Sec + Skillset Pre-Exam Questions:
A company hires a consultant to review their existing network design, which shoes publicly accessible servers are on the same network segment as the internal servers. Which of the following would ensure public servers cannot contact the internal network segment, in the event a server is compromised? a. Placing the public servers in a DMZ (demilitarized zone) b. Placing the public servers in RADIUS c. Placing the public servers in Virtual Private Network (VPN)
My Answer: placing the public servers in a DMZ (demilitarized zone)
Where should physical security be implemented? (Select three) a. workstations b. restrooms c. outermost gates d. Data centers
My Answers: Workstations AND Outermost Gate AND Data Centers
What feature of a firewall makes sure that each packet is part of a session? a. Rules b. None of these c. Stateful inspection d. Stateless inspection
My answer: Stateful inspection
Basic message authentication and integrity controls would include all of these EXCEPT? a. CRC values b. Parity checks c. Checksums d. Trapdoors
My answer: Trapdoors (?)
In DDOS attack, the computer that is under control of the attacker is called a. Victim b. Worm c. Zombie
My answer: Zombie
Which of the following is the weakest WiFi encryption standard? a. WPA b. WPA2 Enterprise c. WEP d. WPA2
My ANswer: WEP
Kyle wants to segregate internal departments such as engineering, sales, and marketing. Which type of network would he use for this particular application? a. Personal area network (PAN) b. Virtual local area network (VLAN) c. Metropolitan are network (MAN) d. Store area network (SAN)
My Answer: (MAN)
Which of the following encryption methodologies works like a running-key cipher, except that the key is the length of plaintext and is used only once? a. Running-key cipher b. A one time pad c. Transposition cipher d. Monoalphabetic cipher
My Answer: A one time pad
Which of the following authentication mechanisms uses a sequence of characters or words rather than a single password? a. A passive net b. A passphrase c. A transit d. Authentication
My Answer: A passphrase
Which of the following is characteristic of an asymmetric algorithm key? a. Uses bulk encryption b. A public key/private key combination is used for encryption and decryption c. The algorithm is less complex and fast d. Once encryption/decryption key is shared between sender and recipient
My Answer: A public key/private key combination is used for encryption and decryption.
A computer connects to a wireless access point and gets an IP address with which it can immediately browse the internet. What protocol is responsible for this automatic assignment of IP addresses? a. 802.1X b. Domain Name System c. Dynamic Host Configuration Protocol d. Address Resolution Protocol
My Answer: Address Resolution Protocol
Which of the following would you consider with respect to the environment of computing and digital communications? a. ventilation b. shielding c. fire suppression d. All of these
My Answer: All of these
You are a security conscious person, taking every reasonable security measure. But you were still hit by a ransomware attack which had encrypted all your data on a network attached storage (NAS) device. How do you get back your precious data? a. Ask help from the NAS vendor b. Pay the ransom c. Ask help from Bruce Schneier d. restore data from offline backup media
My Answer: Ask help from the NAS vendor.
Which encryption method works on the basis of sender and receivers using different keys for encryption and decryption? a. IDEA b. Symmetric c. Blowfish d. Asymmetric
My Answer: Asymmetric
Which encryption method is used when the sender and receiver use an instance of the same key for encryption and decryption purposes? a. Symmetric algorithm b. Block cipher c. Diffusion d. Asymmetric algorithm
My Answer: Asymmetric algorithm
Jane has a 5GB video data file she wants to protect but wants to quickly send it to her friend john as soon as possible so secuirty isn't of the most concern. Which type of encryption should she use to accomplish this as quickly as possible? a. Symmetric encryption b. Asymmetric encryption
My Answer: Asymmetric encryption
Using the address resolution protocol (ARP), if the ARP cache does not contain the necessary information and an ARP request broadcast is transmitted, then an attacker inserts false information into the ARP cache. This is called what? a. Cache loosening b. Cache scrambling c. Cache poisoning d. Cache blanching
My Answer: Cache poisoning
The primary danger in the use of AD HOC wireless networks is that: a. Critical organizational data obtained via the secured network may be on the user's end node computer drive and thus exposed to discovery via the unsecured AD HOC network b. The AD HOC network will cause the host based intrusion system to fail c. The user running the AD HOC network will suffer performance issues
My Answer: Critical organizational data obtained via the secured network may be on the user's end node computer drive and thus exposed to discovery via the unsecured AD HOC network.
What connectivity issues are MOST likely to result from bundling network cables tightly together? a. Crosstalk b. Attenuation c. Collision d. Open circuit
My Answer: Crosstalk
_____________ is the science of protecting information by encoding it into unreadable format a. Cryptography b. Laminectomy c. Platography d. Stenography
My Answer: Cryptography
Which of the following is not an encryption algorithm? a. SHA1 b. AES c. DES
My Answer: DES
Which protocol allows for dynamic IP address assignments? a. DHCP b. HTTPS c. OSPF d. SNMP
My Answer: DHCP
Spim is a special kind of spam that targets instance messaging users. a. True b. False
True
A session key should be valid for how many sessions? a. One b. Up to three c. Unlimited d. As many as required
my Answer: One
You receive an email that appears to be from your company's help desk notifying you that your workstation has been infected with a computer virus. They tell you that they have to run antivirus software in order to resolve the issue. They ask you some questions to verify your employee status like your name, title, employee number, and even your password. What do you do? a. Reply to them and tell them to give you a call to discuss the matter further. b. Provide them with the information they requested quickly to resolve this issue. c. Ignore/delete/disregard the email d. Only answer the questions you feel comfortable telling them e. Don't do anything else with the email and notify your security department
My Answer: Don't do anything else with the email and notify your security department.
Which of the following security measures, if turned on, will protect a system from unauthorized access based on a device's hardware address? a. Disabling SSID b. Enabling port secuirty c. Mac filtering d. Turning on WPA2
My Answer: Enabling port security
Which of the following is most likely to be an SSID? a.FE80:0000:0000:0000:0202:B3FF:FE1E:8329 b. 10010101 c. 192.168.1.1 d. Kim's Wonderful Network
My Answer: FE80:0000:0000:0000:0202:B3FF:FE1E:8329 (SSID contains 32 characters as a unique ID)
6 character passwords are enough to secure against most password attacks. a. True b. False
My Answer: False
Asymmetric encryption is done faster than symmetric encryption. a. True b. False
My Answer: False
In social engineering the term tailgating means to look for a person's private information over the shoulder to manipulate... a. True b. False
My Answer: False
Reverse engineering is also called social engineering? a. True b. False
My Answer: False
Which of the following is the first phase in hacking anatomy? a. Gaining Access b. Reconnaissance c. Escalating privileges d. Scanning
My Answer: Gaining Access
For what reason would a company have a shred/burn policy in place for its paper records? a. Helps with legal compliance b. Helps mitigate the "Dumpster diving" attack c. Helps mitigate the "social engineering" attacks d. Helps establish a safe environment
My Answer: Helps mitigate the "dumpster diving" attack
An administrator discovers a counterfeit wireless station using same SSID as company's wireless network. What type of wireless attack is described? a. War driving b. Evil Twin c. War chalking d. IV attack
My Answer: I don't know
If you want to have the RSA level of security on a rather slow processor, like cell phones, which encryption system should toy consider using? a. Diffie-Hellamn b. MD4 c. El Gamal d. Elliptic curve
My Answer: I don't know
Which of the following types of computer crimes is considered a masquerade attack? a. Wiretapping b. Data diddling c. Salami d. IP spoofing
My Answer: IP spoofing
When should definition files be updated for the program your computer uses to scan for viruses and malware? a. Only during a full virus scan b. Immediately when updates are available c. When the admin direct that updates be downloaded d. At least once per week
My Answer: Immediately when updates are available
Which network type is set up similar to the internet but is private to an organization? a. MAN b. Extranet c. Lan d. Intranet
My Answer: Intranet
What's a replay cryptanalytic attack? a. It's an attack when an attacker captures come systematic data and replays it in order to spoof a computing system into thinking they are engaging in authorized activity. b. It's a non-mathematical cryptanalytic attack, Instead of using math, the attacker analyzes other encryption related information, such as electrical power and time it takes for computing systems to decrypt the targeted data. c. It's an attack when an attacker calculates the probability of specific keys by using a block algorithm d. It's an attack that attempts encryption from one end and decryption from the other
My Answer: It's a non-mathematical cryptanalytic attack, Instead of using math, the attacker analyzes other encryption related information, such as electrical power and time it takes for computing systems to decrypt the targeted data.
What's phishing? a. It's when firmware-level spyware is deployed to route credentials or other sensitive data to an attacker's botnet b. It's a social engineering technique when a group of attackers impersonate popular underground jam band phish to conduct a "Farmhouse" attack on a data center c. It's a social engineering technique when an attacker pretends to be an entity or organization in order to steal credentials or other sensitive data d. It's when attackers utilize digital "lures" in a network transported data stream in order to acquire cipher text, then they reel 'em in
My Answer: It's a social engineering technique when an attacker pretends to be an entity or organization in order to steal credentials or other sensitive data.
Which of the following is an advantage of wireless networking? a. Wireless standards seldom change b. It's difficult for electronic equipment to interfere with wireless signals c. It's easier to provide connectivity in areas where it's difficult to lay cable d. WiFi is more secure than Ethernet
My Answer: It's easier to provide connectivity in areas where it's difficult to lay cable.
Which of the following is a downside of automated pen testing? a. It's usually more time consuming than other types of pen testing b. It's unable to properly test for physical and social engineering vulnerabilities c. It's usually more expensive than other types of pen testing d. It generates less network traffic than other types of pen testing
My Answer: It's unable to properly test for physical and social engineering vulnerabilities
What's a dictionary attack? a. It's when a program with commonly used words and character combinations is used to crack passwords. b. It's when a program uses all kinds of different types of character combinations to crack passwords. c. It is a social engineering technique when an attacker takes a name from a dictionary to impersonate an authority figure. d. It's when the oxford English dictionary, the farmer's almanac, Bjarne Stroustrup's C++ manual, Leo Tolstoy's war and peace, or another some such larger book is thrown at a physical lock in order to break it.
My Answer: It's when a program with commonly used words and character combinations is used to crack passwords.
What's war walking? a. It's a slow but steady WiFi password cracking technique b. It's when a botnet of wireless APs is used to crack passwords on other wireless APs. c. It's when someone travels by foot searching for open WiFi wireless networks with a laptop or other mobile device d. It's when someone draws symbols or markins in an area to indicate open WiFi.
My Answer: It's when someone travels by foot searching for open WiFi wireless networks with a laptop or other mobile device
Which operating system is most useful for penetration testing? a. Kali linux b. Android c. Windows 7 d. Redhat
My Answer: Kali Linux
Which of the following is the best option for a user to ensure the confidentiality of his/her data? a. Creating unencrypted backup copies of data b. Keeping OS patched and up to date c. Encryption d. Keeping data password unprotected
My Answer: Keeping OS patched and up to date
A program seems to be legitimate but has a hidden purpose (usually to infect the whole system) is called _____________. a. Trojan horse b. Code Red c. Logic bomb d. Slammer
My Answer: Logic bomb
Which of the provided attacks is passive to a network environment? a. Traffic analysis b. Masquerading c. Message modification d. Denial of service
My Answer: Masquerading
Which of the following operating system (OS) functions facilitates communication with other computers? a. File system access b. Process isolation c. Network communication d. Access control
My Answer: Network communication
Someone from the IT department found a USB drive on the bathroom floor and it was labeled "layoffs". Should this be considered a social engineering tactic? a. Yes b. No
My Answer: No
Which security function ensures that a subject cannot deny that an event has occurred. a. Confidentiality b. Concealment c. Non-repudiation d. Authenticity
My Answer: Non-repudiation.
If used correctly, what is the only completely unbreakable form of encryption? a. Steganography b. Diffie-Hellman c. SSHA d. One time pad
My Answer: One time pad
What's the difference between substitution and permutation (Select 2). a. Permutation rearranges characters like an anagram. b. Permutation replaces one character with another. c. Substitution replaces one character with another d. Substitution rearranges characters like an anagram.
My Answer: Permutation rearranges characters like an anagram. AND Substitution replaces one character with another
Which of these security measures can ensure that no one can break into the server room to take away the servers? a. physical b. logical c. administrative d. technical
My Answer: Physical
You would be cleaning the registry entries and removing any backdoors from the systems in which phase of a penetration test? a. Post attack b. Any of the above c. During the attack d. Pre-attack
My Answer: Pre-attack
Network access controls are designed to prevent or reduce zero day attacks and perform access control. NACs can be implemented with several philosophies. Which philosophy requires a system to meet current security requirements before it is allowed to communicate with the network? a. Starter philosophy b. Introduction philosophy c. Preadmission philosophy d. Post admission philosophy
My Answer: Preadmission philosophy
A black box tester is trying to attempt data ex-filtration. What is the test most likely to attempt after gaining access to the system? a. Change e-mail account passwords b. Chain of custody c. Erase firewall logs d. Privilege Escalation
My Answer: Privilege escalation
A ___________ firewall monitors and controls traffic as it passes through virtual machines within a virtualized environment a. Virtual b. Proxy c. Reverse d. Dual-homed
My Answer: Proxy
A user starts her computer and finds a message that says "Your computer is encrypted" and she needs to pay $5000 to decrypt her disk. This type of attack is called: a. Malware b. Adware c. Ransomware d. Spyware
My Answer: Ransomware
Without proper physical security, a hacker would be able to implement which if these attacks? a. SQL injection b. Web application hacking c. Session hijacking d. Rouge access point
My Answer: Rouge Access Point
PAT is a subset of _______ a. NAT b. POT c. NAS d. SAT
My Answer: SAT
What is used for naming wireless networks? a. SSID (Service Set Identifier) b. Wireless password c. Network key d. None of these
My Answer: SSID (Service Set Identifier)
Which protocol authentication information is vulnerable to a sniffing and replay attack? a. SSH b. FTP c. SSL d. SFTP
My Answer: SSL
Which form of cabling is least susceptible to EM interference? a. Coaxial b. STP c. UTP d. Fiber optic
My Answer: STP (Shielded twisted pair )
Before the security administrator implements a firewall at ABC Inc., he needs to ensure that ABC Inc. has a well defined ___________ a. Security procedure b. Security guideline c. Security policy d. Advisory bulletin
My Answer: Security policy
At which layer of the OSI model does the HTTP protocol exist? a. Presenation b. Application c. Session d. Physical
My Answer: Session
The distinct key that is used to encrypt data within each connection is known as the _____ key. a. KEK b. Session c. Secret d. One time
My Answer: Session
_________ is a piece of data that is used in network communications (often over HTTP) to identify a series of related message exchanges. They are necessary in cases where the communications infrastructure uses a stateless protocol such as HTTP. a. None of the below b. User ID c. Session ID d. Web proxy
My Answer: Session ID
An attempt to get someone to reveal sensitive information is known as __________. a. Cracking b. Social engineering c. Hacking
My Answer: Social engineering
Extracting information from personnel for the purpose of aiding a network attack is known as a. Smurf attack b. LAND attack c. Vulnerability assessment d. Social engineering
My Answer: Social engineering
Jimmy is standing outside a secure entrance to a facility. he is pretending to have a tense conversation on his cell phone as an authorized employee badges in. jimmy, while still on the phone grabs the door as it begins to close. What just happened? a. Tailgating b. Whaling c. Pantomiming d. Phishing
My Answer: Tailgating
Which of these is not a valid technique used by a social engineer? a. Promoting fear b. Establishing credibility c. Trappings of role d. There are all valid techniques
My Answer: These are all valid techniques
What is the purpose of the SHA-1 function? a. To provide availability b. To provide confidentiality c. To provide integrity d. To provide repudiation
My Answer: To provide integrity
Which of these is the most common risk among malware accidentally installed by using compromised USB thumb drives? a. Logic bombs b. Trojan Horses c. USB thumb drives don't pose a risk d. Buffer overflows
My Answer: Trojan Horse
A penetration tester does NOT need to be aware of the legal ramifications of hacking a network, since he has obtained the prior explicit consent of the owner. a. True b. False
My Answer: True
DES (Data Encryption Standard) was one of the earliest modern, vendor neutral symmetric encryption standards. a. True b. False
My Answer: True
Elliptic curve cryptography (ECC) has heavy computational and high memory requirements. a. True b. False
My Answer: True
Is it possible that the fire suppression materials end up causing more damage than the fire itself a. True b. False
My Answer: True
Open wireless networks are susceptible to interception because they are not encrypted. a. True b. False
My Answer: True
Roger notices an open Wi-Fi network and connects to it to surf the internet from his company laptop. This is a security issue. a. True b. False
My Answer: True
Since a WPS PIN has an effective size of 7 digits (the eighth is a checksum), it has 10,000,000 possibilities. this makes WPS safe against attackers. a. True b. False
My Answer: True
Social engineering can be used when planning to hack a wireless network a. True b. False
My Answer: True
WEP provides the elast secure communication channel for wireless networks besides plain text. a. True b. False
My Answer: True
WPA was the resulting replacement for WEP due to its weak encryption and poor vector handling. a. True b. False
My Answer: True
WPA-LEAP is vulnerable to a brute force attack. a. True b. False
My Answer: True
When the IDS detects a valid attack, it is known as _________. a. True positive b. False negative c. False positive
My Answer: True positive
Choose the definition if hashing algorithm collision a. The hashing algorithm is not vulnerable to the birthday attack b. Two different inputs give different outputs c. Two different inputs give the same output d. The hashing algorithm is vulnerable to the birthday attack.
My Answer: Two different inputs give the same output.
IV collision' occurs in which of these? a. WPA b. WPA2 c. WPS d. WEP
My Answer: WEP
Skillset wants to implement a secure wireless network. Which of the following choices offers the most secure wireless protocol? a. b. c. d.
My Answer: WPA2
Peter is setting up a wireless router at home. Which of tehse would best suit his security needs: a. WPA2-Personal b. WPA-Personal c. WPA-Enterprise d. WEP e. WPA2-Enterprise f. Open
My Answer: WPA2-Personal
How would an attacker find the presence of a 809.11b network? a. Pharming b. War driving c. Whaling d. Was dialing
My Answer: War driving
Veronica, the network administrator, was alerted of an unauthorized email that was sent to VIPs in the company with a malicious attachment. Which kind of attacks is MOST likely being described in this scenario? a. Phishing b. Pharming c. Vishing d. Whaling
My Answer: Whaling
Which is not an example of a wireless attack? a. bluesnarfing b. war driving c. bluejacking d. flash cookies
My Answer: bluejacking
SSIDs are broadcasted by the access point by default. a. True b. False
My Answer: false;
The network that is placed behind the router and in front of a firewall or another device which protects the internal network is called ___________. a. Static NAT b. PAT c. DMZ d. Extranet
DMZ
