Blackboard
You are trying to access a share named "FILES" on a server named "SERVER". Your account has permissions to access thatdirectory. How would you map a drive to this server? net use * \\server\files net use z: \\server\files mount \\server\files z: A or B
A or B
Which DNS Resource Record type is your computer requesting when it wants to know the IPv4 address for isc.sans.org? A record IP record MX record NS record
A record
Your web browser issues a GET request for /example.html. Assuming that a web server is operating properly and it DOES NOThave a file called /example.htmlhow will it respond? A response code of 100 A response code of 200 A response code of 404 The server will not respond
A response code of 404
What type of address is this: 169.254.X.X? APIPA Localhost Google Internet
APIPA
What does ARP stand for? Address Resolution Protocol Act Rapidly Process Add Random Protocol Address Redirect Protocol
Address Resolution Protocol
Which of the following describes a star topology network? All devices are connected to a central device, such as a network switch Each device is directly connected to every other device All devices are connected to a single cable Each device is directly connected to two other devices, such that data can flow through a series of devices to get between two points
All devices are connected to a central device, such as a network switch
Host 1 (192.168.6.10/24) wants to send a packet to Host 2 (192.168.47.35/24). Which path will this packet take to reach itsdestination, assuming that both 192.168.6.0 and 192.168.47.0 are in the gateway's routing table? Host 1 -> Internet -> Host 2 Host 1 -> default gateway -> Host 2 Host 1 -> default gateway -> Internet -> Host 2 Host 1 -> Host 2
Host 1 -> default gateway -> Host 2
Several computers on your network are being assigned the wrong DNS server IP address. You visit them and verify that they areusing DHCP. What might be a possible cause? The DHCP server has issued all of the DNS server IP addresses in its pool The DHCP server lease pool is exhausted The DNS server is offline, so the DHCP server is redirecting traffic Someone has setup another DHCP server
Someone has setup another DHCP server
Select the following statement that is true: Transferring data over UDP is more reliable than over TCP. Transferring data over UDP is less reliable than over TCP. Transferring data over UDP has the same reliability as over TCP. It is inappropriate to compare the reliability of UDP and TCP regarding data transfer.
Transferring data over UDP is less reliable than over TCP.
Which of the following is NOT a component to a computer? USB-ROM Motherboard CPU RAM
USB-ROM
Which of the following is an encapsulated tunnel from Point A to Point B? VPN Proxy HTTPS telnet
VPN
Which of the following wireless encryption protocols can always be cracked? WEP WPA2 WPA Enterprise Radius
WEP
Of these, which is the most secure version of Wireless Security? WPA2 WEP OPN TKIP
WPA2
Which command allows you to find files on a linux system? locate search srch lcte
locate
Which command lists the files in your current directory? ls cd mv cp
ls
How do you list hidden files in Linux? ls a ls l ls h ls n
ls a
Which choice do place before a command to see the manual for that program? man help info google
man
Which of the following commands can be used to read the manual for your application? help Help ? Man
man
Which of the following tools will allow you to verify the MD5 sum of a file? md5sum md5check md5hash md5create
md5sum
What command allows you to create a folder in linux? mkdir mv crdir rmdir
mkdir
Which of the following options will create a user named "John" from the command line on the Windows operating system? useradd John net user John /add add user John -n C:\Users\John manageaccount John /add-new
net user John /add
Which of the following options will set the password for the username of "John" to "P@ssw0rd" from the command line on theWindows operating system? User John P@ssw0rd set Password reset is not available from the command line net user John P@ssw0rd net user P@ssw0rd John
net user John P@ssw0rd
Which of the following is a port scanner? nmap hashcat aircrack-ng wireshark
nmap
If a user is a member of two groups, one of which has explicit "ALLOW Read & Execute" of a file and the other has explicit "DENYRead & Execute", will the user be able to read the file? Yes No
no
If a user is a member of two groups, one of which has inherited "ALLOW Read & Execute" of a file and the other has explicit "DENYRead & Execute", will the user be able to read the file? Yes No
no
Which of the following commands is NOT used in the management of files and directories? ping mkdir touch chmod
ping
Which command is NOT used to either create or delete directories? rmdir ren mkdir rd
ren
How do you remove a file from linux named secret.txt? rm secret.txt del secret.txt apt secret.txt mv secret.txt
rm secret.txt
What linux users can view the shadow file? root local home shadow
root
Which of the following commands is used to query the RPM database to determine if a package (such as tcpdump) is installed? yum find tcpdump rpm tcpdump yum search tcpdump rpm qa | grep tcpdump
rpm qa | grep tcpdump
Which of the following will launch Windows Explorer as the user "bob"? runas /u:bob/run:explorer.exe runas /user:bob explorer.exe runas-bob-cmd=explorer runas /user:bob/run:explorer.exe
runas /user:bob explorer.exe
Which of the following commands can be used to determine the full path and parameters that are used to start the WebClientservice? sc query CMD WebClient sc qc WebClient sc query WebClient sc query all WebClient
sc qc WebClient
There are many ways to start and stop services on Windows. Which of the following commands is NOT a valid way to start theWebClient service? wmic service where name="WebClient" call StartService service WebClient start net start WebClient sc start WebClient
service WebClient start
In the linux command line a $ means you are _____ type of user and # means you are ____ type of user. Standard/root Root/Standard root/root standard/standard
standard/root
A Hard drive is used to do what? Store digital Information Volatile memory Type information into a computer Process information
store digital information
What command allows you to run elevated commands from a standard user account? sudo sido elevate priv
sudo
True False The first three octets of a MAC address identify the manufacturer
true
How do you list system information in linux? uname a sysinfo system uname b
uname a
Which command allows you to add a user to at linux operating system? useradd add user user add user
useradd
What command allows you to see logged in users in linux? w h l g
w
If a user is a member of two groups, one of which has explicit "ALLOW Read & Execute" of a file and the other has inherited "DENYRead & Execute", will the user be able to read the file? Yes No
yes
Which of the following commands is used to install soft3ware from an online repository? install yum install rpm install installrpm
yum install
Which if the following commands is used to install software updates? rpm update update yum update installupdate
yum update
Which of the following commands is used to update all installed RPM packages EXCEPT for httpd? yum update --exclude httpd yum dont-update httpd yum update --without-httpd yum update httpd
yum update --exclude httpd
What protocol typically runs on port 80? HTTP HTTPS SSH Telnet
HTTP
How do you view a list of your previous commands in linux? history previous histsize echo
history
Which command is used to verify your IP address in linux? ifconfig ipconfig itconfig whois
ifconfig
Which command is used to return network configuration information? ipconfig mklink driverquery fsutil
ipconfig
Which flag after ls allows you to see permissions of files in your current directory l a n d
l
In which layer do switches operate? Layer 1 Layer 2 Layer 3 Layer 4
layer 2
HTTP is a protocol that operates at what layer of the OSI model? Layer 3 Layer 4 Layer 6 Layer 7
layer 7
Which of the following status codes indicates that you do not have permission to access the requested URL? 200 403 404 500
403
The HTTPS protocol typically runs on which of the following ports? 443 80 1080 23
443
The IP address 127.0.0.1 is the ip address for what? Localhost Google Amazon My local router
localhost
What allows you chain commands together only performing the second command after the first command is completed? && | (pipe) = /
&&
Which of the following is a strong password? *jkET<#@0kjr passwordpassword1212 drowssap SuperSecretPassword
*jkET<#@0kjr
What would the permissions be after running the command chmod 754 file ? -r-xr-xr-- -rwxr-xr-- -rwxrwxrw- -rwxr--r--
-rwxr-xr--
What is the root directory for linux? / /home /var /usr
/
Linux configuration files are located in which directory? /etc /usr /home /var
/etc
Which of the following files contains hashes of user passwords on most modern Linux distributions? /etc/passwd /etc/sshd_config /etc/shells /etc/shadow
/etc/shadow
What is the UID of the root user? 0 100 1 10
0
Valid TCP ports are within the range: 1-1024 0-65535 1-65635 0-1048576
0-65535
Which of the following is a valid MAC address? 00:AA:1A:B2:D3:F4 00:AA:1G:B2:D7:FF GH:AB:01:43:9J:FA FF:FF:GG:33:1S:AD
00:AA:1A:B2:D3:F4
Which of the following groups of IPs are separate subnets? 192.168.20.X/10.0.254.Y 192.168.20.X/192.168.20.Y 10.0.254.X/10.0.254.Y 172.16.42.X/172.16.42.Y
192.168.20.X/10.0.254.Y
How many available hosts are in a /24 subnet? 254 128 32 24
254
There are two devices with the IP addresses 10.10.5.5 and 10.10.10.10. Which of the following subnet masks will logically placeboth devices on the same network? 255.255.0.0 255.255.255.0 255.255.255.128 255.255.255.248
255.255.0.0
What would the default subnet mask be for the IP range 172.16.0.0/16? 255.0.0.0 255.255.0.0 255.255.248.0 255.255.255.0
255.255.0.0
Which of the following is the proper procedure to follow when you are having syntax errors? Analyze the issue -> use the man pages -> ask a neighbor -> google -> Ask the instructor Ask the instructor -> google -> use the man pages -> Analyze the issue > ask a neighbor Analyze the issue -> Ask an instructor -> use the man pages -> ask a neighbor -> google Ask a neighbor -> use the man pages -> google -> Ask the instructor -> Analyze the issue
Analyze the issue -> use the man pages -> ask a neighbor -> google -> Ask the instructor
You want to configure your firewall to allow people inside your network to ping anyone, but not allow anyone outside your network totraceroute anything behind your firewall. How should you configure it? Block all ICMP Block all ICMP Echo Responses Block all outbound ICMP Block all outbound ICMP Time Exceeded in Transit
Block all outbound ICMP Time Exceeded in Transit
Bob runs the command "runas/user:bob_admincmd.exe". When prompted for the password, bob enters "bob<3alice" and aCommand Prompt is successfully launched. Which of the following statements must be true? Bob_admin must be a valid account on the local system Bob_admin must love Alice Bob uses the same password as Bob_admin Bob is a member of the Administrators group
Bob_admin must be a valid account on the local system
What is one ways to prevent an adversary from modifying the setting of your wireless router? Change the default password Change the IP address Limit the number of hosts MAC Address filter
CHANGE THE DEFAULT PASSWORD
Which of the following deals with providing IP addresses on a network? DHCP DNS ARP Netstat
DHCP
What are the 4 steps followed by a DHCP Client to obtain an IP Address? DHCPDiscover, DHCPOffer, DHCPRequest, DHCPAck DHCPDiscover, DHCPOffer, DHCPAssign, DHCPAccept DHCPRequest, DHCPReply, DHCPAssign, DHCPAccept DHCPRequest, DHCPResponse, DHCPAssign, DHCPAccept
DHCPDiscover, DHCPOffer, DHCPRequest, DHCPAck
What is the noun used in the cmdlets to view and set whether scripts can be executed? ExecutionPolicy AllowScripts AllSigned Execution_Policy
ExecutionPolicy
Which of the following best describe how "TRACERT.EXE" identifies all the hops in a route? It increments TTL values and receives ICMP Echo Responses It increments TTL values and receives ICMP Time Exceeded in Transit messages It increments RouteCount and receives ICMP Echo Responses It increments RouteCount values and receives ICMP Time Exceeded in Transit messages
It increments TTL values and receives ICMP Time Exceeded in Transit messages
Which of the following is NOT a good application for the UDP protocol? Watching videos on Youtube.com Listening to a live broadcast of the SecurityWeekly.compodcast Single Packet In, Single Packet out applications like DNS queries & response Managing a server over SSH
Managing a server over SSH
By default, does PowerShell allow you to run scripts that you have written on the local computer? Yes No
NO
A group of computers attached to one another through communication media is called what? Net Network Switch E-mail All of the Above
Network
Which of the following devices operates ONLY at the Physical Layer? Router Network Firewall Network Hub Network Switch
Network Hub
Which of the following methods does RIP Version 1 support for authenticating route updates? MD5 Passwords SHA1 Passwords Cisco Secret 7 passwords No Authentication is supported
No Authentication is supported
192.452.199.504 is an example of a: IPv4 address IPv6 address MAC Address None it is not valid
None it is not valid
The first six bytes of a MAC address pertain to what? OUI Serial Number Type of Device Logical Address
OUI
n attacker sent a fragmented packet containing "GET /etc/junker" followed by a packet containing "shadow" such that the wordshadow overwrites the word junker when it is reassembled, what type of IDS evasion technique has the attacker employed? Fragment Overwrite attack Overlapping Fragment attack Temporal IDS Evasion Tiny fragment attack
Overlapping Fragment attack
You are able to reach a website by its IP address, but not by its host name. You check your settings on your Windows 7 host bytyping "IPCONFIG /ALL". Your DNS IP address is correctly assigned. What is a logical thing to check? PING the IP address of the DNS server to see if it is up Temporarily stop your Antivirus software and try again Check your routing table by typing "ROUTE PRINT" Run a TRACERT to the IP address your trying to reach
PING the IP address of the DNS server to see if it is up
An IP address of 192.168.1.5 is what type of IP address? Private Public Internet Localhost
Private
What does RAM stand for? Random-access memory Readily Accessible Memory Repeater Memory Readable Access Memory
Random-access memory
Which of the following is true about the types of routes a router can support? Routers can support direct routes or static routes Routers can support static routes , direct connected routes and dynamic routes Routers can support static routes or dynamic routes but not both Routers only support direct connected routes
Routers can support static routes , direct connected routes and dynamic routes
QUESTION 32 What protocol typically runs on port 22? SSH HTTP Telnet FTP
SSH
What are the three parts of a TCP handshake? SYN -> SYN-ACK -> ACK ACK -> SYN -> ACT SEN -> REC -> ACK APT -> GET -> DUN
SYN -> SYN-ACK -> ACK
The three packets (in order) responsible for establishing a connection over TCP are: FIN, FIN-ACK, ACK SYN, ACK, SYN-ACK SYN, SYN-ACK, ACK SYN, FIN, ACK
SYN, SYN-ACK, ACK
Fragmentation occurs at which layer(s) of the OSI model? Fragmentation occurs at Layer 3 only Fragmentation occurs at Layer 2 and Layer 4 Fragmentation occurs at Layer 2, Layer 3 and Layer 4
layer 3
Assuming nothing is cached anywhere, which of the following accurately describes how we get an answer from our DNS serverwhen we look up the host ISC.SANS.ORG? We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS. Then ask ISC.SANS.ORG's DNS who answers the question. We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS who answers the question. We ask one of 13 root servers. Then ask .ORG who answers the question. We ask the .ORG servers first. Then SANS.ORG who gives us the answer.
We ask one of 13 root servers. Then ask .ORG. Then ask SANS.ORG's DNS who answers the question.
Ping the IP address 127.54.100.12. Does it respond? Unplug your network cables and ping it again. Does it respond? How is thatpossible? That IP address is the NAT address of your Windows Firewall. You're pinging your loopback address, which is any address with the first octet being 127. That IP address for the Web based management interface to the Windows Firewall.
You're pinging your loopback address, which is any address with the first octet being 127.
You are able to ping yourself at 192.168.0.7, your default gateway at 192.168.0.1, and devices on the Internet such as 4.2.2.2. Youare also able to ping devices on the Internet by their DNS names such as "ping www.sans.org". You can browse websites on yourinternal network, but you cannot browse websites on the Internet. Which of the following is a possible cause of the problem? Your Default Gateway is not set properly Your subnet mask is not set properly Your browser's proxy settings are not set properly Your DNS server is not set properly
Your browser's proxy settings are not set properly
Which of the following regular expressions would find Orville or Wilbur Wright on a line by itself? $(Orville|Wilbur) Wright^ ^(Orville or Wilbur) Wright$ ^(Orville|Wilbur) Wright$ $[Orville|Wilbur] Wright$^
^(Orville|Wilbur) Wright$
Which of the following network IP addresses must use NAT to access resources on the Internet? 10.5.4.2 172.16.52.4 192.168.1.4 All of the above
all of the above
What command in linux allows you to change directorys? cd mv ls cp
cd
Which command will make a file executable in Linux? chmod +x chown +x execute chown 444
chmod +x
Which command will set the permission of a file to read only for all users? chmod 111 chmod 222 chmod 777 chmod 444
chmod 444
Which command in Linux allows you to change ownership of a file? chown chmod owner modify
chown
What class is the following IP address 10.10.10.10? Class A Class B Class C Class D
class a
Which of these is a standard PowerShell Verb? Clear Unmark Unset Erase
clear
Which command allows you to schedule tasks in Linux? crontab /var/tmp nano vim
crontab
Which of the following commands will list the files on a remote share? dir\\servername\share dir \share net use \\servername\share net view \\servername\share
dir\\servername\share
A MAC address is hard-coded and cannot be spoofed. true false
false
QUESTION 67 In order to communicate with devices on the same subnet, a computer must communicate with its Default Gateway. true false
false
You have identified that your neighbor has wireless network with WEP encryption. You know this to be vulnerable to be cracked. It is legal for you to access this network since the encryption protocol is flawed. true false
false
Your MAC address will be recorded in the logs of an Internet web server you access. true false
false
Your computer has an IP address of 192.168.100.5. When you access www.sans.org192.168.100.5 will be recorded in their webserver logs. true false
false
How do you search a file for a specific string of text? grep search string cut
grep