ETH HACKER MIDTERM
A logic bomb has how many parts, typically?
2
Port number is used for SMTP.
25
Port number is used by DNS for zone transfers.
53 TCP
What is a piece of malware that relies on social engineering?
A Trojan horse
A full-open scan means that the three-way handshake has been completed, what is the difference between this and a half-open scan?
A half-open removes the final ACK
What separates a suicide hacker from other attackers?
A lack of fear of being caught
What is an ICMP Echo scan?
A ping sweep
Which of the following best describes PGP?
A way of encrypting data in a reversible method
Which of the following best describes a vulnerability?
A weakness
What is a self-replicating piece of malware?
A worm
What is missing from a half-open scan?
ACK
IPSec uses which two modes?
AH/ESP
Footprinting has two phases:
Active and passive
What can be configured in most search engines to monitor and alert you of changes to content?
Alerts
A covert channel or backdoor may be detected using all of the following except .
An SDK
An overt channel is ___________.
An obvious method of using a system
A remote access Trojan would be used to do all of the following except .
Attack another system
In IPSec, what does Authentication Header (AH) provide?
Authentication services
An attacker can use a(n) ______ to return to a system.
Backdoor
How is a brute-force attack performed?
By trying all possible combinations of characters
What is EDGAR used to do?
Check financial filings
If you can't gain enough information directly from a target, what is another option?
Competitive analysis
A white box test means the tester has which of the following?
Complete knowledge
A good defense against password guessing is?
Complex passwords
A logic bomb is NOT activated by which of the following?
Date and vulnerability
A virus does not do which of the following?
Displays pop-ups
At what point can SSL be used to protect data?
During transmission
A polymorphic virus .
Evades detection through rewriting itself
A vulnerability scan is a good way to?
Find weaknesses
What is the purpose of social engineering?
Gain information from a human being
Which of the following is the purpose of the footprinting process?
Gathering information
A contract is important because it does what?
Gives proof
Which type of hacker may use their skills for both benign and malicious goals at different times?
Gray Hat
Which of the following best describes what a hacktivist does?
Hacks for political reasons
Which of the following best describes what a suicide hacker does?
Hacks without stealth
Which of the following describes an attacker who goes after a target to draw attention to a cause?
Hacktivist
A is used to store a password.
Hash
A message digest is a product of which kind of algorithm?
Hashing
A banner can _______.
Identify a service
What is a SID used to do?
Identify a user
A sparse infector virus __________.
Infects files selectively
What does hashing preserve in relation to data?
Integrity
Which of the following best describes footprinting?
Investigation of a target
Which of the following can an attacker use to determine the technology within an organization?
Job boards
A _________ is a hash used to store passwords.
LM
On newer Windows systems, what hashing mechanism is disabled?
LM
In IPSec, encryption and other processes happen at which layer of the OSI model?
Level 3
What level of knowledge about hacking does a script kiddie have?
Low
SNMP is used to do which of the following?
Monitor network devices
ADS requires what to be present?
NTFS
Alternate Data Streams are supported in which file systems?
NTFS
If a domain controller is not present, what can be used instead?
NTLMv2
A is used to connect to a remote system using NetBIOS.
NULL session
An attacker can use to enumerate users on a system.
NetBIOS
Which of the following best describes hashing?
Nonreversible
Symmetric key systems have key distribution problems due to .
Number of keys
Footprinting can determine all of the following except:
Number of personnel
A public key is stored on the local computer by its owner in a _______.
PKI system
Vulnerability research deals with which of the following?
Passively uncovering vulnerabilities
Which of the following does an ethical hacker require to start evaluating a system?
Permission
An Nmap is required to perform what type of scan?
Port scan
Enumeration does not uncover which of the following pieces of information?
Ports
What can enumeration not discover?
Ports
Asymmetric encryption is also referred to as which of the following?
Public key
LDAP is used to perform which function?
Query a database
A Trojan can include which of the following?
RAT
During a Xmas scan what indicates a port is closed?
RST
During an FIN scan, what indicates that a port is closed?
RST
A is an offline attack.
Rainbow attack
What are worms typically known for?
Rapid replication
A is a file used to store passwords.
SAM
SNScan is used to access information for which protocol?
SMNP
What phase comes after footprinting?
Scanning
SSL is a mechanism for which of the following?
Securing transmitted data
NTLM provides what benefit versus LM?
Security
SMTP is used to perform which function?
Send e-mail messages
Symmetric cryptography is also known as .
Shared key cryptography
A Trojan relies on to be activated.
Social engineering
Which of the following describes a hacker who attacks without regard for being caught or punished?
Suicide hacker
A DNS zone transfer is used to do which of the following?
Synchronize server information
An SYN attack uses which protocol?
TCP
What does TOE stand for?
Target of Evaluation
What is Tor used for?
To hide a process of scanning
What is the purpose of a proxy?
To keep a scan hidden
SNMP is used to perform which function in relation to hardware?
Trap messages
A public and private key system differs from symmetric because it uses which of the following?
Two keys
Enumeration is useful to system hacking because it provides which of the following:
Usernames
Enumeration is useful to system hacking because it provides
Usernames & Passwords
VRFY is used to do which of the following?
Validate an e-mail address
The Wayback Machine is used to do which of the following?
View archived versions of websites
Which of the following forms are usually malicious?
Viruses
Which of the following would most likely engage in the pursuit of vulnerability research?
White Hat
If you have been contracted to perform an attack against a target system, you are what type of hacker?
White hat
How is black box testing performed?
With no knowledge