BUS-S 535
Message
Application
Permission
Before starting any penetration test, what must you always obtain?
UDP/53
DNS
Frames
Data Link
Availability
Data destruction is an attack on what part of the CIA triad?
False
Footprinting is the first phase in which target systems are actively engaged.
netstat
From the labs, what command is used to view network connections on a host?
TCP/443
HTTPS
False
IPSec is primarily used to encrypt data while "at-rest" (e.g. storage).
man
In Linux, if the syntax for a command is unknown, what command can be used to get additional guidance within the terminal?
/etc/shadow
In Linux, what file stores users encrypted passwords?
root
In a linux terminal, you see the following prompt. What type of account is currently in use? myLinuxPrompt#
TCP-UDP/389
LDAP
Packets
Network
Vulnerability scanner
OpenVAS is what type of tool?
Bits
Physical
TCP/445
SMB
TCP/22
SSH
True
Scapy can be used to execute denial of service attacks.
False
Scapy can only craft ICMP packets.
URG, ACK,SYN, PSH
Select all valid TCP flags.
Pass, Reject, Block
Select the three possible actions for a pfSense firewall rule.
Public, Private
Select the two keys that are involved with asymmetric cryptography.
TCP/23
Telnet
False
The Samba suite is only available for Linux servers/clients.
Segment
Transport
Firewall
What device is implemented on a network to control network traffic access based on security rulesets?
Common Vulnerabilities and Exposures
What does CVE stand for?
Common Vulnerability Scoring System
What does CVSS stand for?
ifconfig
What is the command in Linux/Unix to show network interface connections?
adduser username
What is the linux command to add a new user?
Scanning for vulnerabilities
What is the primary purpose of OpenVAS?
Password recovery
What is the primary use for the tool, hashcat?
1-1023
What is the range of ports is reserved for well-known services?
Creating encrypted volumes
What is the tool, VeraCrypt, used for?
cewl
What linux tool/command can be used to generate a wordlist that mimics a server's password policy?
SSL
What security mechanism is commonly used to secure HTTPS communications?
wordlist
What term is used to describe a dictionary of passwords used during password cracking efforts?
SYN
Which TCP flag is set in the first packet when connecting to a server?
Confidentiality
Which element of the CIA triad is the primary goal of encryption?
Network host discovery
Which of the following actions would not be taken during the enumeration phase?
sha1sum filename
Which of the following is a valid command (in Linux/Unix) to get the hash value of a file?
IMAP
Which of the following is an an Application layer protocol?
Server
Which of the following is not a category of scanning?
ACK-PSH
Which of the following is not a flag combination in the TCP three-way handshake?
Vulnerability identification
Which of the following is not a function of enum4linux?
Manage network assets
Which of the following is not a good reason to run real-time network monitoring software?
Critical
Which of the following is not a type of penetration test?
Host resolution
Which of the following is not a use of the tool, arpspoof?
Scanning
Which of the following is not an act of social engineering?
tcpdump
Which of the following network packet capturing tools is used via the CLI?
TCP/389
Which of the following protocol/port combinations is not part of the SMB reserved block of ports?
Crunch
Which of the following tools can be used to generate wordlists?
TCP/22
Which protocol/port is reserved for SSH traffic?
Footprinting, Scanning, Enumeration, System Hacking, Escalation of Privilege, Covering Tracks, Planting Backdoors
Which selection correctly states the phases of the Ethical Hacking Methodology in linear order?
nmap
Which tool is a commonly used command-line based network information gathering tool?
amap
Which tool is best suited to determine what application is listening on a given port?
True
Wireshark is limited to capturing one interface per application instance.
False
Wireshark provides clear insight into all network traffic data, regardless of traffic encryption levels.
False
Xplico is a network protocol analyzer.
Enumeration
You have just finished port scanning assets that you discovered in the first phase of the Ethical Hacking methodology. What is the next phase in which you will determine likely targets?
True
enum4linux can be used to determine server password policies.
