Ethical Hacking Exam 2
In the Perl programming language, variables begin with which of the following characters?
$
Which of the following logical operators in the C programming language is evaluated as true if both sides of the operator are true?
&&
What programming languages are vulnerable to buffer overflow attacks?
C and C++
Which vi command deletes the current line?
Dd
What type of Windows Server is the most likely server to be targeted by a computer hacker?
Domain Controller
Closed ports respond to a NULL scan with what type of packet?
RST
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?
Share-level security
What security feature was extended to the OS to alert the user when an application is launched on a Windows 8.1 computer?
SmartScreen
Attackers typically use ACK scans to get past a firewall or other filtering devices.
True
A well documented Window's OS vulnerability was null sessions. What Windows operating system was the first to disable null sessions by default?
Windows Server 2003
What version of Windows Server has completely eliminated the option for telnet server?
Windows Server 2016
What type of port scan has the FIN, PSH, and URG flags set?
XMAS scan
What type of unauthenticated connection is considered to be a significant vulnerability of NetBIOS systems?
null session
When using a port-scanner, what procedure can be conducted to identify which IP addresses belong to active hosts?
ping sweep
Which of the following describes a text file containing multiple commands that would usually be entered manually at the command prompt?
script
If you do not have access to Nessus, what NMap procedure can be used to help you to gain information about remote *nix hosts?
script scanning
Red Hat and Fedora Linux use what command to update and manage their RPM packages?
yum
Which of the following is a mini-program within a main program that carries out a task?
function
In object-oriented programming, a function contained in a class is called which of the following?
member function
In a Perl program, to go from one function to another, you simply call the function by entering which of the following in your source code?
name
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
no ACL support
In an ACK scan, if the attacked port returns an RST packet the attacked port is considered to be operating in what state?
unfiltered
When writing a script which statement allows you to avoid creating an endless loop in your script?
while
In the Perl programming language, comment lines begin with the which of the following character(s)?
#
In a Linux script, which of the lines is important because it identifies the file as a script?
#!/bin/sh
Which of the following mathematical operators in the C programming language increments the unary value by 1?
++
Which of the following logical operators in the C programming language is used to compare the equality of two variables?
==
When using the text editor vim what command appends text after the insertion point?
A
UNIX was first written in assembly language. However, it was soon rewritten in what programming language?
C
For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?
CIFS
In the C programming language, which variable type holds the value of a single letter?
Char
Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later?
Common Internet File System
Which Windows 10 feature uses virtualization to protect access tokens from theft by attackers?
Credential Guard
Which of the following describes a flexible program that automates a task that takes too much time to perform manually?
Customized Script
What network security tool, usually included with Kali Linux, allows a user to ping multiple IP addresses?
Fping
What boot loader will allow your computer or laptop to start in both Windows and Linux?
GRUB
Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?
HFNetChk
Which of the following is a markup language rather than a programming language?
HTML
Which of the following is an excellent GUI tool for managing Windows OSs and is capable of displaying graphical representations of several areas?
Hyena
Which of the following is a common Linux rootkit?
Linux Rootkit 5
Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?
Mandatory Access Control
What open source port-scanning tool is considered to be the standard port-scanning tool for security professionals?
NMap
What does the "NBT" part of "NBTscan" stand for?
NetBIOS over TCP/IP
The open-source descendant of Nessus is called which of the following?
OpenVAS
What open-source network utility allows you to use plug-ins to run test programs (scripts) that can be selected from the client interface?
OpenVAS
Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?
RPC
Which of the following Window's utilities includes a suite of tools to help administrators deploy and manage servers and even allows for administrators to control mobile devices running Android, iOS, and Windows Mobile OS?
SCCM
NBTscan is a utility that can be used for enumerating Windows OSs.
True
Port scanning is a method of finding out which services a host computer offers.
True
Security professionals often need to examine Web pages and recognize when something looks suspicious.
True
The MSBA tool can quickly identify missing patches and misconfigurations.
True
The latest version of Nessus Server and Client can run on Windows, Mac OS X, FreeBSD, and most Linux distributions.
True
When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource?
User-level security
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
apt-get
You can use the syntax /* and */ to accomplish what function when working with large portions of text?
comment
SNMPWalk is a tool useful in enumerating hosts running SNMP with what type of configuration?
default
Which statement is where the script performs its main task?
do
In HTML, each tag has a matching closing tag that is written with which of the following characters?
forward slash (/)
When a TCP three-way handshake ends, both parties send what type of packet to end the connection?
FIN
Which of the following is a Window's client/server technology designed to manage patching and updating systems software from the network?
WSUS
What feature implemented in Windows Server 2016 allows for application isolation to protect applications from one another?
Windows Containers
What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?
domain controllers
What process allows a security professional to extract valuable information, such as information about users and recent login times from a network?
enumeration
In the Perl programming language, which of the following keywords is used in front of function names?
sub
Which of the following is an open-source implementation of CIFS?
Samba
What feature implemented in Windows 8.1 prevents the execution of non-trusted boot content, preventing rootkits?
SecureBoot
Bugs are worse than syntax errors because a program can run successfully with a bug, but the output might be incorrect or inconsistent.
True
In the C programming language, which of the following show where a block of code begins and ends?
braces
Carelessly reviewing your program's code might result in having which of the following in your program code?
bug
In a NULL scan, all packet flags are turned on.
False
Which of the following protocols does NetBios use to access a network resource?
NetBEUI
What critical component of any OS, that can be can be vulnerable to attacks, is used to store and manage information?
file system
When security professionals create a packet, they may choose to specifically set which of the following fields to help initiate a response from a target computer?
flag
To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?
MBSA
Which of the following commands gives you a quick way to see if there are any shared resources on a computer or server?
Net view
Early Windows OSs used which of the following programs loaded into memory to interact with a network resource or device?
NetBIOS
Which of the following is a Windows programming interface that allows computers to communicate across a local area network (LAN)?
NetBIOS
If you want to know what the Perl print command does, you can use which of the following commands?
perldoc -f print
Which of the following takes you from one area of a program (a function) to another area?
Branching
Rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs.
True
In any *NIX system, after saving a script named "script_name," you need to make it executable so that you can run it. Which command will accomplish this task from the command line?
chmod +x script_name
If an attacker decides to implement a less obvious port-scan, or stealth attack, which of the following techniques would be appropriate to make their activities more difficult to detect?
limit their scan speeds
Which of the following is a backdoor initiated from inside the target's network that makes it possible to take control of the target even when it's behind a firewall?
reverse shell
Which of the following statements in the C programming language is used to load libraries that hold the commands and functions used in your program?
#include
What enumeration tool is extremely useful when working with Windows NT, 2000, and Windows XP systems?
DumpSec
NetBIOS over TCP/IP is called which of the following in Windows Server 2003?
NetBT
In a normal TCP session, the sender sends a packet to another computer with which of the following flags set?
SYN flag
NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following?
backward compatibility
In the C programming language, which statement tells the compiler to keep doing what is in the brackets over and over and over?
for(;;)
What upper-level service is required to utilize file and printer sharing in Windows?
Server Message Block
What advanced port-scanning tool can allow a security tester to bypass filtering devices by injecting crafted or otherwise modified IP-packets into a network?
Hping
