ITC 664 Midterm

¡Supera tus tareas y exámenes ahora con Quizwiz!

Windows firewall can allow connections from a specific IP address

True

Wireless networks are more vulnerable to attack than wired networks

True

"For hacking purposes, which of the following is probably least important to the hacker?"

age of the company

A database would be known as an

asset

"When profiling a Unix host, which command shows the operating system?"

cat /prov/version

What is a small file stored on your computer to make browsing easier?

cookie

This foot-printing tool is native to Linux

dig

What Linux command enumerates the users on a remote host?

enum4linux

Which phase of incident response occurs last

lesson learned

Which of these tools identifies the IP address of a domain name?

nslookup

Zenmap is used for

port scanning

"On a Windows machine, using PsTools, what command shows current users?"

psLoggedOn

The largest attack surface is found in ______

software

"When profiling a Unix host, which command lists all firewall rules for the network?"

sudo iptables -L

"In Windows, the _______ command will show only a list of devices encountered, and time elapsed, en route to the destination"

tracert

Which tools is used to discover flaws in a web page's HTML code

webgoat

Which could be most effective in searching for email addresses or hidden content in a web site?

website mirroring

Which group is also known as "Ethical hackers"?

white hat hackers

which of the following is a means to implement an IDS

-anomaly-based, signature-based, and reputation-based

About how many people respond to phishing attacks?

.1

About what percentage of people are willing to give up their password

0.5

About ____% of users are willing to sell their passwords

30

HTTPS usually uses port

443

The first ________ digits of a MAC address identifies the manufacturer

6

"About ________% of data breaches involve weak, default, or stolen passwords"

60

Antivirus software is usually about _____% effective

95

The time anti-virus software such as AVG takes to do a complete scan is about

20 minutes

"Which part of the command "nmap -O -v 100.16.16.50" refers to a computer?"

100.16.16.50

Company security policies should be updated at least every ______ months

12

"In Linux, the uid for user drasdi:x:135:141 is ________ "

135

The market share for Mac OS is about ___%

15

"A(n) _________ builds a model of normal data flows and detects unusual data flows, which could be a sign of malware."

ADS

This uses artificial intelligence to reduct false positive/negatives in intrusion detection

ARS

DNS maps a domain name to a physical location of a web server?

False

Which element of the cyber kill chain occurs later than the others?

Achieving the goal

Which of the following is completed before gaining access to a system

All of these - Reconnaissance - Enumeration - Scanning

Which of the following is considered PII?

All of these - name - SSN - Credit Card #

False positives in an IDS are more problematic than false negatives

False

Files in AVG's quarantine area are not encrypted

False

Which is least likely a sign of a scam artist on a dating site?

Has many selfies with many friends and family members

Wireless networks are usually very secure?

False

You can hack into a system without permission if you are a certified White Hack hacker?

False

Which of the following is NOT a good indicator of malware?

File size

Flooding HTTP services would be classified as a(n) _____ attack

Application

Setting password policies in Windows is an example of

Hardening

Which of the following is a third-party commercial anti-DoS service?

CloudFlare

The nmap command is run using

Command prompt

Linux does not have a built-in firewall

False

Nmap can show you user id's and passwords

False

Which of the following is a honeypot

Cowrie

One of the first things you should do when an incident has occurred is to power off the machine

False

Reflective XSS is more serious than persistent XSS

False

LOIC (low orbit ion cannon) is used for what type of attack?

DDoS

The command "cd" is Linux means "current directory"

False

A hardware keylogger runs with the aid of the target's operating system.

False

A hashing algorithm is used to crack passwords

False

What is the second step for a hacker to acquire a social engineering victim?

Establishing trust

"In a DoS attack, malformed packets can result in choking access to the service."

False

"In session hijacking, the hacker needs to first obtain a user ID and password."

False

Which law gives consumers control of their data

GDPR

Which software can be used to emulate a network

GNS3

The new web protocol QUIC was introduced by

Google

Which of these tools can provide much valuable information about a company?

Google

Which tool uses specific keywords and operators to perform sophisticated searches?

Google hacking

Which of the following test sites primarily utilizes a blog?

Gruyere

Which service is not listed in useful services to enumerate in this video

HTTP

Which Linux command displays firewall settings?

Iptables

The _______ security distribution for Linux contains open source security software packages.

Kali

Which Linux distribution includes many hacking tools

Kali

Which of the following is used to authenticate web sites

LDAP server

What organization has a website that provides information to defend against malware?

Mitre

Which organization publishes guidance on preventing DDoS attacks

NIST

Which organization publishes a Top 10 Web application security risks list?

OWASP

Which is usually not a carrier of hidden data via steganography?

Operating system

What is the weakest form of authentication

Password

What tool is most often used for a fileless attack

Powershell

What software is used to hijack an SSH session where admins communicate with the network?

PuttyRider

What is the most popular type of attack in financial cyber crimes ?

Ransomware

Which phase of hacking obtains information about the target

Reconnaissance

Which type of attack typically uses domain name servers to attack the target?

Reflection

________ is the phase where vulnerabilities are mitigated

Remediate

Which protocol is for network management?

SNMP

The three-way handshake begins with

SYN

The Social-engineer Toolkit does NOT provide tools for this form of attack

Shoulder surfing

What is probably the best way to discover a person's PIN?

Shoulder surfing

Which of the following is an IDS

Snort

_______ is a type of malware that extracts information from the host

Spyware

The Three-way handshake is required by

TCP

The protocol that controls sessions on the Internet is?

TCP

Which program captures network traffic

TCPDump

What software is used to perform a web attack using cookies

Tampermonkey

Which element of social engineering is involved when using email

Tools

Which browser can be used to stay anonymous?

Tor

"By 2022, cybercrime will cost about ________ dollars."

Trillion

"Passwords are usually stored with the aid of hash functions, not encryption functions"

True

A database is an intangible assets

True

An organization generally has the ability to reduce security vulnerabilities

True

Fuzz testing is black box testing

True

GnuPG is software used for encryption

True

MD5 is a hash algorithm

True

Netwitness investigator is preferred over wireshark for analyzing network traffic

True

SQL injection attacks are usually designed to extract information from a database

True

The trend now is for hackers to move from MITM attacks to MITB attacks

True

________ is a type of malware that propagates itself

Virus

This is a flaw in a system

Vulnerability

risk = threat X

Vulnerability

Which of the following has the primary function of filtering traffic for web applications

Web proxy

Which of the following is a way to conduct a MITM attack?

Web proxy, malicious Wi-Fi, ARP poisoning

What software is used to perform a MITM attack using a web proxy

Webscarab

What tool is useful for investigating individual packets in an HTTP session?

Wireshark

Which of the following is NOT a vulnerability scanner?

Wireshark

Cisco firewalls have very limited functionality

false

The NVD feeds into the CVE

false

Vulnerability scanning is also known as penetration testing

false

Which of the following is NOT part of scanning?

footprinting

___________ is a type of malware that hides deep in the operating system and doesn't propagate

rootkit

Finger is used to enumerate information about

users


Conjuntos de estudio relacionados

Intro to Business Chapter 16: Mastering Financial Management

View Set

Government Unit 1: INTERNATIONAL GOVERNMENTS Questions and answers

View Set

AP Biology Ecology Multiple Choice Practice Test

View Set

Millennials (Y Gen.) and the Net Generation (Gen. Z)

View Set

Anatomy Chapter 5: The Skeletal System: Osseous Tissue and Skeletal Structure

View Set