Module 10 Test
Which command can be used on a Windows system to create a hash of a file? a. md5 b. shasum c. Get-FileHash d. Compute-FileHash
Get-FileHash
Which form of SHA was developed by private designers?
SHA-3
Which of the following is considered a secure protocol? a. FTP b. SSH c. Telnet d. HTTP
b. SSH
On a Linux based system, what command can you use to create a hash of a file using SHA-256? a. sha1sum b. md5sum c. sha256sum d. shasum -a 256
c. sha256sum
What is the difference between a vulnerability and an exploit?
A vulnerability is a weak spot in a system or program and an exploit is using the vulnerability to enter or compromise the software or network.
List five subtypes of DoS attacks.
DDoS (distributed DoS) attack, DRDos (distributed reflection DoS) attack, Amplified DRDos attack, PDoS (permanent DoS) attack, and Friendly DoS attack
What steps should your company take to protect data on discarded devices?
Destroy the hard drive before being sent to a disposal service.
Give an example of biometric detection.
Facial recognition, fingerprint scanning, iris scan, etc
A hacker, in the original sense of the word, is someone with technical skill and malicious intent. True or False?
False
Different types of organizations have similar levels of network security risks. True or False?
False
It is ideal to use the same password for multiple different applications, provided the password is complex enough. True or False?
False
The original version of the Secure Hash Algorithm was developed by MIT. True or False?
False
Why might organizations be willing to take on the risk of BYOD?
It saves them money
What are the four phases in the social engineering attack cycle?
Phase 1 - Research Phase 2 - building trust Phase 3 - exploit Phase 4 - exit
What type of scan process might identify that Telnet is running on a server?
Port Scanning
A neighbor hacks into your secured wireless network on a regular basis, but you didn't give her the password. What loophole was most likely left open?
The default password was not changed
What unique characteristic of zero-day exploits makes them so dangerous?
They are dangerous because the vulnerability is exploited before the software developer can provide a solution for it or before the user applies the published solution.
A drop ceiling could be used by an intruder to gain access to a secured room. True or False?
True
Over a long-distance connection, using SSH keys is more secure than using passwords. True or False?
True
The day after Patch Tuesday is informally dubbed Exploit Wednesday. True or False?
True
The term malware is derived from a combination of the words malicious and software. True or False?
True
Unexplained increase in file size & unusual error messages w/o apparent cause are both potential symptoms of a virus. True or False?
True
Which of the following statements correctly describes the malware characteristic of polymorphism? a. Can change its characteristics every time it is transferred to a new system b. Designed to activate on particular date remaining harmless until that time c. Disguises itself as legit program or replaces a legitimate program's code d. Utilizes encryption to prevent detection
a. Can change its characteristics every time it is transferred to a new system
What type of attack relies on spoofing? a. Deauth attack b. Friendly DoS attack c. Tailgating d. Pen testing
a. Deauth attack
A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers to collect information from people who make the same typo. What kind of attack is this? a. Phishing b. Tailgating c. Quid pro quo d. Baiting
a. Phishing
Which of the following attack simulations detect vulnerabilities and attempt to exploit them? Choose two. a. Red team-blue team exercise b. Vulnerability assessment c. Security audit d. Pen testing
a. Red team-blue team exercise d. Pen testing
Where would restrictions regarding what users can and cannot do while accessing a network's resources be found? a. acceptable use policy document b. terms of service document c. license restrictions document d. non-disclosure agreement document
a. acceptable use policy document
What type of an attack forces clients off a wireless network, creating a form of Wi-Fi DoS? a. deauthentication attack b. channel hopping attack c. man-in-the-middle attack d. ARP poisoning attack
a. deauthentication attack
VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software? a. mobile device management software b. software defined network software c. virtual device management software d. cloud network management software
a. mobile device management software
A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this? a. Principle of least privilege b. Insider threat c. Vulnerability d. Denial of service
b. Insider threat
Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this? a. Ransomware b. Logic bomb c. Virus d. Worm
b. Logic bomb
A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use? a. AUP b. NDA c. MDM d. BYOD
b. NDA
Which utility performs sophisticated vulnerability scans, & can identify unencrypted data such as credit card numbers? a. Nmap b. Nessus c. Metasploit d. L0phtcrack
b. Nessus
What statement regarding denial-of-service (DoS) attacks is accurate? a. Occurs when a MAC address is impersonated on the network b. Prevents legitimate users from accessing normal network resources c. Is generally a result of a disgruntled employee d. No longer major concern due to increased throughput available on networks
b. Prevents legitimate users from accessing normal network resources
You need to securely store handheld radios for your network technicians to take with them when they're troubleshooting problems around your campus network. What's the best way to store these radios so all your techs can get to them and so you can track who has the radios? a. Locking rack b. Smart locker c. Locking cabinet d. Access control vestibule
b. Smart locker
What type of door access control is a physical or electronic lock that requires a code in order to open the door? a. key fob lock b. cipher lock c. biometric lock d. encrypted lock
b. cipher lock
How often should you require users to change their passwords? a. every 30 days b. every 60 days c. every 90 days d. every 120 days
b. every 60 days
A virus that remains dormant until a specific condition is met is known as what type of malware? a. encrypted virus b. logic bomb c. boot sector virus d. worm
b. logic bomb
What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes? a. Nessus b. metasploit c. nmap d. Sub7
b. metasploit
Concept of giving employees & contractors only enough access & privileges to do their jobs is known by what term? a. least-risk privilege profile b. principle of least privilege c. minimal access/minimal exposure d. limited liability access
b. principle of least privilege
In the typical social engineering attack cycle, what occurs at Phase 3? a. Attacker researches the desired target for clues as to vulnerabilities b. Attacker builds trust with the target & attempts to gain more information c. Attacker exploits an action undertaken by victim in order to gain access d. Attacker executes exits strategy that doesn't leave evidence or suspicion
c. Attacker exploits an action undertaken by victim in order to gain access
A variant of BYOD, what does CYOD allow employees or student to do? a. Supply their own software on a computer or mobile device b. Supply their choice of cloud application or storage c. Choose a device from a limited number of options d. Use whatever devices they wish to bring
c. Choose a device from a limited number of options
Utilized by "Great Firewall", what attack can prevent user access to web pages/redirect them to illegitimate web pages? a. MAC address spoofing b. denial-of-service attack c. DNS poisoning d. rogue DHCP server
c. DNS poisoning
Which type of DoS attack orchestrates an attack bounced off uninfected computers? a. FTP bounce b. Ransomware c. DRDoS attack d. PDoS attack
c. DRDoS attack
In a red team-blue team exercise, what is the purpose of the blue team? a. Is tasked with attacking the network b. Must observe the actions of the red team c. Is charged with the defense of the network d. Consists of regulators that ensure no illegal activity is undertaken
c. Is charged with the defense of the network
Which of the following statements describes a worm a. Disguises itself as something useful but actually harms your system b. Process that runs automatically, w/o requiring person to start/stop it c. Runs independently of other software & travels between PCs/across networks d. Program that locks user's data/computer system until a ransom is paid
c. Runs independently of other software & travels between PCs/across networks
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack? a. buffer overflow b. session hijacking attack c. man-in-the-middle attack d. banner-grabbing attack
c. man-in-the-middle attack
If someone is offered a free gift of service in exchange for private information or access to a computer system. a. phishing b. baiting c. quid pro quo d. tailgating
c. quid pro quo
Which of the following scenarios represents a phishing attempt? a. An employee has received a malware-infected file in their e-mail b. Person posing as employee tried to access secured area at your org c. Gift offered to employee w/ access to secured info in exchanged for details d. E-mail was sent to manager at your comp. that appeared to be from the CTO
d. E-mail was sent to manager at your comp. that appeared to be from the CTO
What is the Nmap utility used for? a. Used to identify unsecured sensitive data on network such as credit cards b. Automated vulnerability and penetration testing framework c. Software firewall that can be used to secure a vulnerable host d. Port scanning utility that can identify open ports on a host
d. Port scanning utility that can identify open ports on a host
Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct to develop your recommendations for the upgrade priorities? a. Data breach b. Security audit c. Exploit d. Posture assessment
d. Posture assessment
What statement regarding the different versions of the SHA hashing algorithm is accurate? a. SHA-0 is the most secure version of SHA b. SHA-1 supports a 128-bit hash function c. SHA-2 only supports a 256-bit hash d. SHA-2 and SHA-3 both support the same hash lengths
d. SHA-2 and SHA-3 both support the same hash lengths
An RFID label on a box is an example of what type of physical security detection method? a. motion detection technology b. video surveillance via CCTV c. tamper detection d. asset tracking tagging
d. asset tracking tagging
If multiple honeypots are connected to form a larger network, what term is used to describe the network? a. combolure b. lurenet c. honeycomb d. honeynet
d. honeynet
Person posing as employee strikes a conversation w/ legitimate employee as they walk into a secured area a. phishing b. baiting c. quid pro quo d. tailgating
d. tailgating