integrity of the pricing information on the website. This could lead to unauthorized discounts and impact the retailer's ability to conduct business fairly.

In cybersecurity, what does CIA stand for?

In cybersecurity, CIA stands for Confidentiality, Integrity, and Availability.

These three principles form the core framework for information security and are designed to protect data:

• Confidentiality ensures that sensitive information is only accessible to authorized individuals and entities.
• Integrity ensures that data remains accurate and unaltered by unauthorized users, safeguarding it from unauthorized modifications.
• Availability ensures that information and resources are accessible to authorized users when needed.

Together, these principles help to maintain the security and trustworthiness of information systems.

Which of the following are best practices for having a secure password

options:

Creating a password that is long in length.
Creating a password that is long in length.

Creating a password that has a combination of letters, numbers, and special characters.
Creating a password that has a combination of letters, numbers, and special characters.

Using a password manager.
Using a password manager.

All of the above.

The correct answer is:

All of the above.

All the listed options are best practices for creating and managing secure passwords:

1. Creating a password that is long in length – Longer passwords are generally more secure.
2. Creating a password that has a combination of letters, numbers, and special characters – This complexity makes passwords harder to guess or crack.
3. Using a password manager – Password managers help in generating and storing complex passwords securely, reducing the temptation to reuse passwords or use simpler ones.

Implementing all of these practices contributes significantly to password security.