eh e1

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What command can be used to check for the presence of an email username?

VRFY

Risk = Threats X _____

Vulnerabilities

Which program captures network traffic?

Wireshark

Why is it important to find the IP address when running a Nikto web server scan?

You need the IP address as part of the Nikto command to run the scan.

What does the MITRE ATT&CK repository provide?

a deep dive into the tactics and techniques used to infiltrate malware

Carmen combined available existing source code for a malware with additional new code to produce a revised code base. What has Carmen created?

a hybrid malware

"Automatically locking an account after, say, five unsuccessful logon attempts is often used to prevent _________ password cracking

active online

which tool would be best for Vscan nmap wireshark kali linux acunetix

acunetix

in the field of hacking, apt stands for

advance persistent threat

A(n) _____ is when a malicious actor gains access to a network, and remains undetected for weeks, months and even years

advanced persistent threat

Which type of malware is often seen as legitimate?

adware

When would you write code as a new polymorphic version of malware?

after modifying existing code in memory

Which of the folliwing is not an attack vector web pages email automobiles

all are attack vectors

Which of the following is NOT considered malware?

all are malware

which kali tool is used to provide a list of suitable exploits

amitage

How is BlackEnergy2 delivered?

as an encrypted payload from which a rootkit is installed by a decrypting dropper

Organizations seek to develop and employ good security practices to protect _____, which are tangible and intangible items that can be assigned a value.

assets

tangible or intangible items that can be assigned a value are

assets

Juanita is in charge of scanning for vulnerabilities at her job. Her manager wants her to check for outdated patches and listening ports. Juanita should use a(n) ___ scan

authenticated

A DoS attack refers to which basic tenet of information security

availability

Which of the following is NOT a recommended way to keep a smart home more secure?

avoid VPN's

which part of the command ""nmap -O -v 100.10.10.10 refers to operating system

-O

In Linux, the user ID and password are kept in the _____ file.

/etc/shadow

The well-known ports are in the range _____.

1-1023

The normal range of Bluetooth signals is about ________ meters

10

Let's encrypt requires that digital certificates be renewed every _____ days

180

Software viruses began in the ___________.

1970s

scanning is the ____ phase of ethical hacking

2nd

security policies should be reassessed about every _______ years

3 years

In 2017, about ______________ websites were hacked every day

30,000

About what % of companies have had their security compromised via mobile devices in 2020?

40%

About _________ of recently created Zoomdomains have characteristics of malware

5%

the dark web is estimated to be about ____ times larger than the public web

500

About __________ of global employees work from home at least once a week

70%

An HTTP tunnel it doesn't encapsulate within the HTTP protocol but sends contents over port _____.

80

Which wireless standard has the greatest bandwidth?

802.11n

Over ______ of data breaches are due to inadequate training in cybersecurity?

90%

A good way to prevent cross-site scripting in a web form is to prohibit the use of these symbols

<>

a good way to prevent XSS in a web form is to prohibit the use of these symbols

<>

A list of _____ is an example of personally identifiable information.

A complete name and their corresponding social security number

Which of these techniques redirects traffic to an attackers MAC address?

ARP poisoning

In defending against spyware, disable _____, which has been known to be a security risk for quite a while.

Active X

This is a suite of WLAN auditing tools

Aircrack-ng

Which of the following is NOT a Linux distribution?

All are

NTFS __________ can be used to store data in hidden files that are linked to a regular visible file.

Alternate Data Streaming (ADS)

How does a typical Sofacy attack start?

An exploit triggers a dropper to plant the malware onto a target.

Google _____ will allow you to do your own analytics that will help you get a picture of your web traffic and to see what your customers see.

Analytics

____ is a very powerful scanner that seeks out vulnerabilities, and once found will provide a list of suitable exploits.

Armitage

Which acronym refers to something that focuses heavily on cost?

BIA

Which can be applied to a switch on your network that will prevent spanning tree attacks?

BPDU Guard

The _____ group in the CVSS represents the basic qualities of a vulnerability that are constant over time and across user environments.

Base

Part of a vulnerability assessment is Fuzz Testing, which is a(n) _____ method that floods a system with input to discover errors and security gaps in systems and software.

Black Box

Which of the following is a password cracker used for Web applications?

Brutus

_____ attacks are denial of service attacks that shower the network with aggressive amounts of traffic to shut down a service.

Burst

Encryption applies to primarily which tenet of CIA triad

C

If a hacker is using a phone-based attack, he would probably first call the

CEO office

_____is a set of IT principles, provides a best practice framework designed to safeguard the privacy and security of company specific data to ensure value for its stakeholders.

COBIT is Control Objectives for Information and Related Technology used in IT governance and management.

_____ changes the DNS cache on the local name server to point to a bogus server.

Cache Poisoning

Which hacking tool is the swiss army knife of tools

Cain

_____ is used in business to help a company learn about its competitors in order to make better business decisions.

Competitive intelligence

Before leaving, the final phase of Ethical Hacking is to clean up any evidence or trace of any activity on that machine.

Covering Tracks

This type of attack involves many different attacking systems

DDoS

SYN flooding is usually part of ______________ attack

DDos

_____ is a set of security extensions for DNS that provides authentication mechanisms when dealing with DNS records.

DNSSec

_____ is used to test a DNS query and report the results.

Dig is native to Linux. If using Windows, you can use nslookup to test a DNS query.

With ICMP, a(n) _____ is used to test reachability

Echo request/echo reply

is one of the original methods to send malware, spam, and bogus links. It continues to improve in sophistication.

Email

How can you reduce data exfiltration with mobile devices?

Ensure patches and software updates are applied regularly.

Enumeration occurs before scanning.

FALSE

Hping can create and send DNS and FTP packets to remote hosts and determine firewall rules

FALSE

MSRPC is a network protocol.

FALSE

Microsoft's RPC is a true implementation of DCE/RPC

FALSE

SNMP can only be used across a local area network

FALSE

Shodan is a real-time system check.

FALSE

In order to be totally in stealth mode, use the IDLE scan, which is an easy scan to use.

FALSE (hard to use)

'Vulnerability databases, such as CVE and NVD, are providing up-to-date info for organizations

False

A hacker prefers to cleartext in their scripting attacks

False

An IDS is most effective against new attacks?

False

Cybersecurity-as-a-Service is not yet recognized as an effective security tool

False

If you use a password manager totrac all you differant users ids and passwords, the password for the manager should be simple

False

It's usually easier to guess someones password than to guess the answers to security questions

False

Linux commands are not case sensitive

False

Netwitness Investigator is preferred over Wireshark for capturing network traffic.

False

One of the first things you should do when an incident has occurred is to power off the machine

False

Passive fingerprinting has a higher likelihood of detection.

False

Small databases installed by users do not pose a significant security risk

False

The command 'cd' in Linux means current directory

False

The sample security incident report in the lab advocates users should install their own preferred anti-virus software on their computers

False

Zero-click attacks are the most common form of cyber attacks

False

One IP addresses spoofing detection technique is called the "TCP Flow Control Method", which sends a SYN packet to what you perceive to be the attacker. It the IP address is spoofed, you will not receive a SYN-ACK.

Flow Control

A company's annual report on Edgar is called _____ and offers a thorough picture of a company's business

Form 10-K

Cookies help making browsing easier, yet some can be dangerous. _____ is a free download that blocks and cleans Google cookies and helps you to stay anonymous while searching online.

G-Zapper

With the knowledge of the vulnerabilities, this Ethical Hacking phase will launch an exploit, such as a web server attack including buffer overflows, or cross-site scripting (XSS).

Gaining Access

What was the first attempt to distribute a shareware virus construction kit?

GenVir

_____ Alerts will monitor the web for interesting new content and send you a notification.

Google

_____ uses advanced operators and keywords that may possibly yield pages that contain sensitive information such as protected login screens

Google Hacking

In Linux, to erase the command history and set it back to zero so there's no trace you were in the system use the command: export _____.

HISTSIZE=0

To create a basic webpage, we can use _____. It's a simple language that was developed in 1990 and is used to created web pages and link content.

HTML

What is one way to minimize threats to operating system?

Hardening

What is the difference between a hardware firewall and a personal firewall?

Hardware firewalls are used as part of a router, while personal firewalls are usually software-based and are used on an endpoint.

Question 3 of 5 Eduardo works as a security professional at TechCo. Part of his job requires him to run vulnerability scans on Cisco applications. How can Eduardo find out CVE scores based on the vulnerabilities?

He can go to the National Vulnerability Database to find scores on a particular vulnerability.

which browser is more susceptible to malware

IE

How do indicators of compromise (IOCs) prevent malware attacks?

IOCs can be identified and shared among members of the computing community.

With a(n) _____ scan, the TCP header is split over several packets and makes it hard for packet filters and intrusion detection systems to detect a port scan.

IP Fragmentation

The _____ ensures the information is classified appropriately, and assigned the appropriate level of protection.

Information Owner

In a company, _____ is the software side that ensures data availability and drives business processes and decision-making. IT or IS

Information Systems not INFORMATION TECHNOLOGY

This is used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts.

Internet Control Message Protocol is used along side of IPv4 or IPv6 to test for reachability.

IDS stands for _____________ detection system

Intrusion

Why is most malware constructed from kits?

It lowers the cost of malware creation to basically nothing.

The _____________ security distribution for Linux contains open source security software packages.

Kali

Which linux distribution is used in Lab 8?

Kali

Juno is part of the security applications team at Wells Fargo, which tests Wells Fargo's web applications for vulnerabilities. Which operating system will Juno use to do his fuzz testing?

Kali Linux

When conducting Ethical Hacking, _____ provides you with nearly all tools for Penetration Testing.

Kali Linux

_____ is built into Active Directory and uses tickets to access services.

Kerberos

Because a _____ records ALL keystrokes, you can see a user name and password in plain text as someone types it into a form.

Keylogger

What protocol is used to authenticate a user in an organizational unit?

LDAP

SSH tunnels allows you to bypass a firewall that restricts certain Internet services. The most common type of SSH tunnel is _____ port forwarding

Local

Which of these techniques is an attack on a switch

MAC flooding

Where would you find the commonly used WMI classes documented?

MSDN

Which of the following is an OSINT Google Alerts MXtoolbox Maltego Edgar

Maltego

The first description of threat modeling was done at

Microsoft

Which tool is used to perform audits on databases?

NGSSQuirrel

Which of the following is used to conduct a vulnerability scan?

Nessus

The nbtscan tool uses what protocol?

NetBios

_____ tools is a graphical user interface utility for Windows that is used to help collect information on a network for assessing irregularities and vulnerabilities.

NetScan

While data mining or gathering intelligence, a(n) _____ tool is used to gather artifacts, consolidated from publicly available sources.

OSINT

A free and open software security site that provides information on vulnerabilities along with guidelines on best practices to secure web infrastructures.

OWASP

The _____ Routing or TOR is an open framework that encrypts and moves traffic within the network, and enables anonymous browsing

Onion

_____ is the set of widely accepted requirements to secure credit card transactions.

PCI DSS

Cybercriminals now offer complete phishing services to inexperienced hackers-- this is known as

PHaaS

Cutting a fiber optic backbone is an example of a _____ attack

Physical

What is used to query host to test for reachability?

Ping

The goal of _____ is to force an application into running with a higher security environment than intended by the designer

Privilege Escalation

"What technology can perform centralized authentication, authorization, and accounting of wireless networks?

RADIUS

This Ethical Hacking phase is about obtaining as much information about the target as possible.

Reconnaissance

In Windows, applications run in which Ring?

Ring 3

Which of the following poses the greatest threat to wireless security?

Rogue AP

_____ is software used to encrypt and hide text messages within images.

S-tools

Which acronym refers to a legal document

SLA

Proxy chaining is done to conceal your real IP address. Servers use _____, which provides authentication, so only authorized users can access a server.

SOCKS5

which law is designed to proect investors

SOX

Which of the following is related to user input into a web form?

SQL injection

Which type of web site security vulnerability is most closely related with databases

SQL injection

Which of the following protocols does not send information in the clear?

SSL

You can find templates to create policies that are free to use and will step you through the process at _____, a respected source for information security training

Sans

This Ethical Hacking phase maps the network, including the make and model of the devices, checking for listening services, learning the operating systems, and evidence of data being sent in clear text.

Scanning

In Microsoft, user's passwords are stored in the _____ database

Security Account Manager (SAM)

automates vulnerability management, to ensure compliance with PCI, FISMA, HIPAA, and SOX

Security Content Automation Protocol (SCAP)

_____ define how the assets are protected and a set of rules of conduct for anyone or anything that interacts with the assets.

Security policies

A(n) _____ record is an extension of the SMTP protocol and helps prevent spammers from forging the From fields in email messages.

Sender Policy Framework

The _____ is where the plan is passed on to become the policies procedures, controls and guidelines for expected behavior.

Senior Agency Information Security Officer

Which of the following is a tool for graphically mapping a network?

SolarWinds

Why does an anomaly detection system (ADS) typically result in a false positive detection?

Sometimes a stream of legitimate packets contains the same sequence of coding as the attack signature.

To search on an individual by using Public Records, White Pages listings, and Social Networking sites to find information, you should use _____.

Spokeo

Installing _____ on a phone allows you to monitor all types of activity, including: Text messages, social media posts, passwords, location, conversations, photos and videos, emails, and websites visited.

Spyware

what is required to transmit data over a network between two computers

Syn Ack Syn-Ack

Which of the following is NOT an example of something detected by NIDS

System software modifications

To make sure a DNS zone transfer is only with authorized servers, deny all inbound connection requests to _____.

TCP Port 53

A Trojan Horse is presented as a useful tool or utility through a free download, or bundled into a popular program. It can create a backdoor that allows your PC to be remotely controlled.

TRUE

Attacks can be active or passive against a network resource, with the hopes of exploiting a vulnerability to achieve some result such as denial of service, data interception, modification, or theft.

TRUE

If the source IP is spoofed, a reply cannot be returned to the sender

TRUE

Keyloggers are hard to detect since their very goal is to steal data without being discovered, and because data theft is at stake, can do more damage than a virus.

TRUE

Normal TCP traffic begins with a 3-way handshake. The first packet is a synchronization packet, which is used to synchronize sequence numbers.

TRUE

SMB and SAMBA are interoperable.

TRUE

There are many network mapping tools available for device and topology discovery. Some include GeoIP database from MaxMind to locate targets.

TRUE

Universal Plug and Play (UPnP) works by discovery and advertisements so that the network is aware of what services and devices are available.

TRUE

_____creates guidelines for US agencies to create and implement risk-based policies and procedures that provide security protection for data.

The Federal Information Security Management Act (FISMA), also requires periodic penetration testing on all systems and data.

Legislation that governs data privacy and security practices that safeguard all patient electronic protected health information (e-PHI) in U.S medical facilities.

The Health Insurance Portability and Accountability Act (HIPAA), is also called the Privacy Rule. Anyone who is in violation will face penalties.

Nolan is preparing a vulnerability assessment report for the IT team. Which type of vulnerability assessment report should he prepare?

The IT team should have an executive summary, along with technical details.

How do rootkits achieve persistence?

They insert code into the startup boot records.

Which type of malware is often installed when a user thinks he is downloading legitimate software?

Trojan

"AVG cannot scan compressed files such as *.zip files"

True

"In a planned hacking attack, footprinting occurs before port scanning."

True

A fault tolerance system should be implemented only if its cost is less than the cost of losing a service

True

A sniffer captures network traffic

True

All Linux distributions are open source

True

An incident response policy should be developed before procedures and guidelines

True

Anomaly detection involves observing network traffic in training mode

True

If security incident is suspected to be a crime, systems should not be shut down

True

One of the first things you should do when an incident has occurred is to disconnect the infected machine from the network.

True

Sniffing network traffic without permission is usually illegal

True

Zenmap is a GUI for Nmap

True

Zenmap is the GUI version of Nmap.

True

iOS does a better job of patch hygiene than Android

True

inSSIDer has more advanced features than NetStumbler

True

The two protocols used by ports are TCP and _________.

UDP

A "rubber ducky" is a _________ used by hackers

USB drive

_____ is a comprehensive data privacy law, that gives consumers control of their data and affects companies located in and outside the European Union.

Under the General Data Protection Regulation (GDPR), companies can face up to 4% of total global turnover if they breach the rules.

_____ threat management devices provide firewall functions, intrusion prevention, antivirus, data loss prevention along with content filtering.

Unified

Which group of the CVSS relects characteristics of a vulnerability that are constant over time and across user environment

base

A(n) _____ is a snapshot of network traffic during a particular window of time and can include utilization, network protocols, and latency issues.

baseline

Steganography can be detected by spotting an unusually large payload, or by observing image irregularities called _____ with the naked eye.

blocky artifacts

A _____ attack uses software to try every possible combination of characters and generate a massive amount of consecutive guesses in order to get the password.

brute force

Which of the following is not considered a 'nontechnical' password cracking attack?

brute-force

Nikto performs testing on web servers for a variety of vulnerabilities, such as outdated versions of servers, missing headers such as anti-_____ X-Frame-Options header, and dangerous files and CGIs.

clickjacking

the common vuln scoring system does not include cost of an asset attack vector impact user interaction

cost of an asset

The final phase in system hacking is to _____.

cover tracks .

The process of enumeration is primarily designed to yield

detailed system information

The steps to take after an incident include: Identify, respond, consider possible causes, _____, and resolve and document.

develop a solution

A _____ attack is a subset of a brute force attack and this uses a list of common passwords.

dictionary

From 2018 to 2023, demand for video surveillance is expected to

double

least preferred way to prevent keystroke logging free anti-malware use FW use admin acc for install use more secure browsers

download free anti-malware

which search engine does not remember your searches

duck duck go

When someone looks into the trash outside or inside an organization for anything that might reveal sensitive information, this is called _____.

dumpster diving

which tool is best for investigating a company's financial performance

edgar

What is the most important way of defending against viruses?

education

Before installing any software, you should make sure malware protection is used with _____ filtering to block communication with malicious websites.

egress

which of the following is not reconmended for mobile devices enable geotagging use biometric autherication use https update OS

enable geotagging

Cyber actors use _____ to conceal malicious behavior

encryption

Paasswords are usually stored with the aid of hash functions, not ____

encryption functions

The Ethical Hacker attempts to _____ in order to achieve access to resources normally restricted from an end user or application.

escalate privilege

In the command netstat -abop, what does the b option provide?

executable

When Google Hacking, if I want to find all PDFs with the keyword networking, I would enter _____ in the search.

ext:pdf networking

RSA is a hash algorithm

false

SHA-1 is a highly preferred hash algorithm

false

a hacker usually prefers to use plaintext in their scripting attacks.

false

a hacker will likely clear logs when entering a system

false

a hardware keylogger runs with the aid of the target's OS

false

an example of a security incident is a business transaction

false

an organization generally has the ability to reduce security threats

false

nessus is used to fix vuln on a target system

false

penetration testing is usually done more often than vscanning

false

Which of the following is most likely to use hashing techniques?

file integrity checking

A _____is a hardware or software-based mechanism that controls in-coming and out-going traffic based on a set of rules that either permit or deny traffic on a network or host, and provide access control and active filtering.

firewall

which term mostly applies to limiting ping request from a computer

firewall

which stage of system hacking comes first priveledge escal obtaining password gaining access covering tracks

gaining access

which group often breaks the law but does not intend to do any real harm

gray hat hackers

A _____ hacker may try to gain access to a system without permission, but in general, without malice. Often, they will notify an organization in some manner that their system was vulnerable.

grey

Using legal and illegal tools to attack computer systems, deface web sites, and protest to promote political ideology or other causes is called _____.

hacktivism

A _____ is a small device that records each keystroke and then saves it to its on-board memory. It must be physically attached to the system and is observable within the task manager.

hardware keylogger

Salting is a technique that is most closely related to ___________

hashing

_____ is a one-way cryptographic function.

hashing

A ________ site results in little or no downtime

hot site

Which of the following phases of incident response occurs first?

identification

Steganography is the process of hiding data in a carrier. A popular method of hiding data in files is to use a(n) _____ which creates subtle changes in the color of pixels.

image

Which admin control state that all ports should be off unless needed for a job function

implicit deny

Where would you do sandboxing so it doesn't cause damage?

in a contained environment

Where is the configuration block for malware stored in encrypted form?

in the body of the deployed payload

Where is the best place for a rootkit to hide?

in the operating system kernel

A(n) _____ is an unplanned occurrence that disrupts operational or day to day activities.

incident

Which type of malware has both a software and a hardware version?

keylogger

A regulatory _____ is a set of conditions outlined by a governing body.

law

Which admin control states that employees are given only the access they needs

least privilege

which phase of hacking installs a backdoor

maintaining access

The zmap tool is used to _____.

map the internet .

a cyber attack occurs about every

minute

What enumeration tool primarily works with the NetBIOS service

nbstat

Zenmap is a gui for

nmap

vulerabilities do not exist in software people network none

none

in windows, the _____ command will show only the ip address of the destination

nslookup

What does the command nmap -PS 10.0.2.13 list?

open TCP ports

Intrusion detection works _____ to identify, log, and report any malicious activity.

out of band

Bob works at the Veterans Administration (VA) as a Security Analyst. The VA is requiring vulnerability assessments for all 3,500 VA projects. The most efficient way he can accomplish this is by _____.

outsourcing the vulnerability assessment to qualified and approved vendors.

Which of the following is a passive OS fingerprinting tool?

pOf

Ricky responded to an intrusion alert which indicated someone was running an unauthorized port scan on the network. Ricky immediately notified his supervisor as this was indicative of a(n) _____ attack.

passive

A password cracking attack that uses a packet sniffer is called

passive online

weakest form of authetication

password

When launching a(n) _____ attack, the attacker wants to make sure the victim believes the site they are clicking on is real.

phishing

In Windows, the ________command will send 4 data packets to the destination

ping

Which of the following is a DoS attack?

ping flood

Which technique determines whether a system is present and powered?

pinging

Which of the following is probably the last thing that a hacker does on a system

planting backdoors

Which type of virus changes its form to avoid detection?

polymorphic virus

which type of scan determines listening services port ping OS fngprnt

port

Reduce the threat of tunnels by allowing only _____ software and is best if done only by the administrator or network specialist.

pre-approved

The _____ value of the Exploitability metric captures the level of access required for a successful exploit of the vulnerability.

privileges required

The ps command enumerates

processes .

The term _____ stems from a military reference that deals with gathering information about the location of a target by scouting or by setting up covert observation posts.

reconnaissance

which element of the cyber kill chain occues earlier than others

reconnasisance

A sinister employee invites a new hire to lunch and pretends to be a tech support staffer. This is known as

reverse social engineering

A _____ is installed so the Ethical Hacker can access the system at a later date.

rootkit

When using Nmap, use _____ to do a ping scan

sP

_____ software can be installed without someone's knowledge, and all activity can be monitored.

screen monitoring

Actively inserting oneself between two parties on a network is called

session hijacking

You interact with the kernal using a

shell

Why does a malware have the ability to change its binary file as it propagates?

so the malware can defeat traditional signature-based detection

Anti-malware will also most of the time pick up a _____ keylogger as they are a form of spyware.

software

What information does the psinfo -s command enumerate?

software

_____ can monitor screen activity, capture keystrokes, gather web form data, track internet usage, and allow access to sensitive data, then phone home with the information.

spyware

Within the evolution of malware, _____ has become the most concerning issue because it is extremely sophisticated and difficult to defeat.

state-sponsored malware

Automating the analysis of malware through hybrid analysis includes both _____.

static and dynamic analysis

_____ is hiding in plain sight.

steganography

By the time we get to the _______________, we have completed the Reconnaissance and scanning phases of Ethical Hacking.

system hacking phase

An organization must incorporate safeguards into the security compliance plan to defend against attacks. Safeguards include administrative, physical, and _____controls.

technical

Who runs the command and control systems over legitimate systems that are compromised?

the botmaster

hackers would be known as a

threat

the probability of a negative event happening to an asset

threat

How can you recover the source key of a malware and decrypt it to reveal the code?

through reverse engineering

Why does a ransomware DLL first create a mutex?

to ensure only one copy of ransomware is active

In a government classification system, _____ data is where the unauthorized disclosure of data could cause exceptionally grave damage.

top secret

_____ is a command line tool that traces the route of a packet across the Internet and provides route path and transit times.

tracert

Kevin downloaded what he thought was a harmless app. Instead, his computer was infected with a virus. Which type of virus was Kevin's computer most likely infected with?

trojan

An intrusion detection system does not block potentially malicious activity

true

Using google hacking database is legal

true

When defending against privilege escalation, restrict interactive logon privileges. Instead of using only a password, require multifactor authentication.

true

nmap can show you which ports are open on a computer

true

Salting the password with a random string will protect against a rainbow table attack.

truetrTrueuetrue

"Hardening" a system is related to addressing this vulnerability

unnecessary features

Which of the following is NOT a recommended way to keep your home router more secure?

use routers supplied by ISP

In the command "hping3 - - traceroute -V -1 66.32.101.17 " the -1 option is to

use the ICMP protocol .

When dealing with risk an organization can transfer the risk by _____.

using insurance

nessus is software used for

v- assessment

An attack _____is way for a hacker to gain access into a system, and can include software, networks, and the user.

vector

Ethical hacking is an important element of a comprehensive security plan, as it provides a method to test a computer system or network with the purpose of identifying and addressing

vulnerabilities

A _____ is a weakness in the system that can include unpatched systems, human error, software flaws, or weak or missing passwords.

vulnerability

A _____ scan will find known weaknesses, but it may miss key components that should be tested as it lacks the ability to reduce the overall threat.

vulnerability

For network systems, _____ management is a proactive approach to prevent the exploitation of IT vulnerabilities that exist within an organization.

vulnerability

Which sniffing technique searches for wireless access points?

wardriving

Step two of the cyber kill chain is _____, where the malicious actors are aware of the weak spots in the organization and they devise a plan to get inside the network.

weaponization

Which of the following is most likely to be located in a DMZ?

web server

Use _____ download an entire website and study the contents to find emails, phone numbers, and other organizational information such as employee directories.

website mirroring

which of the followingn would not be affective against email attacks website mirroring spam filtering user education spf

website mirroring

Footprinting a target and reconaisse usually takes several

weeeks

Anti-virus scans should occur several times a week

week

When are advanced persistent threats (APTs) usually found?

when network monitoring detects the installed malware attempting to connect to its command and control systems

When is malware reverse engineering typically done?

when the original source of the executable code is not available

The _____ hat hackers are Ethical Hackers who have the support of government and industry.

white

I am working with technology companies to fix a flaw with DNS, I did this because I am a _____ hacker

white hat

Which type of malware is primarily known for self-replicating very rapidly?

worm

Which type of malware propagates itself through a network, without requiring any user action to move from one target to the next?

worm


Ensembles d'études connexes

Project Management Test 1 - Ramsower

View Set

MGMT 390 Test 2 Study Guide/Vocabulary Words

View Set

Chapter 2.3 Rates of Change: Velocity and Marginals

View Set

unit 1 challenge 2: options and challenges of businesses

View Set

TEAS- Determine the meaning of words by analyzing word parts

View Set