Ethical Hacking Final Part 4

¡Supera tus tareas y exámenes ahora con Quizwiz!

Session hijacking can be thwarted with which of the following?

Authentication

What is a covert channel?

A backdoor

When an attacker computer tells a network the IP address of bigbank.com is an illigitimate address, that is a form of what attack?

IP Spoofing Attack

What phase of a virus is when it is replicating iteself?

Propogation Phase

XSS is typically targeted toward which of the following?

Web Browsers

What is NOT a benefit of hardware keyloggers?

Difficult to Install

A virus does NOT do which of the following?

Display pop-ups

Which protocols below can be sniffed and "read" without additional processing/analyzing?

HTTP, DNS, DHCP, FTP, anything not secure

An ethical hacker sends a packet with a deliberate and specific path to its destination. What technique is the hacker using?

IP Spoofing

Jennifer has been working with sniffing and session hijacking toolson her company network. Since she wants to stay white hat - that is ethical - she has gotten permission to undertake these activities. What would Jennifer's activites be categorized as?

Passive

What are worms typically known for?

Rapid Replication across a network

A man-in-the-browser attack is typically enabled by using which mechanism?

Trojans

A public use workstation contains the browsing history of multiple users who logged in during the lsat seven days. While digging through the history, a user runs across the following web address: www.snaz22enu.com/&w25/session=22525. What kind of embedding are you seeing?

URL Embedding

Malicious code triggered by user action is an example of what?

Virus, Trojan

Which is/are a characteristic of a virus?

Viruses are malware, can replicate on it's own or with user interaction, can run silently

A Trojan relies on ______ to be activated.

Vulnerabilities

Session fixation is a vulnerability in which of the following?

Web Apps

A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself is a?

Worm

Conficker is an example of which malware?

Worm

Session hijacking can be performed on all of the following protocols except which one?

IPSec

Which technology can provide protection against session hijacking?

IPSec

Which malware is named after ancient Greek history?

Trojans

A logic bomb has how many parts, typically?

Two

When Computer B tells Computer A, "I have that MAC. My IP address is [what it is]" is an example of what?

ARP Reply

Malware is code that has an adverse impact on which of the following?

Confidentiality, Integrity, Availability

A session hijack can be initiated from all of the following except which one?

Devices

A remote access Trojan would be used to do all of the following except _____

Sniff traffic

Network level hijacking focuses on the mechanics of a connection such as the manipulation of packet sequencing. What is the main focus of web app session hijacking?

Stealing Session IDs

Which of the following is NOT a trojan?

TCPTrojan

Which utility will tell you in real time which ports are listening or in another state?

TCPView

A logic bomb is activated by which of the following?

Time, Date, Actions, Events

When using Meterpreter, what command provides you with the Windows Password store?

hashdump

What command is used to listen to open ports with netstat?

nestat -an

Which of the following is capable of port redirection?

netcat

Jennifer is a junior system administrator for a small firm of 50 employees. For the lst week a few users have been complaining of losing connectivity intermittently with no suspect behavior on their part such as large downloads or intensive processes. Jennifer runs wireshark on Monday morning to investigate. She sees a large amout of ARP broadcasts being sent at a fairly constant rate. What is Jennifer most likely seeing?

ARP Poisoning

When Computer A asks the network, "Who has this IP address?" is an example of what?

ARP Request

A MITM attack depends on which of the following successful attacks to be completed first?

ARP or DNS Poisoning

What phase of a virus is when it performs its malicious action or payload?

Action Phase

What form of malware can track browsing or buying habits?

Adware

A covert channel or backdoor may be detected using all of the following except _________

An SDK

An overt channel is _______

An obvious, defined method of using a system

Which of the following is not a source of session IDs?

Anonymous Logon

What is the name of the Graphical Front End to Metasploit?

Armitage

Julie has sniffed an ample amount of traffic between the targeted victim and an authenticated resource. She has been able to correctly guess the packet sequence numbers and inject packets, but she is unable to receive any of the responses. What does this scenario define?

Blind Hijacking

A polymorphic virus _______

Evades detection by altering it's own code

Session hijacking can do all of the following except which one?

Take over an authenticated session

A Trojan can include which of the following?

Remote Access Trojan (RAT)

When a logical condition causes a virus to move from a dormant or propagation phase is which phase?

Triggering phase

A sparse infector virus _______

Infects files selectively

A man-in-the-middle attack is an attack where the attacking party does which of the following?

Inserts themselves in the middle of an active session

Which statement(s) defines malware most accurately?

Malware covers all malicious software

Which of the following is/are true of a worm?

Malware, can replicate on it's own or with user interaction across a network

In order to perform network sniffing, the network card needs to be put in which mode?

Monitor Mode

In order to perform network sniffing across "all" virtual networks on a switch, what type of port needs to be created on the switch?

Monitor Port, SPAN (Switched Port Analyzer) port

A session hijack can happen with which of the following?

Networks and Applications

Which kind of values is injected into a connection to the host machine in an effort to increment the sequence number in a predictable fashion?

Null

What malware modified an operating system to hide the existence of itself or other malware?

Rootkit

Which statement defines session hijacking most accurately?

Session hijacking is an attack that aims at stealing a legitimate session and posing as that user while communicating with the web resource or host machine.

What form of malware can track user data such as keystrokes or screen capture?

Spyware

A sender starts with an innocuous image but adjusts ever 100th pixel to correspond to a letter in the alphabet is an example of what?

Steganograph


Conjuntos de estudio relacionados

Six Sigma Practice Test 8 (Indiana Council--Measure & Analyze Stage)

View Set

Chapter 38:, GI, safety, 309 Quiz 4

View Set

What is a Pandemic and the History of Pandemics

View Set

Chapter 11 - More Object Oriented Programming (Ferrell)

View Set

BISC208 Mastering Biology Exam 2 (University of Delaware, Dr. DeVito)

View Set

Lab 7.2-7.4 (Module 2): "The Bones Within Us"

View Set

The Science of Nutrition - Chapter 11

View Set

itf+ Test Prep errors FULL LENGTH TEST SET 13

View Set