ethical hacking
the main difference between IPV4 and IPV6 ip address is the length of the IP address. the length of the IPV6 address is _____
128 bit
in enumeration attack the attacker mainly exploits the NETBIOS service, the netbios operations at what port
139
To take input from user on a website _________ tag can be used/embedded in the HTML code.
<form>
Windows Server 2021 and Windows 8 & 10 introduced which protection feature to prevent pass-the-hash attacks?
Authentication Silos
the ip address 192.168.2.1 belongs to class _____________
C
________ maintains the list of vulnerabilities and assigns numbers to all reported vulnerabilities for future referencing / vulnerability assessment tools.
CVE (Common Vulnerabilities and Exposures)
___________ attack is also known as Session Riding Attack, where the attacker tricks the users & make them click the malicious link which can change the users passwords or can transfer funds from their account etc.
Cross Site Request Forgery
which of the following is NOT type of pen testing a. web app b. mobile app c. network d. physical access control of resources
D. physical access control of resources
if the source code of the web Application is not available for vulnerability assessment then ________ is used for vulnerability analysis
DAST
which of the following is NOT database connectivity technology: ODBC OLEDB Active x data objects DBMS
DBMS
the process that enables the attacker to see all the host computers (network diagram) on a company network is called __________
DNS Zone Transfer
In the null scan, the attacker sends a packet with all zeros (0) flags. Upon receiving on the Null packet, the open ports of the target computer responds with ___________.
Doesn't respond at all
what type of windows server is the most likely server to be targeted by a computer hacker?
Domain Controller
what enumeration tool is extremely useful when working with Windows NT, 2000, and windows XP systems?
DumpSec
If Firewalls and IDS are properly configured then we can avoid all web application attacks.
FALSE
the users/clients can see the pho scripts/codes on their browser when they visit a php website/webapp.
FALSE
windows 8 and 10 are more susceptible to a enumeration attack.
FALSE
in the TCP protocol, after the SYN protocol completes (three way handshake) and communication ends between the client and the server then both send a packet with _________ flag?
FIN
The _________________ Utility (software) extracts metadata & documents to reveal the document creator emails, ip addresses, and other relevant information about the target website
FOCA
which of the tools can be used to send Ping common to multiple devices simultaneously FPING HPING NMAP All of the above
FPING, HPING, NMAP
the shell and Bash scripts are two different scripting languages
False
Using HTTP commands if the user gets 403 error then it means ____________
Forbidden
what boot loader will allow your computer or laptop to start in both Windows and Linux?
Grub
which of the following Port scanning tool can craft the IP packets with modified IP address and can bypass filtering device: FPING NMAP KMAP HPING
HPING
the ___________ commands allows the pen-tester to pull information from web servers using even the web browsers.
HTTP
which of the following is an excellent GUI tool for managing Windows hosts on the network and is capable of displaying graphical representations of several areas? IIS Zion NetDDE Hyena
Hyena
______________ occurs if a web application accepts the untrusted/malicious data as input without validating it.
Injection vulnerability
the largest WAN on earth is _______
Internet
The Artificial Intelligence tool to gather competitive intelligence from website is _________
Metis
Visual Basic scripting language is developed by ________ and can convert a static webpage into dynamic webpage
Microsoft
which of the following is the standardized Port Scanning tool
NMAP
which of the following provides interface that allows computers to communicate across a local area network (LAN)? NetBIOS BIOS NetAPP NetAPI
NetBIOS
what does the NBT part of NBTScan stand for?
NetBIOS over TCP/IP
The __________ is the Open source utility which allows the user to run programs through client interface and can find vulnerabilities of the remote hosts
OpenVAS
________ can be used to convert a static website into a dynamic website
PHP, Javascript, VBS (visual basic script)
the two vulnerabilities cause insecure Direct Object Reference attack; Sequential Numbering (Automatic Filling) & ________
Poor Access Control
In the UDP Scan, (which scans all UDP ports), the closed ports responds with ______________
Port unreachable
in the SYN scan, if the target system is turned off then it responds with ________ to SYN scan
RST/ACK
The ______ analyzes the source code of the web application for Vulnerabilities
SAST
Which one of the following is an older network management service that is useful for network administrators that want to view system statistics, version numbers, and other detailed host information remotely SNMP TFTP TLS TTS
SNMP
The ________________ are flexible programs which allows the users to enter the commands in a text file to automate the tasks and execute all commands simultaneously
Scripts
The _____________ occurs when a client use public computer to access sensitive accounts & sensitive information gets cached on local PC.
Sensitive Data Exposure
HTML is still the foundation of many web application and mainly used to design _________ websites.
Static
In sec ops center (SOC) if an incident responder couldn't resolve the problem (incident) then the ticket will be escalated to _____________
Subject Matter Expert
When security professionals create a packet for port scanning then they can choose to specifically set which of the fields to help initiate the response from the victim/host
TRUE
if an organization is unable to avoid the risk then they try to mitigate its impact.
TRUE
the connect scan provides the detailed report (OS, trace-route, firewall info, port status, etc.) about the host but it requires the SYN protocol to complete handshake with the target.
TRUE
the scripting languages allow the user to design robust security features using power of scripting languages
TRUE
CVSS is used to express the vulnerability in a quantitative matter.
TRUE CVSS (Common Vulnerability Scoring System)
in XMAS scan PSH, URG, and FIN flags are set and closed ports respond with RST or RST/ACK
True
Web application is an application software which runs on ____ and can be accessed through the internet
Web server
_______ is a person hired by the companies to find vulnerabilities and proved suggestions to over affected areas
White Hat hacker
__________ utility is used to collect information (e.g. IP address, domain owner etc. ) about specific domain
Whois
______ is a vulnerability assessment tool which allows the vulnerability assessment analyst to passively discover the vulnerabilities of the systems/computers.
WireShark
the ____________ attack occurs, if an attacker successfully injects & stores malicious script on a web server to victimize all visitors of that website.
XSS Stored
which one of the following vulnerability assessment tools actively engages the target to find its vulnerabilities: wireshark dsniff urlsnarff Zed attack proxy
Zed attack proxy
in SOC the ______ reads the tickets and verifies if its a security related issue or not
alert analyst
the FTP HTTP HTTPS and SMTP protocols are location on _____ layer
application
in a vulnerability assessment the first component of the assessment is ________.
assest identification
________ can be information device or any other computational systems which are protecting from unauthorized access
assets
the HTTPS mainly uses SSL technology to ensure a secure bidirectional communication where _________ encryption is used in SSL
asymmetric
_________ is a checklist against which the system is evaluated and audited for its security posture.
baseline
if a company doesn't wish to disclose its employees that a pen test is being performed, then which pen test model will be more suitable
black box
The ___________ http command can dynamically switch to tunnel connection such as SSL (required to establish VPN connection).
connect
what process allows a security professional to extract valuable information, such as information about users and recent login times from a network?
enumeration
malware or script that allows attacker to gain unauthorized access to systems is called _________
exploit
which of the following vulnerability assessment models is also known as hacker vulnerability assessment model? internal external hybrid none
external
ICMP protocol (ping/trace route) is a connection oriented protocol
false
federal govt (deep of justice) considers port scanning as an illegal activity
false
the TFTP provides more secure uploading and downloading as compares to FTP.
false
the vulnerability assessment tools can also identify the Zero Day attacks.
false
vulnerability assessment and pen testing are both of the same things
false
if a specific port is protected by a firewall, then Port scanning will return _____ status of port
filtered
the active process of finding information on a company's network (OS, Ports status, DNS Zone, etc.) is called _____
finger printing
Which of the following is a useful enumeration tool that enables youth find out who is logged into **nix system with one simple command? net utility finger utility nix utility point utility
finger utility
the passive process of finding information o na company's network is called _____
foot printing
the bug bounty hunters are also referred to as _______
grey hat hacker
a hacker who hacked a companies databases t expose scam/tax fraud that hacker is called ________
hacktivist
at __________ layer the IP address of the src and dest are added
internet
Which of the following commands is a powerful enumeration tool included with Windows? NessusWX nbtstat NetDDE Netmon Agent
nbtstat
which of the following commands gives you a quick way to see if there are any shared resources on a computer or server? nbtstat net view NetDDE
net view
TCP/IP protocol Application, transport, internet, and _________
network
which of the following is NOT a port status: closed open partial filtered
partial
the ___________ identities the IP addresses belong to the alive hosts not he network
ping sweep
the method of finding services offered by a host is called _______
port scanning
the ACK scan is mainly used to detect __________
presence of firewall
which of the following is the first step of a typical cyber attack a. reconnaissance b. enumeration c. vulnerability assessment d. creating exploit
reconnaissance
typically we design a network for information exchange and ____________
resource sharing
if the vulnerability gets exploited, then what will be its impact on the organization _____________?
risk assessment
what feature implemented in windows 8.1 prevents the execution of non trusted book content preventing rootkits?
secure boot
________ allows the network admins to divide the larger networks into smaller network or small broadcast domains
subnetting
the designing of the attack tree is the sub-component of _____ of the vulnerability assessment.
threat identification
at _______ layer the data os broken up into small packets also we add ISN for reassembly at the receivers side
transport
the source and dest port numbers are added at ___________ layer in TCP/IP protocol
transport
CISSP is mainly designed for people having good security related experience. More managerial than technical
true
In TCP/IP protocol at network layer rather than adding the MAC address of dest, the MAC address of the gateway router is added.
true
NMAP tool can be used for network analysis (to find IP addresses and trace route) and port scanning
true
the process of defining, identify, and classify the vulnerabilities of the systems, computers, and networks is called _____________
vulnerability assessment
in _______ pen test model the ethical hacker / pen tester is aware of all network information, resources, OS, and can interact with employees
white box
what feature implemented in Windows server 2016 allows for application isolation to protect applications from one another?
windows containers
