HOD401
1. Input validation is used to prevent which of the following? A. Bad input B. Formatting issues C. Language issues D. SQL injection
A
8. In a DDoS attack, what communications channel is commonly used to orchestrate the attack? A. Internet Relay Chat (IRC) B. MSN Messenger C. ICMP D. Google Talk
A
7. __________ is used to audit databases. A. Ping B. Ipconfig C. SQLPing D. Traceroute
C
10. Which function(s) are considered dangerous because they don't check memory bounds? (Choose all that apply.) A. gets() B. strcpy() C. scanf() D. strcat() E. All of them
E
1. What is the hexadecimal value of a NOP instruction in an Intel system? A. 0x99 B. 0x90 C. 0x80 D. 99x0
B
10. __________ can be used to attack databases. A. Buffer overflows B. SQL injection C. Buffer injection D. Input validation
B
11. The stack operates on _______ a basis. A. FIFO B. LIFO C. FILO D. LILO
B
14. What is an eight-in-one DoS tool that can launch such attacks as land and teardrop? A. Jolt B. Targa C. TFN2K D. Trinoo
B
16. HTTPS is typically open on which port in a cloud based firewall? A. 25 B. 443 C. 80 D. 110
B
1. SaaS is a cloud hosting environment that offers what? A. Development options B. Testing options C. Software hosting D. Improved security
C
17. What system is used as a choke point for traffic and could be offered through IaaS? A. IDS B. DMZ C. Bastion host D. SNMP host
C
17. What type of database has its information spread across many disparate systems? A. Hierarchical B. Relational C. Distributed D. Flat
C
19. What is the most common sign of a DoS attack? A. Weird messages B. Rebooting of a system C. Slow performance D. Stolen credentials
C
4. Jennifer is a junior system administrator for a small firm of 50 employees. For the last week a few users have been complaining of losing connectivity intermittently with no suspect behavior on their part such as large downloads or intensive processes. Jennifer runs Wireshark on Monday morning to investigate. She sees a large amount of ARP broadcasts being sent at a fairly constant rate. What is Jennifer most likely seeing? A. ARP poisoning B. ARP caching C. ARP spoofing D. DNS spoofing
A
5. Which DoS attack sends traffic to the target with a spoofed IP of the target itself? A. Land B. Smurf C. Teardrop D. SYN flood
A
14. An application would be developed on what type of cloud service? A. BaaS B. SaaS C. IaaS D. PaaS
D
14. Which command is used to remove a table from a database? A. cmdshell -drop table B. REMOVE C. DROPTABLES D. drop table
D
15. What command-line utility can you use to craft custom packets with specific flags set? A. Nmap B. Zenmap C. Ping D. hping3
D
2. Which of the following operates at 5 GHz? A. 802.11a B. 802.11b C. 802.11g D. 802.11i
a
5. Which of the following is designed to locate wireless access points? A. Site survey B. Traffic analysis C. Pattern recognition D. Cracking
a
7. When a wireless client is attached to an access point, it is known as which of the following? A. Infrastructure B. Client-server C. Peer-to-peer D. Ad hoc
a
10. A honeyspot is designed to do what? A. Look for patterns of known attacks. B. Look for deviations from known traffic patterns. C. Attract victims to connect to it. D. Analyze attacks patterns.
c
14. Bluejacking is a means of which of the following? A. Tracking a device B. Breaking into a device C. Sending unsolicited messages D. Crashing a device
c
16. Warchalking is used to do which of the following? A. Discover wireless networks. B. Hack wireless networks. C. Make others aware of a wireless network. D. Analyze a wireless network.
c
12. Which of the following would be hosted as SaaS? A. Email B. Active Directory C. Applications D. Firewalls
A
12. Which technology can provide protection against session hijacking? A. IPsec B. UDP C. TCP D. IDS
A
13. A cloud-based firewall is used to separate which of the following? A. Networks B. Hosts C. Permissions D. ACL
A
13. Session fixation is a vulnerability in which of the following? A. Web applications B. Networks C. Software applications D. Protocols
A
16. Which of the following is another name for a record in a database? A. Row B. Column C. Cell D. Label
A
15. Which of the following issues would be a good reason for moving to a cloud based environment? A. Reduced costs B. Improved performance C. Easier forensics D. Increased redundancy
ABD
11. An SSID is used to do which of the following? A. Identify a network. B. Identify clients. C. Prioritize traffic. D. Mask a network.
a
12. AirPcap is used to do which of the following? A. Assist in the sniffing of wireless traffic. B. Allow network traffic to be analyzed. C. Allow the identification of wireless networks. D. Attack a victim.
a
15. The wardriving process involves which of the following? A. Locating wireless networks B. Breaking into wireless networks C. Sniffing traffic D. Performing spectrum analysis
a
16. What protocol is used to carry out a fraggle attack? A. IPX B. TCP C. UDP D. ICMP
C
19. What type of firewall analyzes the status of traffic and would be part of a IaaS solution? A. Circuit level B. Packet filtering C. Stateful inspection D. NIDS
C
7. A cloud environment can be in which of the following configurations except? A. IaaS B. PaaS C. SaaS D. LaaS
D
13. What is a rogue access point? A. An access point not managed by a company B. An unmanaged access point C. A second access point D. A honeypot device
a
1. WEP is designed to offer security comparable to which of the following? A. Bluetooth B. Wired networks C. IrDA D. IPv6
b
17. A closed network is typically which of the following? A. Public network B. Private network C. Hot spot D. Kiosk location
b
18. Which feature makes WPA easy to defeat? A. AES encryption B. WPS support C. TKIP support D. RC4 support
b
8. Bluesnarfing is used to perform what type of attack? A. Send spam text messages. B. Read information from a device. C. Deposit malware on a system. D. Distribute files onto a system.
b
19. What is a PSK? A. The password for the network B. The certificate for the network C. A key entered into each client D. A distributed password for each user
c
10. Why wouldn't someone create a private cloud? A. To reduce costs B. To offload technical support C. To increase availability D. To maintain universal access
C
11. Which command can be used to access the command prompt in SQL Server? A. WHERE B. SELECT C. xp_cmdshell D. cmdshell
C
13. What is a single-button DDoS tool suspected to be used by groups such as Anonymous? A. Trinoo B. Crazy Pinger C. LOIC D. DoSHTTP
C
14. Session hijacking can be thwarted with which of the following? A. SSH B. FTP C. Authentication D. Sniffing
C
15. SQL injection attacks are aimed at which of the following? A. Web applications B. Web servers C. Databases D. Database engines
C
9. Monitor mode is used by wireless cards to do what? A. Capture traffic from an associated wireless access point. B. Capture information from ad hoc networks. C. Capture information about wireless networks. D. Capture traffic from access points.
c
9. Who has legal responsibility for data hosted in the cloud? A. The Cloud Service Provider B. The IT department of the client C. The client D. The consumer
C
5. Altering a checksum of a packet can be used to do what? A. Send an RST B. Send a URG C. Reset a connection D. Evade an NIDS
D
6. Cloud technologies are used to accomplish which of the following? A. Increase management options B. Offload operations onto a third party C. Transfer legal responsibility of data to a third party D. Cut costs
ABD
8. Network-level hijacking focuses on the mechanics of a connection such as the manipulation of packet sequencing. What is the main focus of web app session hijacking? A. Breaking user logins B. Stealing session IDs C. Traffic redirection D. Resource DoS
B
8. What type of cloud service would provide email hosting and associated security services? A. PaaS B. SaaS C. IaaS D. SSaS
B
9. Proper input validation can prevent what from occurring? A. Client-side issues B. Operating system exploits C. SQL injection attacks D. Software failure
B
9. What is the name for the dynamic memory space that, unlike the stack, doesn't rely on sequential ordering or organization? A. Pointer B. Heap C. Pile D. Load
B
1. Which statement defines session hijacking most accurately? A. Session hijacking involves stealing a user's login information and using that information to pose as the user later. B. Session hijacking involves assuming the role of a user through the compromise of physical tokens such as common access cards. C. Session hijacking is an attack that aims at stealing a legitimate session and posing as that user while communicating with the web resource or host machine. D. Session hijacking involves only web applications and is specific to stealing session IDs from compromised cookies.
C
17. A man-in-the-middle attack is an attack where the attacking party does which of the following? A. Infect the client system B. Infect the server system C. Insert themselves into an active session D. Insert themselves into a web application
C
2. Which pointer in a program stack gets shifted or overwritten during a successful overflow attack? A. ESP B. ECP C. EIP D. EBP
C
4. Which attack alters data in transit within the cloud? A. Packet sniffing B. Port scanning C. MitM D. Encryption
C
5. Which of the following is not a source of session IDs? A. URL B. Cookie C. Anonymous login D. Hidden login
C
6. Which kind of values is injected into a connection to the host machine in an effort to increment the sequence number in a predictable fashion? A. Counted B. Bit C. Null D. IP
C
6. Which of the following is a scripting language? A. ActiveX B. Java C. CGI D. ASP.NET
C
16. A man-in-the-browser attack is typically enabled by using which mechanism? A. Virus B. Worms C. Logic bombs D. Trojans
D
19. A session hijack can be initiated from all of the following except which one? A. Emails B. Browsers C. Web applications D. Cookies and devices
D
19. What can an error message tell an attacker? A. Success of an attack B. Failure of an attack C. Structure of a database D. All of the above
D
20. Session hijacking can do all of the following except which one? A. Take over an authenticated session B. Be used to steal cookies C. Take over a session D. Place a cookie on a server
D
20. Which of the following is a device used to perform a DoS on a wireless network? A. WPA jammer B. WPA2 jammer C. WEP jammer D. Wi-Fi jammer
d
3. Which of the following specifies security standards for wireless? A. 802.11a B. 802.11b C. 802.11g D. 802.11i
d
6. What is a client-to-client wireless connection called? A. Infrastructure B. Client-server C. Peer-to-peer D. Ad hoc
d
7. An ethical hacker sends a packet with a deliberate and specific path to its destination. What technique is the hacker using? A. IP spoofing B. Source routing C. ARP poisoning D. Host routing
B
15. XSS is typically targeted toward which of the following? A. Web applications B. Email clients C. Web browsers D. Users
C
7. Zombies Inc. is looking for ways to better protect their web servers from potential DoS attacks. Their web admin proposes the use of a network appliance that receives all incoming web requests and forwards them to the web server. He says it will prevent direct customer contact with the server and reduce the risk of DoS attacks. What appliance is he proposing? A. Web proxy B. IDS C. Reverse proxy D. Firewall
C
4. Which of the following options shows the protocols in order from strongest to weakest? A. WPA, WEP, WPA2, Open B. WEP, WPA2, WPA, Open C. Open, WPA, WPA2, WEP D. WPA2, WPA, WEP, Open
d
4. Jason is the local network administrator who has been tasked with securing the network from possible DoS attacks. Within the last few weeks, some traffic logs appear to have internal clients making requests from outside the internal LAN. Based on the traffic Jason has been seeing, what action should he take? A. Throttle network traffic. B. Update antivirus definitions. C. Implement egress filtering. D. Implement ingress filtering.
D
17. What is the key difference between a smurf and a fraggle attack? A. TCP vs. UDP B. TCP vs. ICP C. UDP vs. ICMP D. TCP vs. ICMP
A
4. Databases can be a victim of code exploits depending on which of the following? A. Configuration B. Vendor C. Patches D. Client version
A
5. In addition to relational databases, there is also what kind of database? A. Hierarchical B. SQL C. ODBC D. Structured
A
11. There are how many different types of cloud hosting environments? A. Two B. Three C. Four D. Five
B
12. While monitoring traffic on the network, Jason captures the following traffic. What is he seeing occur? A. ICMP flood B. SYN flood C. Teardrop D. Land
B
13. Which statement is used to limit data in SQL Server? A. cmdshell B. WHERE C. SELECT D. to
B
18. What is the main difference between DoS and DDoS? A. Scale of attack B. Number of attackers C. Goal of the attack D. Protocols in use
B
18. What type of database uses multiple tables linked together in complex relationships? A. Hierarchical B. Relational C. Distributed D. Flat
B
2. Which of the following can be used to protect data stored in the cloud? A. SSL B. Drive encryption C. Transport encryption D. Harvesting
B
3. SOAP is used to perform what function? A. Transport data B. Enable communication between applications C. Encrypt information D. Wrap data
B
3. Which of the following challenges can be solved by firewalls? A. Protection against buffer overflows B. Protection against scanning C. Enforcement of privileges D. Ability to use nonstandard ports
B
6. Adding to and removing from a program stack are known as what? A. Pop and lock B. Push and pop C. Stack and pull D. Plus and minus
B
8. Browsers do not display __________. A. ActiveX B. Hidden fields C. Java D. JavaScript
B
12. Which command is used to query data in SQL Server? A. cmdshell B. WHERE C. SELECT D. from
BCD
18. At which layer of the OSI model would you expect a cloud based solution to operate at? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4
CD
10. Julie has sniffed an ample amount of traffic between the targeted victim and an authenticated resource. She has been able to correctly guess the packet sequence numbers and inject packets, but she is unable to receive any of the responses. What does this scenario define? A. Switched network B. SSL encryption C. TCP hijacking D. Blind hijacking
D
11. Session hijacking can be performed on all of the following protocols except which one? A. FTP B. SMTP C. HTTP D. IPsec
D
2. Web applications are used to __________. A. Provide dynamic content B. Stream video C. Apply scripting D. Implement security controls
A
20. A blind SQL injection attack is used when which of the following is true? A. Error messages are not available. B. The database is not SQL compatible. C. The database is relational. D. All of the above.
A
20. What can be used instead of a URL to evade some firewalls used to protect a cloud based web application? A. IP address B. Encryption C. Stateful inspection D. NIDS
A
20. What response is missing in a SYN flood attack? A. ACK B. SYN C. SYN-ACK D. URG
A
9. A public use workstation contains the browsing history of multiple users who logged in during the last seven days. While digging through the history, a user runs across the following web address: www.snaz22enu.com/&w25/session=22525. What kind of embedding are you seeing? A. URL embedding B. Session embedding C. Hidden form embedding D. Tracking cookie
A
18. A session hijack can happen with which of the following? A. Networks and applications B. Networks and physical devices C. Browsers and applications D. Cookies and devices
A
2. Jennifer has been working with sniffing and session-hijacking tools on her company network. Since she wants to stay white hat—that is, ethical—she has gotten permission to undertake these activities. What would Jennifer's activities be categorized as? A. Passive B. Monitoring C. Active D. Sniffing
A
3. Based on the diagram, what attack is occurring? A. Session splicing B. Denial-of-service C. Source routing D. MITM
D
3. Groups and individuals who hack systems based on principle or personal beliefs are known as ___________. A. White hats B. Black hats C. Script kiddies D. Hacktivists
D