NETW-238 Final

Which of the following IEEE projects was developed to create LAN and WAN standards?

802

Which IEEE standard can achieve a throughput of 54 Mbps?

802.11g

What type of encryption is currently used to secure WPA2?

AES

Which IDS system uses a baseline of normal activity and then sends an alert if the activity deviates significantly from this baseline?

Anomaly-based IDS

Which of the following refers to verifying the sender or receiver (or both) is who they claim to be?

Authentication

What type of malicious code could be installed in a system's flash memory to allow an attacker to access the system at a later date?

BIOS-based rootkit

What programming languages are vulnerable to buffer overflow attacks?

C and C++

Which specific type of tag do All CFML tags begin with?

CF

For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?

CIFS

Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later?

Common Internet File System

Which of the following sits between the Internet and the internal network and is sometimes referred to as a perimeter network?

DMZ

Which of the following protocols is an enhancement to PPP, and was designed to allow a company to select its authentication method?

EAP

A user can view the source code of a PHP file by using their Web browser's tools.

False

AES uses a 128-bit key and is used in PGP encryption software.

False

Routers are the bridge between wired and wireless networks.

False

Samba is a proprietary implementation of CIFS.

False

Windows 10, Windows 8, Windows Server 2016, and Windows Server 2012 have most services and features enabled by default.

False

What configuration mode allows a Cisco administrator to configure router settings that affect the overall operations of the router?

Global configuration mode

Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?

HFNetChk

What type of IDS/IPS is used to protect a critical network server or database server by installing the IDS or IPS software on the system you're attempting to protect?

Host-based

Which type of device monitors a network's hardware so that security administrators can identify attacks in progress and stop them?

IDS

What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and the Apple iPhone OS?

Java-based

Which of the following is a common Linux rootkit?

Linux Rootkit 5

To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?

MBSA

A device that performs more than one function, such as printing and faxing is called which of the following?

MFD

Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?

Mandatory Access Control

Visual Basic Script (VBScript) is a scripting language developed by which of the following companies?

Microsoft

Which of the following resources is an excellent starting point for security professionals when investigating VBScript vulnerabilities?

Microsoft Security Bulletin

What is the current file system that Windows utilizes that has strong security features?

NTFS

Which type of wireless technology uses microwave radio waves to transmit data?

Narrowband

Which of the following protocols does NetBios use to access a network resource?

NetBEUI

Which of the following interfaces, developed by Microsoft, is a set of interfaces that enable applications to access data stored in a database management system (DBMS)?

OLE DB

Which of the following programming languages was originally used primarily on UNIX systems, but is used more widely now on many platforms, such as Macintosh and Windows?

PHP

If an organization does not want to rely on a wireless device to authenticate users, which of the following is a secure alternative?

RADIUS server

Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?

RPC

What encryption algorithm can be used for both encryption and digital signing, uses a one-way function, and is still widely used in e-commerce?

RSA

What specific type of tools can assist teams by identifying attacks and indicators of compromise by collecting, aggregating, and correlating log and alert data from routers, firewalls, IDS/IPS, endpoint logs, Web filtering devices, and other security tools?

SIEM

Connecting to an MS SQL Server database with Microsoft's Object Linking and Embedding Database (OLE DB) requires using which of the following providers?

SQLOLEDB

What type of attack is being performed when an attacker intercepts the initial communications between a Web server and a Web browser while forcing a vulnerable server to insecurely renegotiate the encryption being used down to a weaker cipher?

SSL/TLS downgrade attack

Which of the following is an open-source implementation of CIFS?

Samba

A large organization that is responsible for sensitive or critical data may elect to create which of the following to do damage assessment, risk remediation, and legal consultation?

Security Operations Center

When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?

Share-level security

Which type of Cisco access lists can restrict IP traffic entering or leaving a router's interface based only on the source IP address?

Standard IP

Which of the following application tests analyzes an application's source code for vulnerabilities, and is therefore only possible when the source code of an application is available?

Static Application Security Testing

Which of the following cross-site scripting vulnerabilities types is especially harmful because it can be delivered to subsequent users of the application?

Stored

SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?

TCP/IP

What protocol improves WPA encryption by adding Message Integrity Checks, Extended Initialization Vectors, Per-packet key mixing, and a Re-keying mechanism to improve encryption?

TKIP

CGI programs can be written in many different programming and scripting languages, such as C/C++, Perl, UNIX shells, Visual Basic, and FORTRAN.

True

ECC is an efficient algorithm requiring few hardware resources, so it's a perfect candidate for wireless devices and cell phones.

True

Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have.

True

OLE DB relies on connection strings that enable the application to access the data stored on an external device.

True

Routers operate at the Network layer of the TCP/IP protocol stack.

True

Symmetric algorithms support confidentiality, but not authentication and nonrepudiation.

True

The 802.11b standard introduced Wired Equivalent Privacy (WEP), which gave many users a false sense of security that data traversing the WLAN was protected.

True

The MSBA tool can quickly identify missing patches and misconfigurations.

True

Web applications written in CFML can also contain other client-side technologies, such as HTML and JavaScript.

True

Windows Software Update Services (WSUS) is designed to manage patching and updating system software from the network.

True

When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource?

User-level security

Which of the following is a flawed wireless authentication standard created to allow users to easily add devices to a wireless network securely?

WPS

Which of the following if often found within an embedded OS that can cause a potential vulnerability to an attack?

Web server

What wireless hacking tool can perform scans for wireless access points and can set up fake APs to social-engineer users or confuse attackers using airbase-ng?

WiFi Pineapple

Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS?

Windows CE

A certificate contains a unique serial number and must follow which standard that describes the creating of a certificate?

X.509

When hackers drive around or investigate an area with an antenna, they are usually looking for which component of a wireless network?

access point

Which of the following is a transceiver that connects to a network via an Ethernet cable and bridges a wireless LAN with a wired network?

access point (AP)

SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following?

air gap

What type of firewall inspects network traffic at a higher level in the OSI model than a traditional stateful packet inspection firewall does?

application-aware firewall

Ubuntu and Debian Linux use what command to update and manage their RPM packages?

apt-get

What type of attack is being attempted when an attacker uses a password-cracking program to guess passwords by attempting every possible combination of letters?

brute force

Which of the following refers to the flow a user is expected to follow in an application to accomplish a goal?

business logic

To check whether a CGI program works, you can test the URL in your Web browser. Which of the following directories should you save the program to on your Web server before you check the URL in your Web browser?

cgi-bin

Which of the following is contained in a wireless frequency band and breaks up the band into smaller frequency ranges?

channels

What type of attack is being performed when the attacker has access to plaintext and ciphertext, and can choose which messages to encrypt?

chosen-plaintext

Which of the following does Object Linking and Embedding Database (OLE DB) rely on that allows an application to access data stored on an external device?

connection strings

Which of the following is the process of converting ciphertext back into plaintext?

decryption

What type of useful tools can a security tester find available in both Firefox and Chrome Web browsers?

developer tools

When an attacker has access to a password file, they can run a password-cracking program that uses a dictionary of known words or passwords as an input file. What type of attack is this attacker performing?

dictionary

What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?

domain controllers

When Web site visitors are involved in downloading malicious code without their knowledge, they may be unknowingly involved in what type of process?

drive-by download

Which of the following is a mathematical function or program that works with a key?

encryption algorithm

What critical component of any OS, that can be can be vulnerable to attacks, is used to store and manage information?

file system

Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?

firmware

Which JavaScript function is a "method" or sequence of statements that perform a routine or task?

getElementById()

Which of the following is a function that takes a variable-length string or message and produces a fixed-length message digest?

hashing algorithm

Which of the following is a computer placed on the network perimeter with the main goal of distracting hackers from attacking legitimate network resources?

honeypot

Which type of vulnerabilities can result from a server accepting untrusted, unvalidated input?

injection

What is the specific act of filtering, rejecting, or sanitizing a user's untrusted input before the application processes it?

input validation

What type of attack is being conducted when the attacker has messages in both encrypted form and decrypted forms?

known plaintext

Which frequency band is used by commercial AM radio stations?

medium frequency (MF)

What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?

no ACL support

Which of the following is considered to be the most critical SQL vulnerability?

null SA password

What type of an IDS is being used when it does not take any action to stop or prevent an activity occurring?

passive system

Which of the following cross-site scripting vulnerabilities types relies on social engineering to trick a user into visiting a maliciously crafted link or URL?

reflected

Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?

router

What type of function is being performed when a router screens packets based on information in the packet header?

router screening

To examine the router's routing table, a Cisco administrator would enter which command?

show ip route

In 802.11, which of the following is an addressable unit?

station (STA)

What type of cryptography is demonstrated by reversing the alphabet so A becomes Z, B becomes Y, and so on?

substitution cipher

Cryptosystems that have a single key that encrypts and decrypts data are using what type of algorithm?

symmetric

Red Hat and Fedora Linux use what command to update and manage their RPM packages?

yum