CMIS 426 Exam 2
TCP/IP
"NBT" means NetBIOS over
Windows Server 2003
A well documented Window's OS vulnerability was null sessions. What Windows operating system was the first to disable null sessions by default?
CIFS (Common Internet File System)
For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?
Yum
Red Hat and Fedora Linux use what command to update and manage their RPM packages?
OpenVAS
The open-source descendant of Nessus is called which of the following?
Footprinting
To determine what resources or shares are on a network, security testers must use this to determine what OS is used.
apt-get
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
GRUB
What boot loader will allow your computer or laptop to start in both Windows and Linux?
file system
What critical component of any OS, that can be vulnerable to attacks, is used to store and manage information?
DumpSec
What enumeration tool is extremely useful when working with Windows NT, 2000, and Windows XP systems?
NTFS
What is the current file system that Windows utilizes that has strong security features?
no ACL support
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
Enumeration
What process allows a security professional to extract valuable information, such as information about users and recent login times from a network?
C and C++
What programming languages are vulnerable to buffer overflow attacks?
domain controllers
What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?
Domain Controller
What type of Windows Server is the most likely server to be targeted by a computer hacker?
null session
What type of unauthenticated connection is considered to be a significant vulnerability of NetBIOS systems?
Server Message Block
What upper-level service is required to utilize file and printer sharing in Windows?
Windows Server 2016
What version of Windows Server has completely eliminated the option for telnet server?
User-level security
When using the Common Internet File System (CIFS), which security model will require network users to have a username and password to access a specific resource?
Net view
Which of the following commands gives you a quick way to see if there are any shared resources on a computer or server?
Nbtstat
Which of the following commands is a powerful enumeration tool included with Windows?
WSUS
Which of the following is a Window's client/server technology designed to manage patching and updating systems software from the network?
NetBIOS
Which of the following is a Windows programming interface that allows computers to communicate across a local area network (LAN)?
Finger utility
Which of the following is a useful enumeration tool that enables you to find out who is logged into a *nix system with one simple command?
Mandatory Access Control
Which of the following is an OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?
RPC (Remote Procedure Call)
Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?
Samba
Which of the following is an open-source implementation of CIFS?
null SA password
Which of the following is considered to be the most critical SQL vulnerability?
