Module 5

Microsoft and the University of Michigan co-developed Subvirt. What was this? virus, driver, or a BIOS-level rootkit.

BIOS-level rootkit

A user is analyzing their network for devices using embedded systems and is trying to find vulnerabilities associated with those devices. Where on the NVD should they look? CPE, NCP, CCE, or CVE?

CVE

Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later? Common Internet File System, Microsoft Knowledge System, Windows Help File, Windows Online File System.

Common Internet File System (CIFS)

What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and Apple iPhone OS? Python, C++, PERL, or Java.

Java

Which of the following is a common Linux rootkit? Back Orifice, Kill Trojans, Packet Storm Security, or Linux RootKit 5.

Linux Rootkit 5

Which of the following protocols does NetBIOS use to access a network resource? SMB, NBT, NetBT, or NetBEUI.

NBT

What is the current file system that Windows utilized that has strong security features? FAT, ADS, FAT32, or NTFS.

NTFS

Which of the following is a specialized type of embedded OS that is typically used in devices such as programmable thermostats, appliance controls, and even spacecraft? RTOS, voIP, MILS, SCADA

RTOS

Which one of the following, if compromised, might allow attackers the ability to gain complete access to networked resources? Host, Router, Driver, Rootkit

Rootkit

Which of the following is often found within an embedded OS that can cause a potential vulnerability to an attack? Web server, PLC, RAM, or PCB.

Web server

NetBIOS is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBIOS should be understood by security professionals because it is used for which of the following? Backward compatibility, window upgrades, virus scanning, or RPC.

backward compatibility

A penetration tester is trying to authenticate a user account which contains most of the information that attackers want to access. Which of the following should they target? SMB controllers, domain controllers, CIFS servers, or file servers?

domain controllers

Originally, which of the following was used to perform rounding and switching before specialized hardware was developed? Network devices, general purpose computers, embedded systems, specialized hardware.

general purpose computers

How should a security analyst review system-generated events for signs of intrusion or other problems on the network? log monitoring tool, nessus, Event Viewer, or SCCM.

log monitoring tool

Embedded Linux is an example of which type of operating system. Macrolithic, macrokernel, microkernel, or monolithic.

monolithic

What type of kernel was designed to offer the most flexibility and support for sophisticated features. Macrolithic, monolithic, bilithic, or proprietary.

monolithic

An IT technician downloaded dd-wrt to experiment with embedded Linux operating systems. What major worm was this previously subjected to? Conficker, psyb0t, Chromecast Hack, or ATM Hack?

psyb0t

A Linux administrator wants to share files between Windows and Linux servers. What protocol should they use? CIFS, SMBB3, SAMBA, or NetBIOS.

SAMBA

To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used? nessus, WSUS, RPC, or SQL

nessus

What is the most serious shortcoming of Microsoft's original file allocation table file system? no ACL support, no WSUS support, no SMTP support, or no Linux support.

no ACL support