23
Python
Which of the following answers refers to a cross-platform, general-purpose programming language?
FTKImager
Which of the following answers refers to a tool for creating forensic images of computer data?
Wireshark
Which of the following answers refers to an advanced cross-platform packet-capturing tool equipped with a Graphical User Interface (GUI)
Autopsy
Which of the following answers refers to an open-source forensics platform that allows to examine the contents of a hard drive or mobile device and recover evidence from it?
Logger
Which of the following commands enables adding messages to the /var/log/syslog file in Linux?
Tail
Which of the following commands in Linux displays the last part (by default its 10 last lines) of a file?
Memdump
Which of the following forensic utilities enables the extraction of RAM contents?
tcpdump
Which of the following is a Command-Line Interface (CLI) packet-capturing tool used in Unix-like operating systems?
Tcpreplay
Which of the following tools enables sending custom packets that can be used to evaluate the security of a network device?
The Diamond Model of Intrusion Analysis
a methodology framework for intrusion analysis developed by U.S. government intelligence community?
WinHex
a multi-function disk and binary data editor used for low-level data processing, data recovery, and digital forensics?
Grep
A Linux command-line command that enables searching files for lines containing a match to a given text pattern
dd
A Linux command-line utility that can be used in the forensic process for creating and copying image files is called
memdump
A command line utility used to dump system memory to the standard output stream by skipping over holes in memory maps
Tcpreplay
A command-line utility that replays packets saved to a file back through a network adapter.a Command-Line Interface (CLI) packet-crafting tool?
MITRE ATT&CK
A globally accessible knowledge base of Adversary Tactics, Techniques, and Procedures (TTPs) based on observations from real-world attacks is known as:
Metasploit
A penetration-testing tool that combines known scanning techniques and exploits to explore potentially new types of exploits.
Windows Powershell
A type of extended command-line shell and a scripting language designed to simplify administrative tasks in Microsoft Windows
John the Ripper, Cain and Abel
Examples of password-cracking utilities include:
Cat
A Linux command that allows to create, view, and concatenate files
Head
A Linux command that allows to display the beginning of a file (by default its first 10 lines) is known as:
Exploitation framework
Suite of tools designed to automate delivery of exploits against common software and firmware vulnerabilities.
True
T or F One of the ways to prevent data recovery from a hard drive is to overwrite its contents. The data overwriting technique is used by drive wipe utilities which might employ different methods (including multiple overwriting rounds) to decrease the likelihood of data retrieval. As an example, a disk sanitization utility might overwrite the data on the drive with the value of one in the first pass, change that value to zero in the second pass, and finally perform five more passes, overwriting the contents with random characters (the Schneier method).
Exploitation framework
What is Metasploit
Changes file/directory access permissions
What is the function of the Linux chmod command?
Cyber Kill Chain
Which of the following answers refers to a 7-step military model adopted by Lockheed Martin to identify the phases of a cyberattack?
Cuckoo
refers to an anti-malware tool that enables automated analysis of suspicious files in a sandbox environment
OpenSSL
software library used to implement encrypted connections