CMPS 409 all questions

Which of the following best describes a vulnerability? a. A rootkit b. A weakness c. A worm d. A virus

A weakness

IPsec uses which two modes? a. AES/DES b. EH/ASP c. AH/ESP d. AES/ESP

AH/ESP

At which layer of the OSI model does a proxy operate? a. Physical b. Data Link c. Network d. Application

Application

[IMPORTANT] What kind of domain resides on a single switchport? a. Secure domain b. Broadcast domain c. Collision domain d. Windows domain

Collision domain

A white‐box test means the tester has which of the following? a. No knowledge b. Complete knowledge c. Some knowledge d. All passwords

Complete knowledge

[IMPORTANT] A good defense against password guessing is _______. a. Complex passwords b. Fingerprints c. Use of NTLM d. Password policy

Complex passwords

[IMPORTANT] Which of the following can be used to protect data stored in the cloud? a. Harvesting b. SSL c. Drive encryption d. Transport encryption

Drive encryption

Which of the following is not a flag on a packet? a. END b. RST c. URG d. PSH

END

A vulnerability scan is a good way to do what? a. Identify hardware b. Find weaknesses c. Find open ports d. Find operating systems

Find weaknesses

A message digest is a product of which kind of algorithm? a. Steganography b. Hashing c. Asymmetric d. Symmetric

Hashing

[IMPORTANT] What can be used instead of a URL to evade some firewalls used to protect a cloud based web application? a. IP address b. NIDS c. Encryption d. Stateful inspection

IP address

What network appliance senses irregularities and plays an active role in stopping that irregular activity from continuing? a. Firewall b. System administrator c. IPS d. IDP

IPS

A banner can do what? a. Identify an OS b. Identify weaknesses c. Help during scanning d. Identify a service

Identify a service

Which attack alters data in transit within the cloud? a. Port scanning b. Encryption c. MitM d. Packet sniffing

MitM

__________ is used to synchronize clocks on a network. a. FTP b. NTP c. NetBIOS d. SAM

NTP

An attacker can use _______ to enumerate users on a system. a. TCP/IP b. NetBIOS c. NetBEUI d. NNTP

NetBIOS

Which of the following is used for identifying a web server OS? a. Telnet b. Wireshark c. Netcraft d. Fragroute

Netcraft

[IMPORTANT] Which tool can be used to view web server information? a. Packetcraft b. Netstat c. Warcraft d. Netcraft

Netcraft

Who first developed SSL? a. Netscape b. Sun c. Oracle d. Microsoft

Netscape

SNScan is used to access information for which protocol? a. SMTP b. HTTP c. FTP d. SNMP

SNMP

SMTP is used to perform which function? a. Send email messages b. Transmit status information c. Monitor network equipment d. Transfer files

Send email messages

What is the three-way handshake? a. A Xmas tree scan b. Part of a UDP scan c. The opening sequence of a TCP connection d. A type of half-open scan

The opening sequence of a TCP connection

There are how many different types of cloud hosting environments? a. Two b. Four c. Three d. Five

Three

[IMPORTANT] Why would you need to use a proxy to perform scanning? a. To perform full-open scans b. To fool firewalls c. To enhance anonymity d. Perform half-open scans

To enhance anonymity

Why use Google hacking? a. To speed up searches b. To target a domain c. To look for information about Google d. To fine-tune search results

To fine-tune search results

A public and private key system differs from symmetric because it uses which of the following? a. Two keys b. One algorithm c. Two algorithms d. One key

Two keys

Enumeration is useful to system hacking because it provides which of the following? a. IP ranges b. Usernames c. Configurations d. Passwords

Usernames

VRFY is used to do which of the following? a. Validate an email server b. Expand a mailing list c. Validate an email address d. Test a connection

Validate an email address

The Wayback Machine is used to do which of the following? a. View websites b. Back up copies of websites c. Get job postings d. View archived versions of websites

View archived versions of websites

________ involves grabbing a copy of a zone file. a. DNS transfer b. Zone transfer c. Zone update d. nslookup transfers

Zone transfer

Which command can be used to view NetBIOS information? a. nmap b. telnet c. netstat d. nbtstat

nbtstat

Which of the following is used to perform customized network scans? a. Nessus b. Wireshark c. nmap d. AirPcap

nmap

Which of the following would confirm a user named chell in SMTP? a. expn chell b. vrfy -u chell c. vrfy chell d. expn -u chell

vrfy chell

Port number __________ is used for SMTP. a. 25 b. 52 c. 389 d. 110

25

Which of the following best describes PGP? a. A key escrow system b. A type of key c. A way of encrypting data in a reversible method d. A symmetric algorithm

A way of encrypting data in a reversible method

Which ports does SNMP use to function? a. 161 and 162 b. 389 and 160 c. 160 and 161 d. 160 and 162

161 and 162

HTTPS is typically open on which port in a cloud based firewall? a. 110 b. 80 c. 443 d. 25

443

Port number ________ is used by DNS for zone transfers. a. 53/UDP b. 25/UDP c. 25/TCP d. 53/TCP

53/TCP

Which of the following does an ethical hacker require to start evaluating a system? a. Permission b. Training c. Planning d. Nothing

Permission

During an FIN scan, what indicates that a port is closed? a. SYN b. ACK c. RST d. No return response

RST

[IMPORTANT] During a Xmas tree scan what indicates a port is closed? a. SYN b. ACK c. No return response d. RST

RST

You have selected the option in your IDS to notify you via email if it senses any network irregularities. Checking the logs, you notice a few incidents but you didn't receive any alerts. What protocol needs to be configured on the IDS? a. SNMP b. POP3 c. SMTP d. NTP

SMTP

A DNS zone transfer is used to do which of the following? a. Synchronize server information b. Perform searches c. Copy files d. Decommission servers

Synchronize server information

________ is the process of exploiting services on a system. a. Backdoor b. Enumeration c. System hacking d. Privilege escalation

System hacking

An SYN attack uses which protocol? a. HTTP b. TCP c. Telnet d. UDP

TCP

Which of these protocols is a connection‐oriented protocol? a. POP3 b. TCP c. FTP d. UDP

TCP

Which of the following is used for banner grabbing? a. SSH b. Telnet c. Wireshark d. FTP

Telnet

Footprinting has two phases. What are they? a. Active and passive b. Scanning and enumerating c. Active and pseudonymous d. Social and anonymous

Active and passive

[IMPORTANT] When scanning a network via a hardline connection to a wired‐switch NIC in promiscuous mode, what would be the extent of network traffic you would expect to see? a. Entire network b. VLAN you are attached to c. All nodes attached to the same port d. None

All nodes attached to the same port

[IMPORTANT] What should a pentester do prior to initiating a new penetration test? a. Study the code of ethics b. Study the environment c. Get permission d. Plan

Get permission

An application would be developed on what type of cloud service? a. PaaS b. SaaS c. IaaS d. BaaS

PaaS

nmap is required to perform what type of scan? a. Service scan b. Threat scan c. Vulnerability scan d. Port scan

Port scan

Which of the following is not typically used during footprinting? a. Email b. Port scanning c. Google hacking d. Search engines

Port scanning

Enumeration does not uncover which of the following pieces of information? a. Services b. User accounts c. Ports d. Shares

Ports

A full-open scan means that the three-way handshake has been completed. What is the difference between this and a half-open scan? a. A half-open includes the final ACK. b. A half-open does not include the final ACK. c. A half-open uses TCP. d. A half-open uses UDP.

A half-open does not include the final ACK.

What is an ICMP echo scan? a. Part of a UDP scan b. A ping sweep c. A Xmas tree scan d. A SYN scan

A ping sweep

The group Anonymous is an example of what? a. Hacktivists b. Grayware c. Script kiddies d. Terrorists

Hacktivists

What is an SID used to do? a. Identify a domain controller b. Identify a user c. Identify a mail account d. Identify permissions

Identify a user

If a device is using node MAC addresses to funnel traffic, what layer of the OSI model is this device working in? a. Layer 3 b. Layer 2 c. Layer 4 d. Layer 1

Layer 2

Asymmetric encryption is also referred to as which of the following? a. Hashing b. Shared key c. Block d. Public key

Public key

[IMPORTANT] LDAP is used to perform which function? a. Query a file system b. Query a directory c. Query a mail server d. Query a network

Query a directory

[IMPORTANT] What type of cloud service would provide email hosting and associated security services? a. SaaS b. IaaS c. SSaS d. PaaS

SaaS

What phase comes after footprinting? a. Scanning b. Enumeration c. System hacking d. Transfer files

Scanning

SSL is a mechanism for which of the following? a. Securing stored data b. Verifying data c. Securing transmitted data d. Authenticating data

Securing transmitted data

[IMPORTANT] What is Tor used for? a. To tunnel through firewalls b. To hide the banner on a system c. To automate scanning d. To hide the process of scanning

To hide the process of scanning

What is the purpose of a proxy? a. To automate the discovery of vulnerabilities b. To perform a scan c. To keep a scan hidden d. To assist in scanning

To keep a scan hidden

[IMPORTANT] Why wouldn't someone create a private cloud? a. To reduce costs b. To maintain universal access c. To increase availability d. To offload technical support

To reduce costs

________ is a method for expanding an email list. a. RCPT TO b. VRFY c. SMTP d. EXPN

EXPN

SOAP is used to perform what function? a. Transport data b. Encrypt information c. Enable communication between applications d. Wrap data

Enable communication between applications

Altering a checksum of a packet can be used to do what? a. Send an RST b. Send a URG c. Reset a connection d. Evade an NIDS

Evade an NIDS

What is the purpose of social engineering? a. Gain information from the web looking for employee names b. Gain information from a human being through face-to-face or electronic means c. Gain information from a job site using a careful eye d. Gain information from a computer through networking and other tools

Gain information from a human being through face-to-face or electronic means

Which tool can show the network path of a packet? a. Whois b. DNS c. Tracert d. Ping

Tracert

SNMP is used to perform which function in relation to hardware? a. Trap messages b. Monitor security and violations c. Discard malicious traffic d. Manage users and groups

Trap messages

Which best describes a vulnerability scan? a. A way to find open ports b. A way to automate the discovery of vulnerabilities c. A way to diagram a network d. A proxy attack

A way to automate the discovery of vulnerabilities

Which type of hacker may use their skills for both benign and malicious goals at different times? a. White hat b. Black hat c. Gray hat d. Suicide hacker

Gray hat

Which of the following best describes what a hacktivist does? a. Defaces websites b. Performs social engineering c. Hacks for political reasons d. Hacks with basic skills

Hacks for political reasons

Which of the following describes an attacker who goes after a target to draw attention to a cause? a. Terrorist b. Hacktivist c. Criminal d. Script kiddie

Hacktivist

What does hashing preserve in relation to data? a. Integrity b. Repudiation c. Confidentiality d. Availability

Integrity

Which of the following best describes footprinting? a. Discussion with people b. Discovery of services c. Investigation of a target d. Enumeration of services

Investigation of a target

A cloud environment can be in which of the following configurations except? a. LaaS b. SaaS c. IaaS d. PaaS

LaaS

Hubs operate at what layer of the OSI model? a. Layer 1 b. Layer 2 c. Layer 4 d. Layer 3

Layer 1

In IPsec, encryption and other processes happen at which layer of the OSI model? a. Level 2 b. Level 3 c. Level 4 d. Level 1

Level 3

What level of knowledge about hacking does a script kiddie have? a. Advanced b. High c. Low d. Average

Low

Which of the following is a common hashing protocol? a. DES b. MD5 c. RSA d. AES

MD5

Which record will reveal information about a mail server for a domain? a. Q b. MS c. A d. MX

MX

SNMP is used to do which of the following? a. Monitor network devices b. Retrieve mail from a server c. Synchronize clocks d. Transfer files

Monitor network devices

Which technology allows the use of a single public address to support many internal clients while also preventing exposure of internal IP addresses to the outside world? a. NTP b. NAT c. VPN d. Tunneling

NAT

A __________ is used to connect to a remote system using NetBIOS. a. Hash b. Rainbow table c. Rootkit d. NULL session

NULL session

What is the proper sequence of the TCP three‐way‐handshake? a. SYN‐SYN, SYN‐ACK SYN b. SYN, SYN‐ACK, ACK c. ACK, SYN‐ACK, SYN d. SYN‐ACK, ACK, ACK

SYN SYN‐ACK ACK

What is the sequence of the three-way handshake? a. SYN, SYN-ACK b. SYN SYN-ACK, ACK c. SYN, ACK, SYN-ACK d. SYN, ACK, ACK

SYN, SYN-ACK, ACK

[IMPORTANT] Which of the following can help you determine business processes of your target through human interaction? a. Job boards b. Website c. Email d. Social engineering

Social engineering

Which of the following would be a very effective source of information as it relates to social engineering? a. Job boards b. Social networking c. Port scanning d. Websites

Social networking

SaaS is a cloud hosting environment that offers what? a. Development options b. Testing options c. Software hosting d. Improved security

Software hosting

What type of firewall analyzes the status of traffic and would be part of a IaaS solution? a. Stateful inspection b. Circuit level c. Packet filtering d. NIDS

Stateful inspection

Which of the following describes a hacker who attacks without regard for being caught or punished? a. Terrorist b. Hacktivist c. Criminal d. Suicide hacker

Suicide hacker

Which of the following types of attack has no flags set? a. FIN b. Xmas tree c. SYN d. NULL

NULL

Which category of firewall filters is based on packet header data only? a. Application b. Packet c. Proxy d. Stateful

Packet

At what point can SSL be used to protect data? a. On Bluetooth b. On a flash drive c. On a hard drive d. During transmission

During transmission

Which of the following would be hosted as SaaS? a. Email b. Firewalls c. Databases d. IDS

Email

What is missing from a half-open scan? a. SYN-ACK b. ACK c. SYN d. FIN

ACK