ITN 261 Mid-Term

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following is not a type of social engineering attack?

Privilege Escalation

What device acts as an intermediary between an internal client and a web resource? Router PBX VTC Proxy

Proxy A proxy acts as an intermediary between internal host computers and the outside world.

Asymmetric encryption is also referred to as which of the following? Shared key Public key Hashing Block

Public key Asymmetric encryption uses two separate keys and is referred to as public key cryptography. Symmetric algorithms use only one key that is used by both the sender and receiver.

During an FIN scan, what indicates that a port is closed? No return response RST ACK SYN

RST

During a Xmas tree scan what indicates a port is closed? No return response RST ACK SYN

RST An RST indicates the port is closed in many of the TCP scan types. The RST is sent in response to a connection request and the RST indicates that the port is not available.

Port number __________ is used by DNS for zone transfers. 53 TCP 53 UDP 25 TCP 25 UDP

53 TCP

Switches deliver data based on hardware or physical address. Which of the following is an invalid physical address on a network card?

?

Which of the following encryption algorithms is sysmmetric?

AES

What utility may be used to stop auditing or logging of events? ADS LM NTFS Auditpol

Auditpol

An attacker can use a(n) __________ to return to a system. Backdoor Cracker Account Service

Backdoor

How is a brute-force attack performed? By trying all possible combinations of characters By trying dictionary words By capturing hashes By comparing hashes

By trying all possible combinations of characters

In IPsec, what does Encapsulating Security Payload (ESP) provide? Data security Header security Authentication services Integrity

Data security Data security services are provided by ESP.

At what point can SSL be used to protect data? On a hard drive On a flash drive On Bluetooth During transmission

During transmission Data can be protected using SSL during transmission. If data is being stored on a hard drive or flash drive, SSL is not effective at proving cryptographic services.

Which of the following is not a flag on a packet? URG PSH RST END

END

__________ is a method for expanding an email list. VRFY EXPN RCPT TO SMTP

EXPN

A polymorphic virus __________. Evades detection through backdoors Evades detection through heuristics Evades detection through rewriting itself Evades detection through luck

Evades detection through rewriting itself

In nmap, _______ occurs when a packet is sent with the FIN flag set.

FIN scan

The process of pen testing includes seven legally mandated steps and they must be followed by every pen tester.

False

Vulnerability Scanners are tools that are used to identify all known and unknown vulnerabilities in a target system.

False

A vulnerability scan is a good way to do what? Find open ports Find weaknesses Find operating systems Identify hardware

Find open ports and find weaknesses

What should a pentester do prior to initiating a new penetration test? Plan Study the environment Get permission Study the code of ethics

Get permission Permission is absolutely essential to be obtained prior to performing any sort of test against a system you don't own. Permission should also be in writing and never verbal.

A contract is important because it does what? Gives permission Gives test parameters Gives proof Gives a mission

Gives proof A contract gives proof that permission and parameters were established.

Which of the following best describes what a hacktivist does? Defaces websites Performs social engineering Hacks for political reasons Hacks with basic skills

Hacks for political reasons A hacktivist engages in mischief for political reasons.

Which of the following best describes what a suicide hacker does? Hacks with permission Hacks without stealth Hacks without permission Hacks with stealth

Hacks without stealth A suicide hacker does not worry about stealth or otherwise conceal their activities but is more concerned with forwarding an agenda.

What network appliance senses irregularities and plays an active role in stopping that irregular activity from continuing? System administrator Firewall IPS IDP

IPS (Intrusion prevention System) An intrusion prevention system (IPS) plays an active role in preventing further suspicious activity after it is detected.

A banner can do what? Identify an OS Help during scanning Identify weaknesses Identify a service

Identify a service

What does hashing preserve in relation to data? Integrity Confidentiality Availability Repudiation

Integrity Hashing is intended to verify and preserve the integrity of data, but it cannot preserve the confidentiality of that data.

Which system should be used instead of LM or NTLM? NTLMv2 SSL Kerberos LM

Kerberos

On newer Windows systems, what hashing mechanism is disabled? Kerberos LM NTLM NTLMv2

LM

An attacker can use __________ to enumerate users on a system. NetBIOS TCP/IP NetBEUI NNTP

NULL session

Which of the following is capable of port redirection? Netstat TCPView Netcat Loki

Netcat

Which of the following is used to perform customized network scans? Nessus Wireshark AirPcap nmap

Nmap

Which of the following can be used to tweak or fine-tune search results? Archiving Operators Hacking Refining

Operators Operators such as filetype are used to manipulate search results for some search engines such as Google.

Which category of firewall filters is based on packet header data only? Stateful Application Packet Proxy

Packet filtering Packet-filtering firewalls inspect solely the packet header information.

Enumeration is useful to system hacking because it provides which of the following? Passwords IP ranges Configurations Usernames

Usernames

VRFY is used to do which of the following? Validate an email address Expand a mailing list Validate an email server Test a connection

Validate an email address

The Wayback Machine is used to do which of the following? Get job postings View websites View archived versions of websites Back up copies of websites

View archived versions of websites The Wayback Machine is used to view archived versions of websites if available (not all websites are archived via the Wayback Machine).

If you have been contracted to perform an attack against a target system, you are what type of hacker? White hat Gray hat Black hat Red hat

White Hat A white-hat hacker always has permission to perform pen testing against a target system.

_____ is a utility designed to allow you to collect information about a domain name or web address.

Whois

__________ involves grabbing a copy of a zone file. Zone transfer nslookup transfers DNS transfer Zone update

Zone transfer

A __________ is a file used to store passwords. Network SAM Database NetBIOS

SAM

A Trojan relies on __________ to be activated. Vulnerabilities Trickery and deception Social engineering Port redirection

Social engineering

Why use Google hacking? To fine-tune search results To speed up searches To target a domain To look for information about Google

To fine-tune search results Google hacking is used to produce more targeted and useful search results than would be possible using normal searches.

What is Tor used for? To hide web browsing To hide the process of scanning To automate scanning To hide the banner on a system

To hide the process of scanning.

Which tool can trace the path of a packet? Ping Tracert Whois DNS

Tracert

Which statement(s) defines malware most accurately? Malware is a form of virus. Trojans are malware. Malware covers all malicious software. Malware only covers spyware.

Trojans are malware. & Malware covers all malicious software.

Which of the following is not a step in the pen testing process?

Vulnerability Analysis

Which of the following is not typically used during footprinting? Search engines Email Port scanning Google hacking

Port Scanning Port scanning is typically reserved for later stages of the attack process.

Which of the following can help you determine business processes of your target through human interaction? Social engineering Email Website Job boards

Social engineering Social engineering can reveal how a company works.

Which of the following is the most popular suit of networking protocols used to exchange information?

TCP/IP

What level of knowledge about hacking does a script kiddie have? Low Average High Advanced

Low Script kiddies have low or no knowledge of the hacking process but should still be treated as dangerous.

Which of the following protocol does the above diagram describe?

SSL

Which of the following describes a hacker who attacks without regard for being caught or punished? Hacktivist Terrorist Criminal Suicide hacker

Suicide Hacker Much like suicide bombers in the real world, suicide hackers do not worry about getting caught; they are only concerned with their mission.

What port range is an obscure third-party application most likely to use? 1 to 1024 1025 to 32767 32768 to 49151 49152 to 65535

49152 - 65535 Ports 49152 to 65535 are known as the dynamic ports and are used by applications that are neither well known nor registered. The dynamic range is essentially reserved for those applications that are not what we would consider mainstream. Although obscure in terms of port usage, repeated showings of the same obscure port during pen testing or assessment may be indicative of something strange going on.

What is the role of social engineering? To gain information about computers To gain information about social media To gain information from human beings To gain information about posts and cameras

To gain information from human beings Social engineering can gain information about computers and other items, but it does so by interacting with people to extract that information.

Which of the following segments is not involved in the 3-way handshake process?

URG

A white-box test means the tester has which of the following? No knowledge Some knowledge Complete knowledge Permission

Complete Knowledge White-box testers have complete knowledge of the environment they have been tasked with attacking.

Which type of hacker may use their skills for both benign and malicious goals at different times? White hat Gray hat Black hat Suicide hacker

Gray hat Gray-hat hackers are typically thought of as those that were formally black hats but have reformed. However, they have been known to use their skills for both benign and malicious purposes.

Which of the following describes an attacker who goes after a target to draw attention to a cause? Terrorist Criminal Hacktivist Script kiddie

Hacktivist A hacktivist is an individual or group that performs hacking and other disruptive activities with the intention of drawing attention to a particular cause or message.

A message digest is a product of which kind of algorithm? Symmetric Asymmetric Hashing Steganography

Hashing A message digest is a product of a hashing algorithm, which may also be called a message digest function.

Which of the following can an attacker use to determine the technology and structure within an organization? Job boards Archives Google hacking Social engineering

Job boards Job boards are useful in getting an idea of the technology within an organization. By looking at job requirements, you can get a good idea of the technology present. While the other options here may provide technical data, job boards tend to have the best chance of providing it.

Companies may require a penetration test for which of the following reasons? Legal reasons Regulatory reasons To perform an audit To monitor network performance

Legal reasons, Regulatory reasons, and to perform an audit Network performance is not the goal of security audits or penetration tests.

Which record will reveal information about a mail server for a domain? A Q MS MX

MX MX records are DNS records used to locate the mail server for a domain.

Which topology has built-in redundancy because of its many client connections? Token ring Bus Hybrid Mesh

Mesh A true mesh topology creates a natural amount of redundancy due to the number of connections used to establish connectivity.

Which technology allows the use of a single public address to support many internal clients while also preventing exposure of internal IP addresses to the outside world? VPN Tunneling NTP NAT

NAT (Network Address Translation) Network Address Translation (NAT) is a technology that funnels all internal traffic through a single public connection. NAT is implemented for both cost savings and network security.

Which tool can be used to view web server information? Netstat Netcraft Warcraft Packetcraft

Netcraft Netcraft can be used to view many details about a web server, including IP address, netblock, last views, OS information, and web server version.

Who first developed SSL? Netscape Microsoft Sun Oracle

Netscape Netscape originally developed SSL, but since its introduction the technology has spread to become a standard supported by many clients such as email, web browsers, VPNs, and other systems.

Symmetric key systems have key distribution problems due to __________. Number of keys Generation of key pairs Amount of data Type of data

Number of keys The number of keys increases dramatically with more and more parties using symmetric encryption; hence it does not scale well.

Which system does SSL use to function? AES DES 3DES PKI

PKI PKI is used in the process of making SSL function. While it is true that AES, DES, and 3DES can be used in SSL connections, PKI is the only one used consistently in all situations.

Which of the following does IPsec use? SSL AES DES PKI

PKI PKI is used with IPsec to allow it to function in environments of any size. IPsec is also capable of using Preshared Key if desired by the system owner.

A public key is stored on the local computer by its owner in a __________. Hash PKI system Smart card Private key

PKI system A public key is not necessarily stored on the local system, but a private key will always be present if the user is enrolled.

Vulnerability research deals with which of the following? Actively uncovering vulnerabilities Passively uncovering vulnerabilities Testing theories Applying security guidance

Passively uncovering vulnerabilities Vulnerability research is a way of passively uncovering weaknesses.

Which of the following does an ethical hacker require to start evaluating a system? Training Permission Planning Nothing

Permission An ethical hacker never performs their services against a target without explicit permission of the owner of that system.

Which port uses SSL to secure web traffic? 443 25 23 80

Port 443 Port 443 is used for HTTPS traffic, which is secured by SSL.

What is the proper sequence of the TCP three-way-handshake? SYN-ACK, ACK, ACK SYN, SYN-ACK, ACK SYN-SYN, SYN-ACK, SYN ACK, SYN-ACK, SYN

SYN, SYN-ACK, ACK Remember this three-way handshake sequence; you will see it quite a bit in packet captures when sniffing the network. Being able to identify the handshake process allows you to quickly find the beginning of a data transfer.

SSL is a mechanism for which of the following? Securing stored data Securing transmitted data Verifying data Authenticating data

Securing transmitted data SSL is used to secure data when it is being transmitted from client to server and back. The system is supported by most clients, including web browsers and email clients.

Which of the following can be used to assess physical security? Web cams Satellite photos Street views Interviews

Street views Street-level views using technology such as Google Street View can give you a picture of what types of security and access points may be present in a location.

Which of these protocols is a connection-oriented protocol? FTP UDP POP3 TCP

TCP (Transmission Control Protocol) Transmission Control Protocol (TCP) is a connection-oriented protocol that uses the three-way-handshake to confirm that a connection is established. FTP and POP3 use connections, but they are not connection-oriented protocols.

A scan of a network client shows that port 23 is open; what protocol is this aligned with? Telnet NetBIOS DNS SMTP

Telnet Port 23 is used for Telnet traffic.

What is a code of ethics? A law for expected behavior A description of expected behavior A corporate policy A standard for civil conduct

A description of expected behavior Code of ethics is a description of expected behavior. While not adhering to ethics typically does not result in legal action, it can result in expulsion from certain organizations such as EC-Council certification.

When scanning a network via a hardline connection to a wired-switch NIC in promiscuous mode, what would be the extent of network traffic you would expect to see? Entire network VLAN you are attached to All nodes attached to the same port None

All nodes attached to the same port Because each switchport is its own collision domain, only nodes that reside on the same switchport will be seen during a scan.

At which layer of the OSI model does a proxy operate? Physical Network Data Link Application

Application Layer Proxies operate at Layer 7, the Application layer of the OSI model. Proxies are capable of filtering network traffic based on content such as keywords and phrases. Because of this, a proxy digs down farther than a packet's header and reviews the data within the packet as well.

Choosing a protective network appliance, you want a device that will inspect packets at the most granular level possible while providing improved traffic efficiency. What appliance would satisfy these requirements? Layer 3 switch NAT-enabled router Proxy firewall Application firewall

Application firewall A packet-filtering firewall operates at Layer 7 (and all layers) of the OSI model and thus filters traffic at a highly granular level.

Pen testers work to find holes in the clients environment that would disrupt the CIA triad and the way it functions. Which of the following is not included int he anti-CIA triad?

Availability

Which of the following manages digital certificates? Hub Key Public key Certificate authority

certificate authority A certificate authority is responsible for issuing and managing digital certificates as well as keys.

If you can't gain enough information directly from a target, what is another option? EDGAR Social engineering Scanning Competitive analysis

competitive analysis Competitive analysis can prove very effective when you're trying to gain more detailed information about a target. Competitive analysis relies on looking at a target's competitors in an effort to find out more about the target.

Which of the following describes the TCP protocol?

connection-orientated

Which of the following can be useful in locating information that a company realized was a bad idea to publish and then removed?

google.com

The group Anonymous is an example of what?

hacktivists Anonymous is an example of hacktivists.

Which of the following best describes hashing? An algorithm A cipher Nonreversible A cryptosystem

nonreversible Hashing is referred to as a cipher or algorithm or even a cryptosystem, but it can be uniquely referred to as a nonreversible mechanism for verifying the integrity of data. Remember that hashing doesn't enforce confidentiality.

How is black-box testing performed? With no knowledge With full knowledge With partial knowledge By a black hat

with no knowledge Black-box testing is performed with no knowledge to simulate an actual view of what a hacker would have.

Which ports does SNMP use to function? 160 and 161 160 and 162 389 and 160 161 and 162

161 and 162

Port number __________ is used for SMTP. 25 110 389 52

25

What is a covert channel? An obvious method of using a system A defined process in a system A backdoor A Trojan on a system

A backdoor

A full-open scan means that the three-way handshake has been completed. What is the difference between this and a half-open scan? A half-open uses TCP. A half-open uses UDP. A half-open does not include the final ACK. A half-open includes the final ACK.

A halp-open does not include the final ACK.

What separates a suicide hacker from other attackers? A disregard for the law A desire to be helpful The intent to reform A lack of fear of being caught

A lack of fear of being caught A suicide hacker's main difference from other hackers is their complete and utter lack of concern in regard to being caught.

What is an ICMP echo scan? A ping sweep A SYN scan A Xmas tree scan Part of a UDP scan

A ping sweep

Which is/are a characteristic of a virus? A virus is malware. A virus replicates on its own. A virus replicates with user interaction. A virus is an item that runs silently.

A virus is a malware. & A virus replicates with user interaction.

Which best describes a vulnerability scan? A way to find open ports A way to diagram a network A proxy attack A way to automate the discovery of vulnerabilities

A way to automate the discovery of vulnerabilities

Which of the following is/are true of a worm? A worm is malware. A worm replicates on its own. A worm replicates with user interaction. A worm is an item that runs silently.

A worm is malware. & A worm replicates on its own.

What is missing from a half-open scan? SYN ACK SYN-ACK FIN

ACK An ACK flag belongs to the last part of the three-way handshake, and this part never happens in a half-open scan.

An overt channel is __________. An obvious method of using a system A defined backdoor process in a system A backdoor A Trojan on a system

AN obvious method of using a system.

Footprinting has two phases. What are they? Active and pseudonymous Active and passive Social and anonymous Scanning and enumerating

Active and passive Footprinting is typically broken into active and passive phases, which are characterized by how aggressive the process actually is. Active phases are much more aggressive than their passive counterparts.

What can be configured in most search engines to monitor and alert you of changes to content? Notifications Schedules Alerts HTTP

Alerts Alerts can be set up with Google as well as other search engines to monitor changes on a given website or URL. When a change is detected, the alert is sent to the requestor.

A covert channel or backdoor may be detected using all of the following except __________. Nmap Sniffers An SDK Netcat

An SDK (software development kit)

In IPsec, what does Authentication Header (AH) provide? Data security Header security Authentication services Encryption

Authentication services The Authentication Header provides authentication services to data, meaning that the sender of the data can be authenticated by the receiver of the data.

What kind of domain resides on a single switchport? Windows domain Broadcast domain Secure domain Collision domain

Collision domain Each port on a switch represents a collision domain.

A good defense against password guessing is __________. Complex passwords Password policy Fingerprints Use of NTLM

Complex passwords

What is not a benefit of hardware keyloggers? Easy to hide Difficult to install Difficult to detect Difficult to log

Difficult to install

A virus does not do which of the following? Replicate with user interaction Change configuration settings Exploit vulnerabilities Display pop-ups

Display pop-ups

Footprinting can determine all of the following except __________? Hardware types Software types Business processes Distribution and number of personnel

Distribution and number of personal

Ethical hackers are also referred to as white hat hackers or script kiddies.

False

Footprinting refers to gathering information using active methods that interact with the target servers.

False

What is the purpose of social engineering? Gain information from a computer through networking and other tools Gain information from the web looking for employee names Gain information from a job site using a careful eye Gain information from a human being through face-to-face or electronic means

Gain information from a human being through face-to-face or electronic means

A __________ is used to represent a password. NULL session Hash Rainbow table Rootkit

Hash

An administrator has just been notified of irregular network activity; what appliance functions in this manner? IPS Stateful packet filtering IDS Firewall

IDS (Intrusion detection systems) Intrusion detection systems (IDSs) react to irregular network activity by notifying support staff of the incident; however, unlike IPSs, they do not proactively take steps to prevent further activity from occurring.

What is an SID used to do? Identify permissions Identify a domain controller Identify a user Identify a mail account

Identify a user.

A sparse infector virus __________. Creates backdoors Infects data and executables Infects files selectively Rewrites itself

Infects files selectively.

Which of the following best describes footprinting? Enumeration of services Discovery of services Discussion with people Investigation of a target

Investigation of target Footprinting is the gathering of information relating to an intended target. The idea is to gather as much information about the target as possible before starting an attack.

__________ is a hash used to store passwords in older Windows systems. LM SSL SAM LMv2

LM

Hubs operate at what layer of the OSI model? Layer 1 Layer 2 Layer 3 Layer 4

Layer 1 Hubs operate at Layer 1, the Physical layer of the OSI model. Hubs simply forward the data they receive. There is no filtering or directing of traffic; thus, they are categorized at Layer 1.

If a device is using node MAC addresses to funnel traffic, what layer of the OSI model is this device working in? Layer 1 Layer 2 Layer 3 Layer 4

Layer 2 A network device that uses MAC addresses for directing traffic resides on Layer 2 of the OSI model. Devices that direct traffic via IP addresses, such as routers, work at Layer 3.

In IPsec, encryption and other processes happen at which layer of the OSI model? Level 1 Level 2 Level 3 Level 4

Level 3 IPsec operates at the Network layer, or Layer 3, of the OSI model, unlike many previous techniques.

Which of the following is a common hashing protocol? MD5 AES DES RSA

MD5 MD5 is the most widely used hashing algorithm, followed very closely by SHA1 and the SHA family of protocols.

SNMP is used to do which of the following? Transfer files Synchronize clocks Monitor network devices Retrieve mail from a server

Monitor network devices

ADS requires what to be present? SAM Domain NTFS FAT

NTFS

Alternate Data Streams are supported in which file systems? FAT16 FAT32 NTFS CDFS

NTFS

If a domain controller is not present, what can be used instead? Kerberos LM NTLMv1 NTLMv2

NTLMv2

__________ is used to synchronize clocks on a network. SAM NTP NetBIOS FTP

NTP

Which of the following types of attack has no flags set? SYN NULL Xmas tree FIN

NULL A NULL scan has no flags configured on its packets.

An attacker can use __________ to enumerate users on a system. NetBIOS TCP/IP NetBEUI NNTP

NetBIOS

Which of the following is used for identifying a web server OS? Telnet Netcraft Fragroute Wireshark

Netcraft Netcraft is used to gather information about many aspects of a system, including operating system, IP address, and even country of origin.

Which of the following is a port scanner?

Nmap

Which of the following tools is a vulnerability scanner?

OpenVAS

Enumeration is useful to system hacking because it provides __________. Passwords IP ranges Configuration Usernames

Passwords and Usernames

nmap is required to perform what type of scan? Port scan Vulnerability scan Service scan Threat scan

Port scan

What does the enumeration phase not discover? Services User accounts Ports Shares

Ports

LDAP is used to perform which function? Query a network Query a database Query a directory Query a file system

Query a database

A Trojan can include which of the following? RAT TCP Nmap Loki

RAT (remote access trojan)

A __________ is a type of offline attack. Cracking attack Rainbow attack Birthday attack Hashing attack

Rainbow attack

What are worms typically known for? Rapid replication Configuration changes Identity theft DDoS

Rapid replication

Which network topology uses a token-based access methodology? Ethernet Star Bus Ring

Ring networks Token ring networks use a token-based access methodology. Each node connected to the network must wait for possession of the token before it can send traffic via the ring.

Which of the following is a hashing algorithm?

SHA256

SNScan is used to access information for which protocol? SMTP FTP SMNP HTTP

SMNP

You have selected the option in your IDS to notify you via email if it senses any network irregularities. Checking the logs, you notice a few incidents but you didn't receive any alerts. What protocol needs to be configured on the IDS? NTP SNMP POP3 SMTP

SMTP (Simple mail transfer protocol) Simple Mail Transfer Protocol (SMTP) operates on port 25 and is used for outgoing mail traffic. In this scenario, the IDS SMTP configuration needs to be updated.

What is the sequence of the three-way handshake? SYN, SYN-ACK, ACK SYN, SYN-ACK SYN, ACK, SYN-ACK SYN, ACK, ACK

SYN, SYN-ACK, ACK

__________ is used to partially encrypt the SAM. SYSKEY SAM NTLM LM

SYSKEY

What phase comes after footprinting? System hacking Enumeration Scanning Transfer files

Scanning Scanning comes after the footprinting phase. Footprinting is used to get a better idea of the target.

NTLM provides what benefit versus LM? Performance Security Mutual authentication SSL

Security

SMTP is used to perform which function? Monitor network equipment Transmit status information Send email messages Transfer files

Send email messages

Symmetric cryptography is also known as __________. Shared key cryptography Public key cryptography Hashing Steganography

Shared key cryptography Symmetric cryptography is also known as shared key cryptography.

A remote access Trojan would be used to do all of the following except __________. Steal information Remotely control a system Sniff traffic Attack another system

Sniff traffic

A DNS zone transfer is used to do which of the following? Copy files Perform searches Synchronize server information Decommission servers

Synchronize server information

An SYN attack uses which protocol? TCP UDP HTTP Telnet

TCP

Which of the following is not a Trojan? BO2K LOKI Subseven TCPTROJAN

TCPTROJAN

Which utility will tell you in real time which ports are listening or in another state? Netstat TCPView Nmap Loki

TCPView

Which of the following is a utility used to reset passwords? TRK ERC WinRT IRD

TRK (Trinity Rescue Kit)

What does TOE stand for? Target of evaluation Time of evaluation Type of evaluation Term of evaluation

Target of Evaluation TOE stands for target of evaluation and represents the target being tested.

Which of the following is used for banner grabbing? Telnet FTP SSH Wireshark

Telnet

What is the three-way handshake? The opening sequence of a TCP connection A type of half-open scan A Xmas tree scan Part of a UDP scan

The opening sequence of a TCP connection.

Which of the following is true when creating a digital signature?

The sender encrypts the hash of a message with sender's private key.

A logic bomb is activated by which of the following? Time and date Vulnerability Actions Events

Time and date, Actions, and events

Why would you need to use a proxy to perform scanning? To enhance anonymity To fool firewalls Perform half-open scans To perform full-open scans

To enhance anonymity. You do not need to use a proxy to perform scanning, but using one will hide the process of scanning and make it more difficult to monitor by the victim or other parties.

What is the purpose of a proxy? To assist in scanning To perform a scan To keep a scan hidden To automate the discovery of vulnerabilities

To keep a scan hidden.

SNMP is used to perform which function in relation to hardware? Trap messages Monitor and manage traffic Manage users and groups Monitor security and violations

Trap messages

A logic bomb has how many parts, typically? One Two Three Four

Two

Which command can be used to view NetBIOS information? netstat nmap nbtstat telnet

nbtstat

How would you use Netcat to set up a server on a system? nc -l -p 192.168.1.1 nc -l -p 1000 nc -p -u 1000 nc -l -p -t 192.168.1.1

nc -l -p 192.168.1.1

What command is used to listen to open ports with netstat? netstat -an netstat -ports netstat -n netstat -s

netstat -an

Enumeration does not uncover which of the following pieces of information? Services User accounts Ports Shares

ports

Which of the following would be a very effective source of information as it relates to social engineering? Social networking Port scanning Websites Job boards

social networking Social networking has proven especially effective for social engineering purposes. Due to the amount of information people tend to reveal on these sites, they make prime targets for information gathering.

__________ is the process of exploiting services on a system. System hacking Privilege escalation Enumeration Backdoor

system hacking

A public and private key system differs from symmetric because it uses which of the following? One key One algorithm Two keys Two algorithms

two keys A public and private key are mathematically related keys, but they are not identical. In symmetric systems only one key is used at a time.

Which of the following would confirm a user named chell in SMTP? vrfy chell vrfy -u chell expn chell expn -u chell

vrfy chell

Which of the following best describes PGP? A symmetric algorithm A type of key A way of encrypting data in a reversible method A key escrow system

A way of encrypting data in a reversible method. PGP is a method of encrypting stored data to include emails, stored data, and other similar information. It is a form of public and private key encryption.

Which of the following best describes a vulnerability? A worm A virus A weakness A rootkit

A weakness A vulnerability is a weakness. Worms, viruses, and rootkits are forms of malware.

What is EDGAR used to do? Validate personnel Check financial filings Verify a website Gain technical details

Check financial filings EDGAR can be used to verify the financial filings of a company.

IPsec uses which two modes? AH/ESP AES/DES EH/ASP AES/ESP

AH/ESP IPsec uses two modes: Authentication Header (AH) and Encapsulating Security Payload (ESP). Both modes offer protection to data but do so in different ways.

What are the 7 steps of an ethical hacker?

Footprinting, Scanning, Enumeration, System Hacking, Escalation of Privilege, Covering Tracks, and Planting Backdoors

Which of the following would most likely engage in the pursuit of vulnerability research? White hat Gray hat Black hat Suicide hacker

White hat White hats are the most likely to engage in research activities, and although gray and black hats may engage in these activities, they are not typical.

Which OS holds 90 percent of the desktop market and is one of our largest attack surfaces? Windows Linux Mac OS iOS

Windows Windows remains king for sheer volume and presence on desktop and servers.


Ensembles d'études connexes

НПАОП 0.00-1.71-13 "Правила охорони праці під час роботи з інструментом та пристосуваннями" 2021

View Set

Classification of Muscles and Rotator Cuff

View Set

Study Chapter 9) Other Provisions

View Set