Blackboard

You are trying to access a share named "FILES" on a server named "SERVER". Your account has permissions to access thatdirectory. How would you map a drive to this server? net use * \\server\files net use z: \\server\files mount \\server\files z: A or B

A or B

Which DNS Resource Record type is your computer requesting when it wants to know the IPv4 address for isc.sans.org? A record IP record MX record NS record

A record

Your web browser issues a GET request for /example.html. Assuming that a web server is operating properly and it DOES NOThave a file called /example.htmlhow will it respond? A response code of 100 A response code of 200 A response code of 404 The server will not respond

A response code of 404

What type of address is this: 169.254.X.X? APIPA Localhost Google Internet

APIPA

What does ARP stand for? Address Resolution Protocol Act Rapidly Process Add Random Protocol Address Redirect Protocol

Address Resolution Protocol

Which of the following describes a star topology network? All devices are connected to a central device, such as a network switch Each device is directly connected to every other device All devices are connected to a single cable Each device is directly connected to two other devices, such that data can flow through a series of devices to get between two points

All devices are connected to a central device, such as a network switch

Host 1 (192.168.6.10/24) wants to send a packet to Host 2 (192.168.47.35/24). Which path will this packet take to reach itsdestination, assuming that both 192.168.6.0 and 192.168.47.0 are in the gateway's routing table? Host 1 -> Internet -> Host 2 Host 1 -> default gateway -> Host 2 Host 1 -> default gateway -> Internet -> Host 2 Host 1 -> Host 2

Host 1 -> default gateway -> Host 2

Several computers on your network are being assigned the wrong DNS server IP address. You visit them and verify that they areusing DHCP. What might be a possible cause? The DHCP server has issued all of the DNS server IP addresses in its pool The DHCP server lease pool is exhausted The DNS server is offline, so the DHCP server is redirecting traffic Someone has setup another DHCP server

Someone has setup another DHCP server

Select the following statement that is true: Transferring data over UDP is more reliable than over TCP. Transferring data over UDP is less reliable than over TCP. Transferring data over UDP has the same reliability as over TCP. It is inappropriate to compare the reliability of UDP and TCP regarding data transfer.

Transferring data over UDP is less reliable than over TCP.

Which of the following is NOT a component to a computer? USB-ROM Motherboard CPU RAM

USB-ROM

Which of the following is an encapsulated tunnel from Point A to Point B? VPN Proxy HTTPS telnet

VPN

Which of the following wireless encryption protocols can always be cracked? WEP WPA2 WPA Enterprise Radius

WEP

Of these, which is the most secure version of Wireless Security? WPA2 WEP OPN TKIP

WPA2

Which command allows you to find files on a linux system? locate search srch lcte

locate

Which command lists the files in your current directory? ls cd mv cp

ls

How do you list hidden files in Linux? ls a ls l ls h ls n

ls a

Which choice do place before a command to see the manual for that program? man help info google

man

Which of the following commands can be used to read the manual for your application? help Help ? Man

man

Which of the following tools will allow you to verify the MD5 sum of a file? md5sum md5check md5hash md5create

md5sum

What command allows you to create a folder in linux? mkdir mv crdir rmdir

mkdir

Which of the following options will create a user named "John" from the command line on the Windows operating system? useradd John net user John /add add user John -n C:\Users\John manageaccount John /add-new

net user John /add

Which of the following options will set the password for the username of "John" to "P@ssw0rd" from the command line on theWindows operating system? User John P@ssw0rd set Password reset is not available from the command line net user John P@ssw0rd net user P@ssw0rd John

net user John P@ssw0rd

Which of the following is a port scanner? nmap hashcat aircrack-ng wireshark

nmap

If a user is a member of two groups, one of which has explicit "ALLOW Read & Execute" of a file and the other has explicit "DENYRead & Execute", will the user be able to read the file? Yes No

no

If a user is a member of two groups, one of which has inherited "ALLOW Read & Execute" of a file and the other has explicit "DENYRead & Execute", will the user be able to read the file? Yes No

no

Which of the following commands is NOT used in the management of files and directories? ping mkdir touch chmod

ping

Which command is NOT used to either create or delete directories? rmdir ren mkdir rd

ren

How do you remove a file from linux named secret.txt? rm secret.txt del secret.txt apt secret.txt mv secret.txt

rm secret.txt

What linux users can view the shadow file? root local home shadow

root

Which of the following commands is used to query the RPM database to determine if a package (such as tcpdump) is installed? yum find tcpdump rpm tcpdump yum search tcpdump rpm qa | grep tcpdump

rpm qa | grep tcpdump

Which of the following will launch Windows Explorer as the user "bob"? runas /u:bob/run:explorer.exe runas /user:bob explorer.exe runas-bob-cmd=explorer runas /user:bob/run:explorer.exe

runas /user:bob explorer.exe

Which of the following commands can be used to determine the full path and parameters that are used to start the WebClientservice? sc query CMD WebClient sc qc WebClient sc query WebClient sc query all WebClient

sc qc WebClient

There are many ways to start and stop services on Windows. Which of the following commands is NOT a valid way to start theWebClient service? wmic service where name="WebClient" call StartService service WebClient start net start WebClient sc start WebClient

service WebClient start

In the linux command line a $ means you are _____ type of user and # means you are ____ type of user. Standard/root Root/Standard root/root standard/standard

standard/root

A Hard drive is used to do what? Store digital Information Volatile memory Type information into a computer Process information

store digital information

What command allows you to run elevated commands from a standard user account? sudo sido elevate priv

sudo

True False The first three octets of a MAC address identify the manufacturer

true

How do you list system information in linux? uname a sysinfo system uname b

uname a

Which command allows you to add a user to at linux operating system? useradd add user user add user

useradd

What command allows you to see logged in users in linux? w h l g

w

If a user is a member of two groups, one of which has explicit "ALLOW Read & Execute" of a file and the other has inherited "DENYRead & Execute", will the user be able to read the file? Yes No

yes

Which of the following commands is used to install soft3ware from an online repository? install yum install rpm install installrpm

yum install

Which if the following commands is used to install software updates? rpm update update yum update installupdate

yum update

Which of the following commands is used to update all installed RPM packages EXCEPT for httpd? yum update --exclude httpd yum dont-update httpd yum update --without-httpd yum update httpd

yum update --exclude httpd

What protocol typically runs on port 80? HTTP HTTPS SSH Telnet

HTTP

How do you view a list of your previous commands in linux? history previous histsize echo

history

Which command is used to verify your IP address in linux? ifconfig ipconfig itconfig whois

ifconfig

Which command is used to return network configuration information? ipconfig mklink driverquery fsutil

ipconfig

Which flag after ls allows you to see permissions of files in your current directory l a n d

l

In which layer do switches operate? Layer 1 Layer 2 Layer 3 Layer 4

layer 2

HTTP is a protocol that operates at what layer of the OSI model? Layer 3 Layer 4 Layer 6 Layer 7

layer 7

Which of the following status codes indicates that you do not have permission to access the requested URL? 200 403 404 500

403

The HTTPS protocol typically runs on which of the following ports? 443 80 1080 23

443

The IP address 127.0.0.1 is the ip address for what? Localhost Google Amazon My local router

localhost

What allows you chain commands together only performing the second command after the first command is completed? && | (pipe) = /

&&

Which of the following is a strong password? *jkET<#@0kjr passwordpassword1212 drowssap SuperSecretPassword

*jkET<#@0kjr

What would the permissions be after running the command chmod 754 file ? -r-xr-xr-- -rwxr-xr-- -rwxrwxrw- -rwxr--r--

-rwxr-xr--

What is the root directory for linux? / /home /var /usr

/

Linux configuration files are located in which directory? /etc /usr /home /var

/etc

Which of the following files contains hashes of user passwords on most modern Linux distributions? /etc/passwd /etc/sshd_config /etc/shells /etc/shadow

/etc/shadow

What is the UID of the root user? 0 100 1 10

0

Valid TCP ports are within the range: 1-1024 0-65535 1-65635 0-1048576

0-65535

Which of the following is a valid MAC address? 00:AA:1A:B2:D3:F4 00:AA:1G:B2:D7:FF GH:AB:01:43:9J:FA FF:FF:GG:33:1S:AD

00:AA:1A:B2:D3:F4

Which of the following groups of IPs are separate subnets? 192.168.20.X/10.0.254.Y 192.168.20.X/192.168.20.Y 10.0.254.X/10.0.254.Y 172.16.42.X/172.16.42.Y

192.168.20.X/10.0.254.Y

How many available hosts are in a /24 subnet? 254 128 32 24

254

There are two devices with the IP addresses 10.10.5.5 and 10.10.10.10. Which of the following subnet masks will logically placeboth devices on the same network? 255.255.0.0 255.255.255.0 255.255.255.128 255.255.255.248

255.255.0.0

What would the default subnet mask be for the IP range 172.16.0.0/16? 255.0.0.0 255.255.0.0 255.255.248.0 255.255.255.0

255.255.0.0

Which of the following is the proper procedure to follow when you are having syntax errors? Analyze the issue -> use the man pages -> ask a neighbor -> google -> Ask the instructor Ask the instructor -> google -> use the man pages -> Analyze the issue > ask a neighbor Analyze the issue -> Ask an instructor -> use the man pages -> ask a neighbor -> google Ask a neighbor -> use the man pages -> google -> Ask the instructor -> Analyze the issue

Analyze the issue -> use the man pages -> ask a neighbor -> google -> Ask the instructor

You want to configure your firewall to allow people inside your network to ping anyone, but not allow anyone outside your network totraceroute anything behind your firewall. How should you configure it? Block all ICMP Block all ICMP Echo Responses Block all outbound ICMP Block all outbound ICMP Time Exceeded in Transit

Block all outbound ICMP Time Exceeded in Transit

Bob runs the command "runas/user:bob_admincmd.exe". When prompted for the password, bob enters "bob<3alice" and aCommand Prompt is successfully launched. Which of the following statements must be true? Bob_admin must be a valid account on the local system Bob_admin must love Alice Bob uses the same password as Bob_admin Bob is a member of the Administrators group

Bob_admin must be a valid account on the local system

What is one ways to prevent an adversary from modifying the setting of your wireless router? Change the default password Change the IP address Limit the number of hosts MAC Address filter

CHANGE THE DEFAULT PASSWORD

Which of the following deals with providing IP addresses on a network? DHCP DNS ARP Netstat

DHCP

What are the 4 steps followed by a DHCP Client to obtain an IP Address? DHCPDiscover, DHCPOffer, DHCPRequest, DHCPAck DHCPDiscover, DHCPOffer, DHCPAssign, DHCPAccept DHCPRequest, DHCPReply, DHCPAssign, DHCPAccept DHCPRequest, DHCPResponse, DHCPAssign, DHCPAccept

DHCPDiscover, DHCPOffer, DHCPRequest, DHCPAck

What is the noun used in the cmdlets to view and set whether scripts can be executed? ExecutionPolicy AllowScripts AllSigned Execution_Policy

ExecutionPolicy

Which of the following best describe how "TRACERT.EXE" identifies all the hops in a route? It increments TTL values and receives ICMP Echo Responses It increments TTL values and receives ICMP Time Exceeded in Transit messages It increments RouteCount and receives ICMP Echo Responses It increments RouteCount values and receives ICMP Time Exceeded in Transit messages

It increments TTL values and receives ICMP Time Exceeded in Transit messages

Which of the following is NOT a good application for the UDP protocol? Watching videos on Youtube.com Listening to a live broadcast of the SecurityWeekly.compodcast Single Packet In, Single Packet out applications like DNS queries & response Managing a server over SSH

Managing a server over SSH

By default, does PowerShell allow you to run scripts that you have written on the local computer? Yes No

NO

A group of computers attached to one another through communication media is called what? Net Network Switch E-mail All of the Above

Network

Which of the following devices operates ONLY at the Physical Layer? Router Network Firewall Network Hub Network Switch

Network Hub

Which of the following methods does RIP Version 1 support for authenticating route updates? MD5 Passwords SHA1 Passwords Cisco Secret 7 passwords No Authentication is supported

No Authentication is supported

192.452.199.504 is an example of a: IPv4 address IPv6 address MAC Address None it is not valid

None it is not valid

The first six bytes of a MAC address pertain to what? OUI Serial Number Type of Device Logical Address

OUI

n attacker sent a fragmented packet containing "GET /etc/junker" followed by a packet containing "shadow" such that the wordshadow overwrites the word junker when it is reassembled, what type of IDS evasion technique has the attacker employed? Fragment Overwrite attack Overlapping Fragment attack Temporal IDS Evasion Tiny fragment attack

Overlapping Fragment attack

You are able to reach a website by its IP address, but not by its host name. You check your settings on your Windows 7 host bytyping "IPCONFIG /ALL". Your DNS IP address is correctly assigned. What is a logical thing to check? PING the IP address of the DNS server to see if it is up Temporarily stop your Antivirus software and try again Check your routing table by typing "ROUTE PRINT" Run a TRACERT to the IP address your trying to reach

PING the IP address of the DNS server to see if it is up

An IP address of 192.168.1.5 is what type of IP address? Private Public Internet Localhost

Private

What does RAM stand for? Random-access memory Readily Accessible Memory Repeater Memory Readable Access Memory

Random-access memory

Which of the following is true about the types of routes a router can support? Routers can support direct routes or static routes Routers can support static routes , direct connected routes and dynamic routes Routers can support static routes or dynamic routes but not both Routers only support direct connected routes

Routers can support static routes , direct connected routes and dynamic routes

QUESTION 32 What protocol typically runs on port 22? SSH HTTP Telnet FTP

SSH

What are the three parts of a TCP handshake? SYN -> SYN-ACK -> ACK ACK -> SYN -> ACT SEN -> REC -> ACK APT -> GET -> DUN

SYN -> SYN-ACK -> ACK

The three packets (in order) responsible for establishing a connection over TCP are: FIN, FIN-ACK, ACK SYN, ACK, SYN-ACK SYN, SYN-ACK, ACK SYN, FIN, ACK

SYN, SYN-ACK, ACK

Fragmentation occurs at which layer(s) of the OSI model? Fragmentation occurs at Layer 3 only Fragmentation occurs at Layer 2 and Layer 4 Fragmentation occurs at Layer 2, Layer 3 and Layer 4

layer 3

Assuming nothing is cached anywhere, which of the following accurately describes how we get an answer from our DNS serverwhen we look up the host ISC.SANS.ORG? We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS. Then ask ISC.SANS.ORG's DNS who answers the question. We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS who answers the question. We ask one of 13 root servers. Then ask .ORG who answers the question. We ask the .ORG servers first. Then SANS.ORG who gives us the answer.

We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS who answers the question.

Ping the IP address 127.54.100.12. Does it respond? Unplug your network cables and ping it again. Does it respond? How is thatpossible? That IP address is the NAT address of your Windows Firewall. You're pinging your loopback address, which is any address with the first octet being 127. That IP address for the Web based management interface to the Windows Firewall.

You're pinging your loopback address, which is any address with the first octet being 127.

You are able to ping yourself at 192.168.0.7, your default gateway at 192.168.0.1, and devices on the Internet such as 4.2.2.2. Youare also able to ping devices on the Internet by their DNS names such as "ping www.sans.org". You can browse websites on yourinternal network, but you cannot browse websites on the Internet. Which of the following is a possible cause of the problem? Your Default Gateway is not set properly Your subnet mask is not set properly Your browser's proxy settings are not set properly Your DNS server is not set properly

Your browser's proxy settings are not set properly

Which of the following regular expressions would find Orville or Wilbur Wright on a line by itself? $(Orville|Wilbur) Wright^ ^(Orville or Wilbur) Wright$ ^(Orville|Wilbur) Wright$ $[Orville|Wilbur] Wright$^

^(Orville|Wilbur) Wright$

Which of the following network IP addresses must use NAT to access resources on the Internet? 10.5.4.2 172.16.52.4 192.168.1.4 All of the above

all of the above

What command in linux allows you to change directorys? cd mv ls cp

cd

Which command will make a file executable in Linux? chmod +x chown +x execute chown 444

chmod +x

Which command will set the permission of a file to read only for all users? chmod 111 chmod 222 chmod 777 chmod 444

chmod 444

Which command in Linux allows you to change ownership of a file? chown chmod owner modify

chown

What class is the following IP address 10.10.10.10? Class A Class B Class C Class D

class a

Which of these is a standard PowerShell Verb? Clear Unmark Unset Erase

clear

Which command allows you to schedule tasks in Linux? crontab /var/tmp nano vim

crontab

Which of the following commands will list the files on a remote share? dir\\servername\share dir \share net use \\servername\share net view \\servername\share

dir\\servername\share

A MAC address is hard-coded and cannot be spoofed. true false

false

QUESTION 67 In order to communicate with devices on the same subnet, a computer must communicate with its Default Gateway. true false

false

You have identified that your neighbor has wireless network with WEP encryption. You know this to be vulnerable to be cracked. It is legal for you to access this network since the encryption protocol is flawed. true false

false

Your MAC address will be recorded in the logs of an Internet web server you access. true false

false

Your computer has an IP address of 192.168.100.5. When you access www.sans.org192.168.100.5 will be recorded in their webserver logs. true false

false

How do you search a file for a specific string of text? grep search string cut

grep