Security+ Review Quiz 23
What is the function of the Linux chmod command? 1. Changes file/directory access permissions 2. Moves or renames files 3. Changes file owner and group permissions 4. Compares the contents of two files or sets of files
1. Changes file/directory access permissions
Which of the following answers refers to an anti-malware tool that enables automated analysis of suspicious files in a sandbox environment? 1. Cuckoo 2. FTK imager 3. WinHex 4. Metasploit
1. Cuckoo
What is Metasploit? 1. Exploitation framework 2. Data sanitization tool 3. Password cracker 4. Packet-crafting utility
1. Exploitation framework
A globally accessible knowledge base of Adversary Tactics, Techniques, and Procedures (TTPs) based on observations from real-world attacks is known as: 1. MITRE ATT&CK 2. The Diamond Model of Intrusion Analysis 3. Cyber Kill Chain
1. MITRE ATT&CK
Which of the following forensic utilities enables the extraction of RAM contents? 1. Memdump 2. WinHex 3. FTK imager 4. Autopsy
1. Memdump
One of the ways to prevent data recovery from a hard drive is to overwrite its contents. The data overwriting technique is used by drive wipe utilities which might employ different methods (including multiple overwriting rounds) to decrease the likelihood of data retrieval. As an example, a disk sanitization utility might overwrite the data on the drive with the value of one in the first pass, change that value to zero in the second pass, and finally perform five more passes, overwriting the contents with random characters (the Schneier method). 1. True 2. False
1. True
Which of the following commands in Linux displays the last part (by default its 10 last lines) of a file? 1. tail 2. read 3. file 4. printf
1. tail
Which of the following is a Command-Line Interface (CLI) packet-capturing tool used in Unix-like operating systems? 1. tcpdump 2. WireShark 3. theHarvester 4. Tcpreplay
1. tcpdump
Which of the following answers refers to a tool for creating forensic images of computer data? 1. diskpart 2. FTK imager 3. fsutil 4. Autopsy
2. FTK imager
Examples of password-cracking utilities include: (Select 2 answers) 1. Nessus 2. John the Ripper 3. Cuckoo 4. Cain & Abel 5. OpenVAS
2. John the Ripper 4. Cain & Abel
Which of the following tools enables sending custom packets that can be used to evaluate the security of a network device? 1. WireShark 2. Tcpreplay 3. tcpdump 4. theHarvester
2. Tcpreplay
Which of the following answers refers to a methodology framework for intrusion analysis developed by U.S. government intelligence community? 1. MITRE ATT&CK 2. The Diamond Model of Intrusion Analysis 3. Cyber Kill Chain
2. The Diamond Model of Intrusion Analysis
A type of extended command-line shell and a scripting language designed to simplify administrative tasks in Microsoft Windows is known as: 1. Command Prompt 2. Windows PowerShell 3. Microsoft Management Console (MMC) 4. Windows Terminal
2. Windows PowerShell
Which of the following answers refers to an advanced cross-platform packet-capturing tool equipped with a Graphical User Interface (GUI)? 1. theHarvester 2. WireShark 3. tcpdump 4. Tcpreplay
2. WireShark
Which of the following commands enables adding messages to the /var/log/syslog file in Linux? 1. paste 2. logger 3. write 4. printf
2. logger
Which of the following answers refers to an open-source forensics platform that allows to examine the contents of a hard drive or mobile device and recover evidence from it? 1. Memdump 2. FTK imager 3. Autopsy 4. Metasploit
3. Autopsy
Which of the following answers refers to a 7-step military model adopted by Lockheed Martin to identify the phases of a cyberattack? 1. MITRE ATT&CK 2. The Diamond Model of Intrusion Analysis 3. Cyber Kill Chain
3. Cyber Kill Chain
Which of the following answers refers to a software library used to implement encrypted connections? 1. SDK 2. DNSSEC 3. OpenSSL 4. DLL
3. OpenSSL
Which of the following answers refers to a Command-Line Interface (CLI) packet-crafting tool? 1. tcpdump 2. theHarvester 3. Tcpreplay 4. WireShark
3. Tcpreplay
A Linux command-line utility that can be used in the forensic process for creating and copying image files is called: 1. fsutil 2. diskpart 3. dd 4. format
3. dd
A Linux command that allows to display the beginning of a file (by default its first 10 lines) is known as: 1. read 2. printf 3. head 4. echo
3. head
Which of the following answers refers to a cross-platform, general-purpose programming language? 1. PowerShell 2. Visual Basic 3. MVPL 4. Python
4. Python
Which of the following answers refers to a multi-function disk and binary data editor used for low-level data processing, data recovery, and digital forensics? 1. WinDump 2. Autopsy 3. Memdump 4. WinHex
4. WinHex
A Linux command that allows to create, view, and concatenate files is called: 1. echo 2. concat 3. printf 4. cat
4. cat
A Linux command-line command that enables searching files for lines containing a match to a given text pattern is called: 1. rm 2. chmod 3. find 4. grep
4. grep
