ITC 664 Midterm
Windows firewall can allow connections from a specific IP address
True
Wireless networks are more vulnerable to attack than wired networks
True
"For hacking purposes, which of the following is probably least important to the hacker?"
age of the company
A database would be known as an
asset
"When profiling a Unix host, which command shows the operating system?"
cat /prov/version
What is a small file stored on your computer to make browsing easier?
cookie
This foot-printing tool is native to Linux
dig
What Linux command enumerates the users on a remote host?
enum4linux
Which phase of incident response occurs last
lesson learned
Which of these tools identifies the IP address of a domain name?
nslookup
Zenmap is used for
port scanning
"On a Windows machine, using PsTools, what command shows current users?"
psLoggedOn
The largest attack surface is found in ______
software
"When profiling a Unix host, which command lists all firewall rules for the network?"
sudo iptables -L
"In Windows, the _______ command will show only a list of devices encountered, and time elapsed, en route to the destination"
tracert
Which tools is used to discover flaws in a web page's HTML code
webgoat
Which could be most effective in searching for email addresses or hidden content in a web site?
website mirroring
Which group is also known as "Ethical hackers"?
white hat hackers
which of the following is a means to implement an IDS
-anomaly-based, signature-based, and reputation-based
About how many people respond to phishing attacks?
.1
About what percentage of people are willing to give up their password
0.5
About ____% of users are willing to sell their passwords
30
HTTPS usually uses port
443
The first ________ digits of a MAC address identifies the manufacturer
6
"About ________% of data breaches involve weak, default, or stolen passwords"
60
Antivirus software is usually about _____% effective
95
The time anti-virus software such as AVG takes to do a complete scan is about
20 minutes
"Which part of the command "nmap -O -v 100.16.16.50" refers to a computer?"
100.16.16.50
Company security policies should be updated at least every ______ months
12
"In Linux, the uid for user drasdi:x:135:141 is ________ "
135
The market share for Mac OS is about ___%
15
"A(n) _________ builds a model of normal data flows and detects unusual data flows, which could be a sign of malware."
ADS
This uses artificial intelligence to reduct false positive/negatives in intrusion detection
ARS
DNS maps a domain name to a physical location of a web server?
False
Which element of the cyber kill chain occurs later than the others?
Achieving the goal
Which of the following is completed before gaining access to a system
All of these - Reconnaissance - Enumeration - Scanning
Which of the following is considered PII?
All of these - name - SSN - Credit Card #
False positives in an IDS are more problematic than false negatives
False
Files in AVG's quarantine area are not encrypted
False
Which is least likely a sign of a scam artist on a dating site?
Has many selfies with many friends and family members
Wireless networks are usually very secure?
False
You can hack into a system without permission if you are a certified White Hack hacker?
False
Which of the following is NOT a good indicator of malware?
File size
Flooding HTTP services would be classified as a(n) _____ attack
Application
Setting password policies in Windows is an example of
Hardening
Which of the following is a third-party commercial anti-DoS service?
CloudFlare
The nmap command is run using
Command prompt
Linux does not have a built-in firewall
False
Nmap can show you user id's and passwords
False
Which of the following is a honeypot
Cowrie
One of the first things you should do when an incident has occurred is to power off the machine
False
Reflective XSS is more serious than persistent XSS
False
LOIC (low orbit ion cannon) is used for what type of attack?
DDoS
The command "cd" is Linux means "current directory"
False
A hardware keylogger runs with the aid of the target's operating system.
False
A hashing algorithm is used to crack passwords
False
What is the second step for a hacker to acquire a social engineering victim?
Establishing trust
"In a DoS attack, malformed packets can result in choking access to the service."
False
"In session hijacking, the hacker needs to first obtain a user ID and password."
False
Which law gives consumers control of their data
GDPR
Which software can be used to emulate a network
GNS3
The new web protocol QUIC was introduced by
Which of these tools can provide much valuable information about a company?
Which tool uses specific keywords and operators to perform sophisticated searches?
Google hacking
Which of the following test sites primarily utilizes a blog?
Gruyere
Which service is not listed in useful services to enumerate in this video
HTTP
Which Linux command displays firewall settings?
Iptables
The _______ security distribution for Linux contains open source security software packages.
Kali
Which Linux distribution includes many hacking tools
Kali
Which of the following is used to authenticate web sites
LDAP server
What organization has a website that provides information to defend against malware?
Mitre
Which organization publishes guidance on preventing DDoS attacks
NIST
Which organization publishes a Top 10 Web application security risks list?
OWASP
Which is usually not a carrier of hidden data via steganography?
Operating system
What is the weakest form of authentication
Password
What tool is most often used for a fileless attack
Powershell
What software is used to hijack an SSH session where admins communicate with the network?
PuttyRider
What is the most popular type of attack in financial cyber crimes ?
Ransomware
Which phase of hacking obtains information about the target
Reconnaissance
Which type of attack typically uses domain name servers to attack the target?
Reflection
________ is the phase where vulnerabilities are mitigated
Remediate
Which protocol is for network management?
SNMP
The three-way handshake begins with
SYN
The Social-engineer Toolkit does NOT provide tools for this form of attack
Shoulder surfing
What is probably the best way to discover a person's PIN?
Shoulder surfing
Which of the following is an IDS
Snort
_______ is a type of malware that extracts information from the host
Spyware
The Three-way handshake is required by
TCP
The protocol that controls sessions on the Internet is?
TCP
Which program captures network traffic
TCPDump
What software is used to perform a web attack using cookies
Tampermonkey
Which element of social engineering is involved when using email
Tools
Which browser can be used to stay anonymous?
Tor
"By 2022, cybercrime will cost about ________ dollars."
Trillion
"Passwords are usually stored with the aid of hash functions, not encryption functions"
True
A database is an intangible assets
True
An organization generally has the ability to reduce security vulnerabilities
True
Fuzz testing is black box testing
True
GnuPG is software used for encryption
True
MD5 is a hash algorithm
True
Netwitness investigator is preferred over wireshark for analyzing network traffic
True
SQL injection attacks are usually designed to extract information from a database
True
The trend now is for hackers to move from MITM attacks to MITB attacks
True
________ is a type of malware that propagates itself
Virus
This is a flaw in a system
Vulnerability
risk = threat X
Vulnerability
Which of the following has the primary function of filtering traffic for web applications
Web proxy
Which of the following is a way to conduct a MITM attack?
Web proxy, malicious Wi-Fi, ARP poisoning
What software is used to perform a MITM attack using a web proxy
Webscarab
What tool is useful for investigating individual packets in an HTTP session?
Wireshark
Which of the following is NOT a vulnerability scanner?
Wireshark
Cisco firewalls have very limited functionality
false
The NVD feeds into the CVE
false
Vulnerability scanning is also known as penetration testing
false
Which of the following is NOT part of scanning?
footprinting
___________ is a type of malware that hides deep in the operating system and doesn't propagate
rootkit
Finger is used to enumerate information about
users