Ethical Hacking Final Exam Study Guide

___ is used as AND operator in C programming. a) AND b) & c) $ d) && e) None of the above

&&

For their private communications, Bill and Joe use a 8-bit key for symmetric encryption. A cryptanalyst has captured a large amount of ciphertext being sent to Joe. What is the maximum number of keys that the cryptanalyst using the correct algorithm will have to try in order to crack the key? a) 128 b) 64 c) 32 d) 256 e) None of the above

256 2^8=256

You want to assign the value 20 to the age variable in your C program. Which of the following operators should you use? a) == b) = c) :: d) :

= = is an assignment operator used to assign a value to a variable. On the other hand, == is a comparison operation used to compare two values to determine if they are equal (e.g., if counter == 4). The opposite of == is != which means Not equal.

During the last few months, almost all of InfoSec Inc.'s computers have been infected by a malicious called Redlof. It was found on computers running Windows operating systems. Once introduced in a computer system, Redlof attaches itself to the kermel32.dll system file. Then, proceeds by searching the entire system for files with the following extensions in order to infect them: .html, .htm, .asp, .php, .jsp, and .vbs. Redlof has the potential of slowing down the processing speed of the infected targets. It can also make the infected computers reboot over and over again. Which of the following best describes this malware? a) A DoS attack b) A Trojan c) A virus d) A worm e) A Ping of Death

A virus Regular viruses attach to files on a computer. Unlike worms, they can't spread by themselves (without human intervention) from one computer to another. Trojans, typically, appear to be programs that a targeted user would like to have (e.g., an antivirus program, an encryption/decryption tool, etc.) but they are, actually, malicious software that can harm a computer system.

Which of the following is typically automated using computer-based tools? (Choose the best answer? a) A Security test b) A penetration test c) A vulnerability assessment d) Shoulder surfing

A vulnerability assessment Vulnerability assessment is an activity that security testers conduct in order to know about potential systems' vulnerabilities before engaging in their testing. Penetration testing involves probing or attacking a system in order to exploit potential vulnerabilities. One of the differences between penetration testing and security testing is that security testing involves analyzing a company's security policies in order to find potential weaknesses that may jeopardize security.

During the last few months, almost all of InfoSec Inc.'s computers have been infected by a malicious piece of software called Mytob. The malware was able to harvest email addresses from the Windows address book. The malware primarily spread using its own SMTP email engine. Mytob has the potential of deleting files on the infected computers and seriously slowing down communication on the network by consuming the victims' processing capacity. Which of the following best describes this malware? a) A DoS attack b) A Trojan c) A worm d) A virus e) A Ping of Death

A worm Regular viruses attach to files on a computer. Unlike worms, they can't spread by themselves (without human intervention) from one computer to another.

Which of the following is efficient and suitable for use on hand-held devices? a) DES b) AES c) Both a and b d) Neither a. nor b.

AES

Which of the following security issues or objectives is addressed by cryptographic systems? a) Protection against eavesdropping b) Assurance that parties involved in a communication are who they claim to be c) Assurance that messages are not altered en route d) Assurance that business a partner cannot deny having participate in a business transaction e) All of the above

All of the above a is for confidentiality, b is for authenticity (or authentication), c is for integrity, and d is for non-repudiation.

Based on how symmetric encryption works, which of the following is the worst thing to happen? a) An attacker getting a copy of the encryption and decryption algorithm b) An attacker getting the decryption key c) a and b are equally damaging

An attacker getting the decryption key

Taking advantage of ill-written applications by entering more data than the memory registers are expected to receive can lead to ... (Choose the best answer) a) Ping of Death attack b) SYN flood attack c) Distributed DoS attack d) Buffer overflow attack

Buffer overflow attack

In which programming language the following IF statement is written? if (balance == 20) { printf ("Your account balance is low"); } a) Perl b) C c) Can be Perl or C d) None of the above

C

Conducting zone transfer allows ... a) Transferring data from your computer to a remote Web server b) Transferring data from a remote Web server to your computer c) Copying the configuration data of a DNS server d) Copying domain names' records from a DNS server.

Copying domain names' records from a DNS server.

Which one of the following instigates a SYN flood attack? a) Generating excessive broadcast packets b) Creating a high number of half-open connections c) A large number of Internet Control Message Protocol (ICMP) traces

Creating a high number of half-open connections Explanation: Sending a SYN packet is the first step in a 3-way handshake. When it receives a SYN, the receiver sends back a SYN/ACK packet. Then, the initial sender of the SYN packet, sends an ACK packet. In a SYN flood attack, the attacker sends multiple SYN packets and doesn't reply (by an ACK) to any of the SYN/ACK received form the target.

Which of the following is a non-profit organization that is in favor of hacking in the traditional sense and advocates for the expression of electronic freedom? a) Freetonic b) Free Internet c) Electronic Frontier Foundation d) Anonymous

Electronic Frontier Foundation

In C programming, when a function calls another function, it always passes arguments or parameters to the called function. a) True b) False

False

Scanning a network in order to discover what TCP ports are open and what services are running on computers is considered footprinting. a) True b) False

False

A ____________________ can use algorithms to look for commands that indicate malicious intent in a suspected file. a) Trojan b) Signature-based antimalware c) Heuristic-based antimalware d) Zombie program

Heuristic-based anti-malware

Jason sends a message to Kristin using public key encryption for confidentiality. What key will Kristin use to decrypt the message? a) Jason's private key b) Jason's public key c) Kristin's private key d) Kristin's public key

Kristin's private key In public key encryption for confidentiality, the sender encrypt the message with the intended receiver's public key. The receiver uses their own private key to decrypt the received message.

Which of the following should be used to scan a Windows-based computer in order to generate a report showing the applications installed and the potential exposures? a) Netsparker b) AirCrack c) MBSA d) All of the above

MBSA Netsparker is a scanner for scanning Web applications for vulnerabilities. AirCrack is packet sniffer a key cracking tool for wireless networks.

Melissa is not a self-contained malware. It is embedded into Microsoft Word files and creates considerable network traffic. To what category of malware does Melissa belong? a) Polymorphic b) Boot sector c) Cavity d) Macro e) Trojan

Macro

A hacker visits a company's web site. While on the main web page, he uses the menu from the Web browser and displayed the main web page's HTML code. This would be ... a) Using HTML methods b) Active reconnaissance c) Conducting Web crawling d) None of the above

None of the above

For the U.S. Department of Justice, which of the following is not treated the same with regard to the law for combatting cybercrimes because their activities may not break the law? a) Hackers b) Crackers c) Packet monkeys d) None of the above

None of the above

Which of the following is not considered a type of social engineering activity that an ethical hacking can conduct? a) Sending phishing email to a company's employees. b) Making phone calls targeting a company's employees in attempt to test the likelihood that some of them may give away login credentials c) Using the kindness card when talking to a company's employees in an attempt make them comfortable and reveal secrets that may jeopardize the company's network security d) Contacting companies' employees through social media to establish trust with the goal of getting them to reveal sensitive information e) None of the above

None of the above

Which of the following is not true about the difference between hashing and encryption? a) In encryption, the plaintext is similar in size to the ciphertext b) In hashing, the output is of a fixed short length, regardless of input c) In hashing, the hash cannot be "de-hashed" back to the original input. d) None of the above

None of the above

Which of the following may not be included in a penetration test report? a) How risks of exploiting exposures are rated b) Recommendations about dealing with potential exposures c) Technical details about vulnerabilities, and possible mitigation options d) Details about attacks conducted e) None of the above

None of the above

___________________ can make a network defense system send alerts to a company's IT staff. a) Dumpster diving b) Using the EDGAR system c) Passive footprinting d) Unobtrusive information gathering e) None of the above

None of the above

Jason sends a message to Kristin using public key encryption for confidentiality. What key will Jason use to encrypt the message? a) Jason's private key b) Jason's public key c) Kristin's private key d) None of the above

None of the above Kristen's public key is the answer

Which of the following can a computer "understand" and directly execute? a) Source code written in C++ b) Source code written in Assembly Language c) Source code written in Cobol d) None of the above

None of the above Programs written in high-level programing language (e.g., C++, Cobol) or in low-level programming language (e.g., Assembly Language) must be converted in machine code (or machine language) for the computer to under and execute the program.

Assume that it takes 20 days to try all possible keys when the key length is 16-bit. How much time it would take to try all possible keys when the key length is increased to 19 bits? a) 100 days b) 90 days c) 80 days d) 100 days e) None of the above

None of the above The days double for each bit added

JavaScript is a high-level interpreted programming language. Which of the following is used to convert JavaScript source code into the kind of code that a computer "understands" and execute? a) Assembly Language b) Assembler c) Compiler d) None of the above

None of the above The three types of language translators are: compilers, interpreters, and the assembler. Compilers are used to convert programs written is high-level compiled programming languages like C, C++, and Fortran into machine language that can be "understood by the computer. Interpreters are used to convert programs written is high-level interpreted programming languages like Perl, JavaScript, and Python (one instruction at a time) into machine language that can be "understood by the computer. Assembler a is program for converting instructions written in low-level symbolic code (e.g., assembly language) into machine code.

In symmetric encryption between two communication partners, how many keys are used in total for confidentiality? a) two b) four c) six d) None of the above

None of the above n (n - 1)/2 = 2(2-1)/2 = 1 key is needed because there are two communication partners.

Using a Web browser to visit companies' web sites in order to learn about their IT department is considered ... 1) Using HTML methods 2) Active reconnaissance 3) Passive reconnaissance 4) Conducting Web crawling

Passive reconnaissance

Don King, the evil hacker, is purposely sending fragmented ICMP packets to a remote target. The total size of the packets once reconstructed is 72 000 bytes. What type of attack is Don King attempting? a) SYN flood b) Smurf attack c) Ping of Death d) Fragment Break

Ping of Death A Ping of Death attack attempt occurs when an oversized packet (> 65536 bytes in size) is sent (by the attacker) using fragmentation technique with the purpose of crashing or freezing a target computer. This kind of attack used to (easily) succeed on servers that have older operating systems (e.g., Windows 2000 Server) that are not patched.

Symmetric Key Encryption

Same key is used both for encryption and decryption Keys are usually identical or trivially identical (Stream cipher or Block cipher)

A ________________________ can help determine that a company's specific security procedures are not implemented. a) Penetration testing b) Security testing c) Vulnerability assessment d) Only a and b

Security testing

Which of the following can be effective in protecting a system against SYN flood attacks? a) Heuristic-based antimalware b) Antimalware detection using sandboxing c) Stateful packet inspection d) Using inference engines e) None of the above

Stateful packet inspection As opposed to static packet inspection which checks packets entering a system (e.g., a network) in isolation, sateful packet inspection checks to determine if a packet trying to enter a system is related to another packet that has already ready entered the system. Stateful packet inspection can also help determine if multiple SYN packets are coming from the same source repeatedly.

Integrity

Techniques for making sure that encrypted messages are not modified en route

Non-repudiation and authenticity

Techniques for secure identification/ authentication of communication partners

An ethical hacker can launch a denial of service attack against a company's server. a) True b) False

True

The following IF statement is written in Perl. if ($age > 40) { print "You are over 40"; } a) True b) False

True

Zed Attack Proxy is included in Kali Linux. a) True b) False

True

Analyzing computer programs manually trying to discover bad programming that is done without security in mind is part of what ethical hackers do. a) True b) False

True This is called code review.

Asymmetric key encryption

Two different keys are used: one key called public key for encryption, one call private for decryption

You want to read about a company's old mission statement from the year 2013. Which of the following can help achieve that? a) Visiting the company's website and access it's archives b) Using an HTTP proxy c) Displaying and reading the HTML code of the company's main web page d) Using the Time Machine e) Using the Wayback machine f) None of the above

Using the Wayback machine

The part of a virus that allows the virus to mutate is called ... a) SMTP engine b) Inference engine c) EVD d) Virus decryption routine e) Payload

Virus decryption routine

Which of the following holds records about domains' registrations? a) Google Hacking Database b) HTML code c) HTTP methods d) Whois database e) Wayback machine

Whois database

is considered a hacktivist group. a) Skids b) Free Internet c) Hack Justice d) WikiLeaks

WikiLeaks

A company has a new Web application developed by its internal IT staff. The company needs to test the application for possible vulnerabilities before putting it in production. Which of the following can be used to do the testing? a) Dig command b) Application review c) Passive footprinting d) ZAP e) None of the above

ZAP

Which of the following is specifically designed for probing and testing Web applications a) Netcat b) Application proxies c) ZAP d) Kali Linux

ZAP

___ is used as AND operator in Perl programming. a) AND b) & c) $ d) && e) None of the above

d) &&

Collision resistance as it applies to a hashing function means that two inputs can easily result in the same hash value when the hashing function is used. a) True b) False

false a hashing function that is collision resistant means that it is impossible (or highly unlikely) that two inputs result in the same hash value when the hashing function is used.

If you run the following C program, it will ... // The famous "Hello, world!" C program #include <stdio.h> /* Load the standard IO library. The library contains functions your C program might need to call to perform various tasks. */ main() { printf("Hello, world!\n\n") } a) display "Hello, world" b) not display anything c) generate an error d) None of the above

generate an error There is a missing semicolon (;) at the end of the printf statement.

Which of the following does not refer to the output of hashing? a) hash b) hash sum c) hash value d) hash function e) None of the above

hash function

You want users to provide data to be used by a C program by typing the data when asked by the program. Which command can be used to prompt a user for an input? a) getdata b) input c) scanf d) data

scanf

A 256-bit key can be considered strong in ________ a) symmetric key encryption b) public key encryption c) Both a and b d) Neither a. nor b.

symmetric key encryption

You want to use symmetric encryption to send the following message to one of your business partners: The standing balance is thirty three thousand dollars Which of the following you don't have but you need to have in order to encrypt the message? a) the plaintext and the key b) the ciphertext and the key c) the key and the encryption algorithm d) None of the above

the key and the encryption algorithm