Chapter 8 Quiz Ethical Hacking
For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems? CIFS
a. NetBEUI b. NetBIOS c. CIFS d. SMB
Which of the following protocols does NetBios use to access a network resource? a. NetBEUI
a. NetBEUI b. NetBT c. NBT d. SMB
Red Hat and Fedora Linux use what command to update and manage their RPM packages? a. yum
a. yum b. dir c. get d. apt-get
A systems administrator is trying to harden an externally facing DNS server and wants to disable every port except for DNS. Which port should they leave open? 53 UDP
a. 445 TCP b. 53 UDP c. 3389 TCP d. 1025-1039 TCP/UDP
A security administrator just scanned the network for vulnerabilities using Nessus and has produced a report to the administrators. Which of the following Window's client/server technology should they use to manage patching and updating systems software from the network? WSUS
a. AUS b. Automatic Update c. WSUS d. Patch Management Server
What programming languages are most susceptible to buffer overflow attacks? C and C++
a. Assembly and C++ b. Perl and Python c. C and C++ d. C and Python
When using the Common Internet File System (CIFS), which security model will require network users to have a username and password to access a specific resource? c. User-level security
a. Basic authentication b. SMB security c. User-level security d. Share-level security
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share? Share-level security
a. Basic authentication b. User-level security c. Share-level security d. NT level security
A systems administrator has been asked by the vulnerability manager to harden several external facing web servers. What would an example of hardening be? Disable telnet
a. Disable telnet b. Firewall on port 443 c. Perform a vulnerability scan d. Monitor logs
Which of the following is an open-source implementation of CIFS? Samba
a. GCIF b. Samba c. OpenCIFS d. GNUCIF
A security analyst is reviewing assembly code in memory. Early Windows OSs used which of the following programs to interact with a network resource or device?
a. IPX/SPX b. NetBIOS c. Microsoft RPC d.
A user is looking at SMB traffic which is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following? TCP/IP
a. IPX/SPX b. TCP/IP c. CIFS d. Winsock
Which of the following is a common Linux rootkit? Linux Rootkit 5
a. Linux Rootkit 5 b. Back Orifice c. Kill Trojans d. Packet Storm Security
Which of the following operating systems is considered the most secure? None of these are more secure than the others
a. None of these are more secure than the others b. Android c. Linux d. Windows
Which of the following is considered to be the most critical SQL vulnerability? Null SA password
a. Null SA password b. Null SA hash c. SQL scanning d. SQL password
What does a Windows environment use to locate resources in a domain containing thousands or even millions of objects? GC
a. RPC b. Null session c. GC d. CIFS
Which of the following is a function of a trojan? Remote administration
a. Remote administration b. Baseline services c. Buffer overflow d. Authentication
Which of the following Windows utilities includes a suite of tools to help administrators deploy and manage servers and even allows for administrators to control mobile devices running Android, iOS, and Windows Mobile OS? SCCM
a. SCCM b. WSUS c. AUS d. SMS
Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users? Mandatory Access Control
a. SE Access Control b. Mandatory Control c. Mandatory Access Control d. Access ControL
A penetration tester is trying to authenticate a user account which contains most of the information that attackers want to access. Which of the following should they target? Domain controllers
a. SMB controllers b. CIFS servers c. Domain controllers d. File servers
A Linux Security administrator wants to use a built in tool to implement an OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users. c. SELinux
a. Samba b. MBSA c. SELinux d. Nessus
NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following? Backward compatibility
a. Virus scanning b. Windows upgrades c. RPC d. Backward compatibility
Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later? Common Internet File System
a. Windows On-line File System b. Windows Help File c. Microsoft Knowledge System d. Common Internet File System
Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host? RPC
a. Winsock b. NetBEUI c. NetBIOS d. RPC
A vulnerability manager shows a report on Debian applications which are susceptible to a buffer overflow attack. What command will update and manage their RPM packages? apt-get
a. dir b. apt-get c. get d. yum
A security analyst suspects that a machine was recently compromised after a user has been navigating to several suspicious sites. What tool could the administrator use to find files that were downloaded from the internet? dir /r
a. dir /r b. https://localhost:8834 c. Nbtstat d. apt-get
A vulnerability manager is trying to get a Linux team manager's buy in for patching systems. They know that if they can convince the manager of the importance, there will not be nearly as much pushback. They want to demonstrate exploiting a server, so they make a copy of one of the server images and put it on a standalone instance for demonstration. Where could they look for active exploits? Exploit-db.com
a. www.kb.cert.org/vuls b. www.cve.mitre.org c. https://msrc.microsoft.com/ d. Exploit-db.com
Which of the following commands should an attacker use to enumerate anonymous SMB access?
a. b. Ping c. Net view d. Telnet
What is the current file system that Windows utilizes that has strong security features? NTFS
a. ADS b. NTFS c. FAT d. FAT32
How should a security analyst review system generated events for signs of intrusion or other problems on the network? Log monitoring tool
a. Log monitoring tool b. Event Viewer c. Nessus d. SCCM
An attacker has successfully compromised a user's workstation, but they want to try to trick an administrator into connecting to a user's share drive in order to intercept the credentials. What tool should they use to accomplish this objective? SMBRelay
a. Nessus b. SMBRelay c. Tripwire d. OpenVAS
What critical component of any OS, that can be vulnerable to attacks, is used to store and manage information? File system
a. NetBIOS b. WSUS c. File system d. SQL database
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system? No ACL support
a. No ACL support b. No Linux support c. No WSUS support d. No SMTP support
Which of the following is not a common tactic employed by trojans? Maintain a list of hashes to check files against
a. Remote administration b. Maintain a list of hashes to check files against c. Destroy all data d. Encrypt users' data
Which of the following is not a best practice in regards to password policies? Common words
a. Rotation b. Complexity c. Common words d. Minimum length
A Linux administrator wants to share files between Windows and Linux servers. What protocol should they use? a. Samba
a. Samba b. CIFS c. SMBv3 d. NetBIOS