Chapter 8 HW

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

A systems administrator is trying to harden an externally facing DNS server and wants to disable every port except for DNS. Which port should they leave open?

53 UDP

NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following?

Backward compatibility

For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?

CIFS

Which of the following is not a best practice in regards to password policies?

Common words

A systems administrator has been asked by the vulnerability manager to harden several external facing web servers. What would an example of hardening be?

Disable telnet

A penetration tester is trying to authenticate a user account which contains most of the information that attackers want to access. Which of the following should they target?

Domain controllers

What critical component of any OS, that can be vulnerable to attacks, is used to store and manage information?

File system

What does a Windows environment use to locate resources in a domain containing thousands or even millions of objects?

GC

Which of the following is a common Linux rootkit?

Linux Rootkit 5

Which of the following is not a common tactic employed by trojans?

Maintain a list of hashes to check files against

Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?

Mandatory Access ControlMandatory Access Control

What is the current file system that Windows utilizes that has strong security features?

NTFS

To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?

Nessus

Which of the following commands should an attacker use to enumerate anonymous SMB access?

Net view

What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?

No ACL support

Which of the following is a function of a trojan?

Remote administration

Which of the following Windows utilities includes a suite of tools to help administrators deploy and manage servers and even allows for administrators to control mobile devices running Android, iOS, and Windows Mobile OS?

SCCM

A Linux administrator wants to share files between Windows and Linux servers. What protocol should they use?

Samba

A user is looking at SMB traffic which is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?

TCP/IP

When using the Common Internet File System (CIFS), which security model will require network users to have a username and password to access a specific resource?

User-level security

A security analyst suspects that a machine was recently compromised after a user has been navigating to several suspicious sites. What tool could the administrator use to find files that were downloaded from the internet?

dir /r

Red Hat and Fedora Linux use what command to update and manage their RPM packages?

yum

A security analyst is reviewing assembly code in memory. Early Windows OSs used which of the following programs to interact with a network resource or device?

NetBIOS

An attacker has successfully compromised a user's workstation, but they want to try to trick an administrator into connecting to a user's share drive in order to intercept the credentials. What tool should they use to accomplish this objective?

SMBRelay

What programming languages are most susceptible to buffer overflow attacks?

C and C++

A security administrator just scanned the network for vulnerabilities using Nessus and has produced a report to the administrators. Which of the following Window's client/server technology should they use to manage patching and updating systems software from the network?

WSUS

When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?

Share-level security

A vulnerability manager is trying to get a Linux team manager's buy in for patching systems. They know that if they can convince the manager of the importance, there will not be nearly as much pushback. They want to demonstrate exploiting a server, so they make a copy of one of the server images and put it on a standalone instance for demonstration. Where could they look for active exploits?

Exploit-db.com

Which of the following operating systems is considered the most secure?

None of these are more secure than the others

Which of the following is considered to be the most critical SQL vulnerability?

Null SA password


Kaugnay na mga set ng pag-aaral

NASM Chpt. 14 Integrated Design & the OPT Model

View Set

Chapter 10: Principles and Practices of Rehabilitation

View Set

statistiques pour médecins cours 3

View Set

Reaction Kinetics: The Essentials

View Set

Essentials Health & Wellness EXAM II

View Set

Maternity/OB: Newborn Adaptive quiz

View Set

Chapter 5: Net Present Value and Other Investment Rules - Conceptual

View Set

MGT 370: Chapter 03 Assignment: Managing in a Global Environment

View Set