Cyber 2600 Module 6 Practice Test
When the nmap tool is used, the sending of packets cannot be detected.
False
Which marketing term is used to describe the offering of a computing platform combining multiple sets of software in the cloud?
Platform as a Service (PaaS)
Which term is used for an integrated suite of tools or services offered as Security as a Service, or a third-party managed security service provider (MSSP), focused on cloud security?
cloud access security brokers (CASB)
The _______________ command provides a list of the hosts, switches, and routers in the order in which a packet passes through them, providing a trace of the network route from source to target.
tracert
What kind of an attack involves a piece of software that appears to do one thing (and may, in fact, actually do that thing), but hides some other functionality?
trojan
Running memdump to dump system memory to the standard output stream does not actually use memory.
False
Sender Policy Framework (SPF) validates the receiving address of the e-mail.
False
Tail is a utility designed to return the first lines of a file.
False
Targeted attacks are easier and take less time and effort than attacks on targets of opportunity.
False
The ping of death is a type of man-in-the-middle attack.
False
Type II hypervisors run directly on the system hardware.
False
Viruses can exist independent of a file, whereas worms require a file to infect.
False
When Secure FTP (SFTP) is used for confidential data transfer, what protocol is combined with FTP to accomplish this task?
Secure Shell (SSH)
The _______________ is a set of tools that can be used to target attacks at the people using systems; it has applets that can be used to create phishing e-mails, Java attack code, and other social engineering-type attacks.
Social-Engineering Toolkit
Which cloud computing service model involves the offering of software to end users from within the cloud?
Software as a Service (SaaS)
The movement to an account that enables root or higher-level privilege is known as _______________.
escalation of privilege
Which capability must be enabled on firewalls, secure web gateways, and cloud access security brokers to determine if the next system in a communication chain is legitimate or not?
instance awareness
Which command in Linux is used to show and manipulate routing, devices, policy routing, and tunnels?
ip
What term refers to a piece of code that sits dormant for a period of time until some event invokes its malicious payload?
logic bomb
One of the steps that the majority of system administrators running Internet e-mail servers have taken to reduce spam is to shut down __________.
mail relaying
Which attack occurs when the attacker captures a portion of a communication between two parties and retransmits it at a later time?
replay
Which term refers to a network connection used to interconnect virtual private clouds and on-premises networks?
transit gateway
What term refers to an attacker's attempt to discover unprotected modem connections to computer systems and networks?
war-dialing
Defense against attack begins by eliminating threats.
False
During penetration testing, zero-day vulnerabilities will be established.
False
If you test something and it comes back negative, but it was in fact positive, then the result is a false positive.
False
Which cloud computing service model describes cloud-based systems that are delivered as a virtual solution for computing that allows firms to contract for utility computing as needed rather than build data centers?
Infrastructure as a Service (IaaS)
Hoax e-mails can impact bandwidth.
True
Private cloud services will separate users with security restrictions, but the depth and level of these restrictions will be significantly greater than in a public cloud.
True
S/MIME is a secure implementation of the MIME protocol specification.
True
S/MIME uses the X.509 format for certificates.
True
Shimming is the process of putting a layer of code between the driver and the operating system.
True
What command is used to discover what systems are on a network and the open ports and services on those systems?
nmap
Which is the correct syntax for the ping command?
ping [options] targetname/address
The term "_______________ cloud" refers to a cloud service rendered over a system that is open for public use.
public
E-mail security is ultimately the responsibility of __________.
users themselves
The term __________ refers the unauthorized scanning for and connecting to wireless access points, frequently done while driving near a facility.
war-driving
__________ is a general term that refers to a variety of types of software that have been designed for some nefarious purpose.
Malware
__________ relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.
Social engineering
Because FTP servers can present a security risk, they are typically not permitted on workstations and are disabled on servers without need for this functionality.
True
Both ipconfig and ifconfig are command-line tools to manipulate the network interfaces on a system.
True
In the case of an FTP server, which account allows unlimited public access to the files and is commonly used when you want to have unlimited distribution?
anonymous
Which testing technique requires that the testers have no knowledge of the internal workings of the software being tested?
black box testing
Which cloud system is defined as one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor?
community
SYN flooding is an example of a __________.
denial-of-service attack
In technical terms, the application on the e-mail sender's machine is referred to as a __________.
mail user agent (MUA)
Which attack involves an attacker placing themselves in the middle of two other hosts that are communicating?
man-in-the-middle attack
Which command is used to monitor network connections to and from a system?
netstat
A __________ is a software or hardware device that is used to observe traffic as it passes through a network on shared broadcast media.
network sniffer
After a penetration test is planned, ______________ is the first step in performing that test; the objective is to obtain an understanding of the system and its components that someone wants to attack.
reconnaissance
Making data look like it has come from a different source is called __________.
spoofing
What type of software records and reports activities of the user (typically without their knowledge)?
spyware
Clouds can be created by many entities, but must be internal to an organization.
False
A computer system is attacked for one of two general reasons: it is specifically targeted by the attacker or it is a target of opportunity.
True
All versions of SSL have been shown to be vulnerable to breach.
True
Cloud-based data storage was one of the first uses of cloud computing.
True
What term is used for a situation where a scanner fails to report a vulnerability that actually does exist—that is, where the scanner simply missed the problem or didn't report it as a problem?
false negative
To examine a DNS query for a specific address, you can use the _______________ command.
nslookup
Which term refers to a form of malware that is specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality?
rootkit
Which port does HTTP traffic travel over by default?
TCP port 80
Which statement describes the primary purpose of JavaScript?
The primary purpose of JavaScript is to enable features such as validation of forms before they are submitted to the server.
Which type of computing brings processing closer to the edge of the network, which optimizes web applications and IoT devices?
edge
What term is used for unsolicited commercial e-mail?
spam
Which term describes the hosting of a desktop environment on a central server?
virtual desktop infrastructure
Which testing technique is performed by testers who have detailed knowledge of the application and can thus test the internal structures within an application for bugs, vulnerabilities, and so on?
white box testing
Which term is used to define vulnerabilities that are newly discovered and not yet addressed by a patch?
zero day
__________ is essentially noting which domains and source addresses have a reputation for sending spam, and rejecting messages coming from those domains and source addresses.
Blacklisting
The _______________ is a list of known vulnerabilities in software systems.
Common Vulnerabilities and Exposures (CVE) enumeration
_______________ are a form of operating system virtualization; they are a packaged-up combination of code and dependencies that help applications run quickly in different computing environments.
Containers
A birthday attack is a type of logic bomb virus that releases its payload on the birthday of some famous person, such as Michelangelo.
False
A control classified as preventative has to be known by a person in order to be effective.
False
All mail servers support spam URI Real-time Block Lists (SURBLs) technology.
False
All risks need to be mitigated or controlled.
False
Assigning a financial value to an intangible impact is easy.
False
Change management and configuration management are essentially the same process.
False
If your organization is highly sensitive to sharing resources, you might want to consider the use of a public cloud to reduce exposure and increase your control over security, processing, and handling of data.
False
Which computing service model is used for the outsourcing of security functions to a vendor that has advantages in scale, costs, or speed?
Security as a Service
The process of taking control of an already existing session between a client and a server is known as __________.
TCP/IP hijacking
What is the goal of TCP?
TCPs send an unauthenticated, error-free stream of information between two computers.
Encryption is a failsafe—even if security configurations fail and the data falls into the hands of an unauthorized party, the data can't be read or used without the keys.
True
Escalation of privilege is the movement to an account that enables root or higher-level privilege.
True
Hoaxes are similar to chain letters, but instead of promising a reward, the story in the e-mail is typically what produces the action.
True
Legacy platforms is the term used to describe systems that are no longer being marketed or supported.
True
The logger command works from the command line, from scripts, or from other files, thus providing a versatile means of making log entries.
True
The presence of risks in a system is an absolute—they cannot be removed or eliminated.
True
Vulnerabilities are known entities; otherwise, the scanners would not have the ability to scan for them.
True
When an infrastructure is established "on premises," the unit of computing power is a server.
True
Zones can be used for replication and provide load balancing as well as high availability.
True
In the computer security world, _______________ is a process of assessing the security state of an organization compared against an established standard.
auditing
Which process involves implementing security tools and policies to ensure your container is running as intended?
container security
A(n) _______________ is a low-level program that allows multiple operating systems to run concurrently on a single host computer.
hypervisor
Which term denotes the policies and procedures employed to connect the IAM systems of the enterprise and the cloud to enable communication with the data?
secrets management
In a __________ attack, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.
smurf
Minimization of vulnerabilities is one of the foundational elements of defense.
True
Most e-mail is sent in plaintext, providing no privacy in its default form.
True
One of the characteristics of cloud computing is transparency to the end user.
True
Perpetrating some sort of electronic fraud is one reason a specific system might be targeted for attack.
True
Platform as a Service (PaaS) offerings generally focus on security and scalability.
True
Vulnerabilities are exploited by attackers to gain access to a system.
True
A worm is malicious code that has to attach itself to something else to survive.
False
