ITC 564 Exam 2
inSSIDer includes a WEP key extraction capability. True False
False
Here is part of the router configuration Miguel used: user jsomeone nthash 1 0529575803696F2C492143375828267C7A760E1113734624452725707C010B065B Why isn't anything returned? a. He should not have nthash after his username. b. He needs to reboot either the router or the switch. c. He forgot his password. d. His permission level is too low.
His permission level is too low
_____ is a type of honeypot. a. Honeycomb b. Honeynet c. Medium Interaction d. Moderate Interaction
Honeynet
WebScarab proxy accepts connections on port 8008. True False
True
Websites that use URL parameters for accessing accounts may be vulnerable to modification. True False
True
Websites that use URL parameters for accessing system capabilities may be vulnerable to command line injection. True False
True
WiFite collects handshake data to enable a dictionary attack on WPA2. True False
True
Wireshark can't decrypt WPA networks. True False
True
You can check a webpage source by right-clicking the page. True False
True
You should be suspicious of someone even if they are wearing an official uniform. True False
True
FERN WiFi can test which protocol(s)? a. WEP, WPS, WPA, and WPA2 b. WEP c. WPA/WPA2 d. WPS
WEP, WPS, WPA, and WPA2
What is Webgoat? a. an online testing website b. a downloadable test web server c. a web testing tool d. a web application firewall
A downloadable test web server.
The most effective security for an access point uses which standard? a. WPA2 b. WEP c. WPA d. WAP
WPA2
HTML5 introduces a sophisticated state management web server protocol. What is it? a. HTCP b. WebSockets c. REST d. QUIC
WebSockets
Which is a quick web checking tool? a. getweb b. whatweb c. whichweb d. checkweb
Whatweb
Company security policies should be updated every ____ months. a. 24 b. 36 c. 12 d. 3
12
The time anti-virus software such as AVG takes to do a complete scan is about _____. a. 20 minutes b. 24 hours c. 2 hours d. 8 hours
20 minutes
What protocol does Subterfuge use to get access to targets a. ARP b. DNS c. ICMP d. SSH
ARP
Which site provides adequate information regarding reputation information? a. AT&T Cybersecurity b. Symantec c. Palo Alto d. Verizon Security
AT&T Cybersecurity
_____ protection for your browser will watch for unusual or suspicious activity. a. Extension b. Silverlight c. Plugin d. Anti-exploit
Anti-exploit
Why did EINSTEIN fail? a. because of its 19% detection rate b. because of its 40% detection rate c. because of its 80% detection rate d. because of its 6% detection rate
Because of its 6% detection rate
What are the tiers for WSO2's API Cloud? a. Bronze, Silver, Gold b. Unlimited, Gold, Silver, Bronze c. Unauthorized, Authorized, Authentic d. Unlimited, 50PerMin, 20PerMin, 10PerMin
Bronze, Silver, Gold
What tool keeps its cookies in a Cookie Jar? a. BurpSuite b. Nikto c. ZAP d. WebGoat
BurpSuite
The Web Security Dojo is an online testing website. True False
False
What HTTP method causes the proxy to connect to another host? a. PROXY b. RELAY c. POST d. CONNECT
CONNECT
_____ is a newer form of social engineering, whereby a cybercriminal poses as a love interest on a dating website and lure you into a relationship. a. Quid Pro Quo b. Spearphishing c. Catphishing d. Reciprocation
Catphishing
Which class of bluetooth operates up to 100m? a. Class 2 b. Class 4 c. Class 3 d. Class 1
Class 1
Setting up an SSL session starts with what message? a. Server hello b. Client hello c. Client key exchange d. Session hello
Client hello
Websockets run over HTTPS. a. True b. False
False
_____ is a file that passes session ids. a. Cookie b. Statefile c. Breadcrumb d. Chain
Cookie
What is one of the log and alert outputs for Snort? a. Default file /var/logs/snort/ b. Default file /var/log/snort/ c. fast_alert d. full_alert
Default file /var/logs/snort/
Starting at the first Advanced Windows Defender screen, where do you turn off a unicast response for your public profile? a. Defender Properties > then under Settings, Customize b. Defender Properties > Public Profile > then under Settings, Customize c. Public Profile > then under Settings, Customize d. Defender Properties > Profile > then under Settings, Customize
Defender Properties > Public Profile > then under Settings, Customize
The major security process in WPS is called _____. a. WAP b. NONCE c. TKIP d. EAPOL
EAPOL
Which tool comes with Security Onion? a. ELSA b. SGUI c. PLICO d. Metasploit
ELSA
ZAP cannot be used to change message contents. True False
False
Aside from a personal firewall, what is another example of a firewall? a. Institution firewall b. Enterprise firewall c. Business firewall d. Windows firewall
Enterprise firewall
What is the correct sequence of events when using Cain for session hijack? a. Select targets, enumerate hosts, poison the network b. Poison the network, select targets, enumerate hosts c. Enumerate hosts, select targets, poison the network d. Poison the network, enumerate hosts, select targets
Enumerate hosts, select targets, poison the network
What is the second step for a hacker to acquire a social engineering victim? a. Establishing trust b. Reconnaissance c. Departure d. Exploiting trust
Establishing trust
The four main phases of Social Engineering are: reconnaissance, establishing trust, exploiting that trust, then ____ . a. Pretexting b. Exit c. Quid Pro Quo d, Reciprocation
Exit
A BSSID is a network's familiar name. True False
False
A web proxy must pass packets through unchanged. True False
False
Acrylic Analyzer requires an external adapter to operate. True False
False
DNS hijacking always requires capture of port 53. True False
False
If someone shows signs of being disgruntled at work, a manager should take their time and not rush into speaking to the employee. True False
False
QUIC is a form of TCP connection. True False
False
SSL stripping involves using a fake certificate. a. True b. False
False
Someone shows up at your place of work and requests access to a restricted area of the building. They are wearing an official uniform, such as from a cable or phone company. You don't need to ask for credentials before allowing them into your building. True False
False
Which three items should be on the perimeter of an enterprise's logical network? a. A modem, routers, and switches b. Walls, bollards, and fences c. Firewalls, intrusion detection systems, and honeypots d. Security guards, bollards, and cameras
Firewalls, intrusion detection systems, and honeypots
Which protocol does a web application firewall monitor by default? a. TCP/IP b. SHTTP c. HTTP d. HTTPS
HTTP
Which is least likely a sign of a scam on a dating site? a. Has many selfies with many friends and family members b. Profess love quickly c. Needs money to travel to see you d. Plans to visit but backs out
Has many selfies with many friends and family members
What does Wifite collect to crack WEP? a. Handshakes b. M3 Messages c. Deauths d. Initialisation Vectors
Initialisation Vectors
Which column selection allows you to edit object attributes within Firewall Builder? a. Action b. Source c. Service d. Interface
Interface
Webscarab is written in what language? a. C b. Python c. Ruby d. Java
Java
The SET provides the tools to build the bait; however, to complete the attack you'll want to use Metasploit and create the exploit. True False
True
"Assign only the privileges needed to a program, process, or privileged user of a system for the shortest time necessary, and in as small a domain as possible to complete a task without hindrance" refers to the Principle of _____. a. Temporal Key Integrity b. Least Privilege c. Network Access Protection d. Certifying Authority
Least Privilege
A _____ attack is a Facebook-tailored version of an attack also known as "clickjacking." a. Patch hack b. Smishing c. Jailbreaking d. Likejacking
Likejacking
The WiFi Pineapple allows whitelisting to contain an attack. True False
True
Other than the iptables configuration once a configuration has been made, what else should you check? a. Port table b. NAT table c. IP table d. ARP table
NAT table
What tool would we use with PuttyRider to provide real time interception of an SSH session? a. Ettercap b. Netcat c. Nmap d. Cain
Netcat
Drones use what wifi security protocol? a. None b. WPA 2 c. WEP d. WPA 1
None
What is the OWTF? a. OWASP Top Flaws b. OWASP Web Testing Framework c. Open Web Testing Framework d. Online Web Test Form
OWASP Web Testing Framework
What does the following configuration entry convert the key into? jcrichton-mac:~ john$ cd .ssh jcrichton-mac:.ssh john$ ssh-keygen -e -f id_rsa.pub a. SSH b. PKF format c. SSH2 d. RSA
PKF format
Although there are different methods, the social engineer will use _____, which is lying in order to obtain information. a. Quid Pro Quo b. Reciprocation c. Pretexting d. Cruising
Pretexting
Companies use _____ to let you know what personal financial information a company collects and what they do with the information, and how the company protects your information. a. Privacy notes b. Temporal cloning c. Certifying authorities d. Online access protection
Privacy notices
What BurpSuite main screen tab is used to switch intercept on or off? a. Site b. Preferences c. Options d. Proxy
Proxy
Pixiedust extracts the WPA key by exploiting _____. a. device memory b. exchange protocol c. encryption algorithm d. random number generator
Random number generator
Which tool do we use to find a hidden bluetooth device? a. hcitool b. BTScanner c. l2ping d. Redfang
Redfang
There are _____ tiers in the multitier control strategy. a. seven b. six c. five d. eight
Seven
Use caller ID for all calls, and if possible, use a separate _____ for inside calls. a. Ring tone b. Robocall c. Temporal clone d. Patch tone
Ring tone
A ____ uses a computerized autodialer to reach a person by phone to pitch something to the victim and try to get them to buy something using a credit card, give up personal information, or get the victim to install something on their computer. a. Robocall b. Jailbreak c. Smish bomb d. Patch hack
Robocall
In the right setting, someone can _____ your information by simply watching what you type. a. Phish b. Cruise c. Shoulder surf d. Spam
Shoulder surf
Heat mapping measures _____. a. room temperature b. voltage c. AP temperature d. signal strength
Signal strength
What protocol does the WeMo switch use for commands? a. UDP b. XML c. SOAP d. HTTP
SOAP
An Evil Twin duplicates _____. a. BSSID b. SSID, BSSID, and channel c. SSID d. channel
SSID, BSSID, and channel
The ability to detect networks is a factor of _____. a. application b. sensitivity c. gain d. power
Sensitivity
When hijacking a TCP session, what do we need to predict? a. Timestamp b. Flags c. Sequence number d. Acknowledgement number
Sequence number
What is the name of the plugin that allows cookies to be manipulated? a. TamperMonkey b. CookieEater c. CookieMonster d. CookieMonkey
TamperMonkey
What tool is used as an extension for storing cookies? a. Cookie cutter b. Ettercap c. Shijack d. TamperMonkey
TamperMonkey
The relative sequence number reflects _____. a. The number of packets exchanged b. A random number c. A fixed value set at handshake d. The data transmitted so far
The data transmitted so far
A switch has an IP of 192.168.10.25 on a /25 network. A host has an IP of 192.168.10.129, and the email server is 192.168.10.111. Why can't the host ping anything? a. The issue is the firewall on the host. b. The host's IP is outside the IP range of the switch. c. The switch's e5 port is shut down. d. The email server's IP is outside the IP range of the switch.
The host's IP is outside the IP range of the switch
What is the target in a cross site scripting attack? a. the user who browses an infected server b. the web server database c. the web application developer d. the web administrator of the infected server
The user who browses an infected server.
When users go to the internet, which technique is more effective than whitelisting a site to prevent them from going to a secure malicious site? a. There isn't a more effective technique. b. Proxy is more effective. c. Block Port 80 is more effective. d. Blacklist is more effective.
There isn't a more effective technique
Which element of social engineering is used when using email? a. Victim b. Motive c. Stimulus d. Tools
Tools
A cookie can be used to maintain session state. True False
True
A man-in-the-browser attack can inject HTML code into a web page. True False
True
A reverse proxy allows incoming traffic to be monitored for malicious content such as SQL injection. True False
True
Cybercriminals can embed malicious content in advertisements. This can even happen on a previously visited legitimate website. True False
True
Kali comes with ZAP pre-loaded. True False
True
Modern cars can be remotely accessed from the Internet. True False
True
Reaver uses a dictionary attack on WPS. True False
True
"User A" installed Kali on a VM housed in Windows Virtual PC and is trying to connect to GNS3, but is unable to do so. Why? a. The IP scheme for the network is not set up correctly. b. The firewall on the workstation with GNS3 is on. c. Windows Virtual PC is not supported by GNS3. d. The GNS3 configuration is incorrect.
Windows Virtual PC is not supported by GNS3.
How does ZedLan provide its analysis? a. at Source IP, Port, IP Protocol, and Conversation b. at Port, IP, IP Protocol, and Conversation c. at Destination Port, Source Port, Protocol, and Conversation d. at Port, Source IP, Destination IP, and Protocol
at Source IP, Port, IP Protocol, and Conversation
What is the WiFi Pineapple? a. all of these answers b. a small form factor Linux system c. an access point d. a hardware based network testing toolkit
all of these answers
Which file tells Cowrie the passwords to use? a. data/user.text b. data/usedb.text c. data/rootdb.text d. data/userdb.text
data/userdb.text
What HTML verb indicates a hyperlink? a. link b. content c. href d. h1
href
What is the command to monitor a port 4545? a. nmap>lp -nc 4545 b. nmap -l 4545 c. nmap<nc -lp 4545 d. nmap>nc -lp 4545
nmap>nc -lp 4545
Which command provides the correct syntax that removes conduits to static translations? a. pixfirewall(config)# no conduit 192.168.42.0 tcp b. pixfirewall# no conduit 192.168.42.0 25 tcp c. pixfirewall(config)# no conduit 192.168.42.0 25 tcp d. pixfirewall(config)# no conduit tcp
pixfirewall(config)# no conduit 192.168.42.0 25 tcp
What switches do you use on Uniscan to do full enumeration? a. x b. all c. qweds d. f
qweds
What protocol does Bluesnarfer use to access data? a. tcp/ip b. hci c. rfcomm d. udp
rfcomm
Which iptables command allows incoming traffic on specific ports? a. sudo iptables -E INPUT -d tcp --dport ssh -j ACCEPT b. sudo iptables -A INPUT -i tcp --dport ssh -s ACCEPT c. sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT d. sudo iptables -I INPUT -o tcp --dport ssh -x ACCEPT
sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT