questions i got wrong on testout (final)
Which of the following HTTP response messages would you receive if additional action needs to be taken to complete the request?
3xx: Redirection
Which of the following describes Mobile Device Management software?
A combination of an on-device application or agent that communicates with a backend server to receive policies and settings.
Which of the following best describes a rogue access point attack?
A hacker installing an unauthorized access point within a company.
Which of the following describes a PKI?
A security architecture that ensures data connections between entities are validated and secure.
You work for a very small company that has 12 employees. You have been asked to configure wireless access for them. Knowing that you have a very limited budget to work with, which of the following technologies should you use?
A software-based access point.
Which of the following best describes the SQL Power Injector tool?
A tool used to find SQL injections on a web page.
Frank, an attacker, has gained access to your network. He decides to cause an illegal instruction. He watches the timing to handle an illegal instruction. Which of the following is he testing for?
A virtual machine
Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on the network?
ARP poisoning
Which key area in the mobile device security model is supported by device designers requiring passwords, biometrics, and two-factor authentication methods?
Access controls
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption?
Adaptive chosen plain text
You are using BlazeMeter to test cloud security. Which of the following best describes BlazeMeter?
An end-to-end performance and load testing tool that can simulate up to 1 million users and makes realistic load tests easier.
Which of the following best describes a certificate authority (CA)?
An entity that issues digital certificates.
Which of the following IDS detection types compare behavior to baseline profiles or network behavior baselines?
Anomaly-based Explanation Anomaly-based detection compares behavior to baseline profiles or network behavior baselines. These baseline profiles are used to define what is normal behavior on the network or host.
User-Mode-Linux (UML) is an open-source tool used to create virtual machines. It's efficient for deploying honeypots. One of the big issues with UML is that it doesn't use a real hard disk, but a fake IDE device called /dev/ubd*. How can an attacker find a UML system?
Attackers need to take a look at the /etc/fstab file or execute the mount command.
Jim, a smartphone user, receives a bill from his provider that contains fees for calling international numbers he is sure he hasn't called. Which of the following forms of Bluetooth hacking was most likely used to attack his phone?
Bluebugging
HTTP headers can contain hidden parameters such as user-agent, host headers, accept, and referrer. Which of the following tool could you use to discover hidden parameters?
Burp Suite
You are a cybersecurity specialist. ACME, Inc. has hired you to install and configure their wireless network. As part of your installation, you have decided to use Wi-Fi Protected Access 2 (WPA2) security on all of your wireless access points. You want to ensure that the highest level of security is used. Which of the following encryption protocols should you use to provide the highest level of security?
CCMP
Frank wants to do a penetration test. He is looking for a tool that checks for vulnerabilities in web applications, network systems, wireless networks, mobile devices, and defense systems such as IDS or IPS. Which of the following tools would you recommend to him?
COREImpact Pro
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used?
Chosen plain text
Daphne has determined that she has malware on her Linux machine. She prefers to only use open-source software. Which anti-malware software should she use?
ClamAV
Jose, a medical doctor, has a mobile device that contains sensitive patient information. He is concerned about unauthorized access to the data if the device is lost or stolen. Which of the following are the best options for preventing this from happening? (Select two.)
Configure the device to remotely wipe as soon as it is reported lost. Configure the device to wipe after a number of failed login attempts.
Which of the following is considered an out-of-band distribution method for private key encryption?
Copying the key to a USB drive.
An attacker is attempting to determine whether a system is a honeypot. Which of the following actions should the attacker take?
Craft a malicious probe packet to scan for services.
Joelle, an app developer, created an app using two-factor authentication (2FA) and requires strong user passwords. Which of the following IoT security challenges is she trying to overcome?
Default, weak, and hardcoded credentials
Robin, an IT technician, has implemented identification and detection techniques based on the ability to distinguish legitimate traffic from illegitimate traffic over the network. Which of the following is he trying to achieve?
Defend the network against IDS evasions.
Anabel purchased a smart speaker. She connected it to all the smart devices in her home. Which of the following communication models is she using?
Device-to-device
Which of the following encryption tools would prevent a user from reading a file that they did not create and does not require you to encrypt an entire drive?
EFS
Which of the following is the best defense against cloud account and service traffic hijacking?
Find and fix software flaws continuously, use strong passwords, and use encryption.
Which of the following is the process of determining the configuration of ACLs by sending a firewall TCP and UDP packets?
Firewalking
You are working on firewall evasion countermeasures and are specifically looking for a tool to expose TTL vulnerabilities. Which of the following tools would you use?
Firewalking Firewalking is the process of probing a firewall to determine the configuration of ACLs by sending it TCP and UDP packets.
James, a penetration tester, uses nmap to locate mobile devices attached to a network. Which of the following mobile device penetration testing stages is being implemented?
Footprinting
A hacker has discovered UDP protocol weaknesses on a target system. The hacker attempts to send large numbers of UDP packets from a system with a spoofed IP address, which broadcasts out to the network in an attempt to flood the target system with an overwhelming amount of UDP responses. Which of the following DoS attacks is the hacker attempting to use?
Fraggle attack
Which of the following uses on-the-fly encryption, meaning the data is automatically encrypted immediately before it is saved and decrypted immediately after it is loaded?
VeraCrypt
Which of the following explains why web servers are often targeted by attackers?
Web servers provide an easily found, publicly accessible entrance to a network that users are encouraged to enter into and browse.
You are analyzing the web applications in your company and have newly discovered vulnerabilities. You want to launch a denial-of-service (DoS) attack against the web server. Which of the following tools would you most likely use?
WebInspect
Which of the following actions was performed using the WinDump command line sniffer?
Wrote packet capture files from interface 1 into mycap.pcap.
During a penetration test, Omar found unpredicted responses from an application. Which of the following tools was he most likely using while assessing the network?
beSTORM
Jin, a penetration tester, was hired to perform a black box penetration test. He decides to test their firewall. Which of the following techniques should he use first?
footprinting
Which of the following Bluetooth discovery tool commands will show the Bluetooth MAC address, clock offset, and class of each discovered device?
hcitool inq
Ports that show a particular service running but deny a three-way handshake connection indicate the potential presence of which of the following?
honeypot
Which type of cryptanalysis method is based on substitution-permutation networks?
integral
Daphne suspects a Trojan horse is installed on her system. She wants to check all active network connections to see which programs are making connections and the FQDN of where those programs are connecting to. Which command will allow her to do this?
netstat -f -b
When it comes to obfuscation mechanisms, nmap has the ability to generate decoys, meaning that detection of the actual scanning system becomes much more difficult. Which of the following is the proper nmap command?
nmap -D RND:10 target_IP_address
Which of the following Bluetooth configuration and discovery tools can be used to check which services are made available by a specific device and can work when the device is not discoverable, but is still nearby?
sdptool
Which of the following Bluetooth discovery tools will produce the output shown below?
sdptool
Which of the following mobile security concerns is characterized by malicious code that specifically targets mobile devices?
Malicious websites
Which of the following is another name for the signature-based detection method?
Misuse detection
An older technique for defeating honeypots is to use tarpits, which sometimes operate at different levels of the OSI model, depending on their function. Which of the following layers of the OSI model do tarpits work at?
OSI layers 2 (DataLink), 4 (Transport), and 7 (Application) explain Layer 7 (Application layer) tarpits act as security entities and are designed to respond to incoming packet requests slowly. Layer 4 (Transport layer) tarpits use the TCP/IP stack and slow the spread of worms, backdoors, and other attacks. Layer 2 (Data Link layer) tarpits can discover an attack from the same network and the same MAC address for multiple IP addresses.
Using Wireshark, you have used a filter to help capture only the desired types of packets. Using the information shown in the image, which of the following best describes the effects of using the net 192.168.0.0 filter?
Only packets with either a source or destination address on the 192.168.0.0 network are captured.
Which of the following best describes a proxy server?
Operates at Layer 7 (Application) of the OSI model.
Which of the following best describes a reverse proxy method for protecting a system from a DoS attack?
Redirects all traffic before it is forwarded to a server, so the redirected system takes the impact.
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
Registration authority
Which of the following is the most frequently used symmetric key stream cipher?
Ron's Cipher v4 (RC4)
Linda, an Android user, wants to remove unwanted applications (bloatware) that are pre-installed on her device. Which of the following actions must she take?
Root the Android device.
Part of a penetration test is checking for malware vulnerabilities. During this process, the penetration tester will need to manually check many different areas of the system. After these checks have been completed, which of the following is the next step?
Run anti-malware scans
Which of the following cloud computing service models delivers software applications to a client either over the Internet or on a local area network?
SaaS
Upload bombing and poison null byte attacks are designed to target which of the following web application vulnerabilities?
Scripting errors
Which of the following footprinting methods would you use to scan a web server to find ports that the web server is using for various services?
Service discovery Explanation Service discovery is a method of scanning a web server to find ports that are being used by services. These services can be used as pathways for application hacking.
If an attacker's intent is to discover and then use sensitive data like passwords, session cookies, and other security configurations such as UDDI, SOAP, and WSDL, which of the following cloud computing attacks is he using?
Service hijacking through network sniffing.
It is important to be prepared for a DoS attack. These attacks are becoming more common. Which of the following best describes the response you should take for a service degradation?
Services can be set to throttle or even shut down.
Your network administrator has set up training for all the users regarding clicking on links in emails or instant messages. Which of the following is your network administrator attempting to prevent?
Session fixation
Which of the following tools can be used to create botnets?
Shark, PlugBot, and Poison Ivy
Your network administrator is configuring settings so the switch shuts down a port when the max number of MAC addresses is reached. What is the network administrator taking countermeasures against?
Sniffing
Julie is looking for a honeypot detection tool that is capable of packet manipulation. Which of the following tools should she use?
Snort inline
Which of the following forms of cryptography is best suited for bulk encryption because of its speed?
Symmetric cryptography
IP address spoofing, fragmentation attacks, using proxy servers, ICMP tunneling, and ACK tunneling are all examples of which of the following firewall penetration testing techniques?
TCP packet filtering
Donna is configuring the encryption settings on her email server. She is given a choice of encryption protocols and has been instructed to use the protocol that has the most improvements. Which of the following cryptographic protocols should she choose?
TLS
You are configuring a wireless access point and are presented with the image shown below. Which of the following is the most correct statement regarding the access point's configuration?
The Host Name is what the users see in the list of available networks when they connect to the access point.
Which of the following best explains why brute force attacks are always successful?
They test every possible valid combination.
The ACME company has decided to implement wireless technology to help improve the productivity of their employees. As the cybersecurity specialist for this company, you have the responsibility of seeing that the wireless network is as secure as possible. Which of the following best describes one of the first countermeasures that should be used to ensure wireless security?
Use a Wi-Fi predictive planning tool to determine where to place your access points.
You are on a Windows system. You receive an alert that a file named MyFile.txt.exe had been found. Which of the following could this indicate?
Host-based IDS
Patrick is planning a penetration test for a client. As part of this test, he will perform a phishing attack. He needs to create a virus to distribute through email and run a custom script that will let him track who has run the virus. Which of the following programs will allow him to create this virus?
JPS
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text?
Known plain text
The SQL injection methodology has four parts. Which of the following parts is similar to playing the game 20 questions?
Launch a SQL attack
Ann has a corner office that looks out on a patio that is frequently occupied by tourists. She likes the convenience of her Bluetooth headset paired to her smartphone, but is concerned that her conversations could be intercepted by an attacker sitting on the patio. Which of the following countermeasures would be the most effective for protecting her conversations?
Lower the Bluetooth power setting on the smartphone and headset.
