Ethical Hacking Test 2
Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later?
Common Internet File System
What advanced port-scanning tool can allow a security tester to bypass filtering devices by injecting crafted or otherwise modified IP-packets into a network?
Hping
What open source port-scanning tool is considered to be the standard port-scanning tool for security professionals?
NMap
Attackers typically use ACK scans to get past a firewall or other filtering devices.
True
Which of the following is a Window's client/server technology designed to manage patching and updating systems software from the network?
WSUS
Which statement is where the script performs its main task?
do
What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?
domain controllers
Port scanning is a method of finding out which services a host computer offers.
true
What type of Windows Server is the most likely server to be targeted by a computer hacker?
Domain Controller
What enumeration tool is extremely useful when working with Windows NT, 2000, and Windows XP systems?
DumpSec
What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and the Apple iPhone OS?
Java-based
Which of the following protocols does NetBios use to access a network resource?
NetBEUI
The computer names you assign to Windows systems are called which of the following?
NetBIOS
Which of the following is a Windows programming interface that allows computers to communicate across a local area network (LAN)?
NetBIOS
What does the "NBT" part of "NBTscan" stand for?
NetBIOS over TCP/IP
Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?
RPC
Closed ports respond to a NULL scan with what type of packet?
RST
Which of the following systems should be used when equipment monitoring and automation is critical?
SCADA
In a normal TCP session, the sender sends a packet to another computer with which of the following flags set?
SYN flag
Which of the following is an open-source implementation of CIFS?
Samba
What feature implemented in Windows 8.1 prevents the execution of non-trusted boot content, preventing rootkits?
SecureBoot
SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?
TCP/IP
When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource?
User-level security
Which of the following if often found within an embedded OS that can cause a potential vulnerability to an attack?
Web server
What feature implemented in Windows Server 2016 allows for application isolation to protect applications from one another?
Windows Containers
What type of port scan has the FIN, PSH, and URG flags set?
XMAS scan
SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following?
air gap
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
apt-get
What process allows a security professional to extract valuable information, such as information about users and recent login times from a network?
enumeration
Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?
firmware
When security professionals create a packet, they may choose to specifically set which of the following fields to help initiate a response from a target computer?
flag
If an attacker decides to implement a less obvious port-scan, or stealth attack, which of the following techniques would be appropriate to make their activities more difficult to detect?
limit their scan speeds
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
no ACL support
What type of unauthenticated connection is considered to be a significant vulnerability of NetBIOS systems?
null session
Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?
router
NBTscan is a utility that can be used for enumerating Windows OSs.
true
Rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs.
true
The MSBA tool can quickly identify missing patches and misconfigurations.
true
In an ACK scan, if the attacked port returns an RST packet the attacked port is considered to be operating in what state?
unfiltered
When writing a script which statement allows you to avoid creating an endless loop in your script?
while
Red Hat and Fedora Linux use what command to update and manage their RPM packages?
yum
What version of Windows Server has completely eliminated the option for telnet server?
Windows Server 2016
In any *NIX system, after saving a script named "script_name," you need to make it executable so that you can run it. Which command will accomplish this task from the command line?
chmod +x script_name
Which of the following describes a flexible program that automates a task that takes too much time to perform manually?
customized script
SNMPWalk is a tool useful in enumerating hosts running SNMP with what type of configuration?
default
All of the enumeration techniques that work with older Windows OSs still work with Windows Server 2012.
false
In a NULL scan, all packet flags are turned on.
false
What critical component of any OS, that can be can be vulnerable to attacks, is used to store and manage information?
file system
To determine what resources or shares are on a network, security testers must use port scanning and what other procedure first to determine what OS is being used?
footprinting
To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to perform what procedure on a range of IP addresses?
ping
Which of the following describes a text file containing multiple commands that would usually be entered manually at the command prompt?
script
If you do not have access to Nessus, what NMap procedure can be used to help you to gain information about remote *nix hosts?
script scanning
Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have.
true
In a Linux script, which of the lines is important because it identifies the file as a script?
#!/bin/sh
When using the text editor vim what command appends text after the insertion point?
A
Windows Server 2012 introduced what protection feature to prevent pass-the-hash attacks?
Authentication Silos
What type of malicious code could be installed in a system's flash memory to allow an attacker to access the system at a later date?
BIOS-based rootkit
What programming languages are vulnerable to buffer overflow attacks?
C and C++
For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?
CIFS
Which Windows 10 feature uses virtualization to protect access tokens from theft by attackers?
Credential Guard
Which vi command deletes the current line?
Dd
When a TCP three-way handshake ends, both parties send what type of packet to end the connection?
FIN
Which of the following is a useful enumeration tool that enables you to find out who is logged into a *nix system with one simple command?
Finger utility
What network security tool, usually included with Kali Linux, allows a user to ping multiple IP addresses?
Fping
Which of the following is an excellent GUI tool for managing Windows OSs and is capable of displaying graphical representations of several areas?
Hyena
To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?
MBSA
A device that performs more than one function, such as printing and faxing is called which of the following?
MFD
Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?
Mandatory Access Control
What is the current file system that Windows utilizes that has strong security features?
NTFS
Which of the following commands is a powerful enumeration tool included with Windows?
Nbtstat
The open-source descendant of Nessus is called which of the following?
OpenVAS
What open-source network utility allows you to use plug-ins to run test programs (scripts) that can be selected from the client interface?
OpenVAS
Which of the following Window's utilities includes a suite of tools to help administrators deploy and manage servers and even allows for administrators to control mobile devices running Android, iOS, and Windows Mobile OS?
SCCM
Which on of the following is an older network management service that is useful for network administrators that want to view system statistics, version numbers, and other detailed host information remotely?
SNMP
What upper-level service is required to utilize file and printer sharing in Windows?
Server Message Block
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?
Share-level security
Which of the following is considered to be the most critical SQL vulnerability?
null SA password
What boot loader will allow your computer or laptop to start in both Windows and Linux?
GRUB
Which of the following is a common Linux rootkit?
Linux Rootkit 5
Which of the following commands gives you a quick way to see if there are any shared resources on a computer or server?
Net view
A well documented Window's OS vulnerability was null sessions. What Windows operating system was the first to disable null sessions by default?
Windows Server 2003
Early Windows OSs used which of the following programs loaded into memory to interact with a network resource or device?
NetBIOS
