CSIA 320 Ethical Hacking

Ace your homework & exams now with Quizwiz!

Of the two protocols discussed which is more difficult to scan for?

UDP

Web applications are used to ______________.

allow dynamic content

_____________________ is the point at which an attacker starts to plan his or her attack.

analyzing the results

An attacker can use a ___________________ to return to a system.

backdoor

Which of the following best describes the role of IP?

best effort at delivery

A hacker with computing skills and expertise to launch harmful attacks on computer networks and uses those skills illegally is best described as a _______________________.

black-hat hacker

Sniffers can be used to:

capture information

______________ dictates the performance of a wireless network.

clients, interference, and access points

The sixth step in the hacking process is _____________________.

covering tracks

A ________________ is a file used to store passwords.

database

The third step in the hacking process is __________________.

enumeration

The fifth step in the hacking process is _______________________.

escalation of privilege

When hackers talk about standards of behavior and moral issues of right and wrong, what are they referring to?

ethics

The first step in the hacking process is _______________.

footprinting

What is the Network Layer of the OSI Reference Model responsible for?

formatting the data

____________________ is a popular though easily detectable scanning technique.

full connect

A __________ is used to store a password.

hash

Browsers do not display _________________.

hidden fields

___________________ is used to overwhelm a service.

hijacking

Which of the following is the best description of the INTITLE tag?

instructs Google to search for a term within the title of a document

What is the core of the Linux operating system?

kernel

Which of the following makes UDP harder to scan for?

lack of startup and shutdown

Which of the following best describes how ICMP is used?

logical errors and diagnostics

Which command is used to list the files and subdirectories in a given location?

ls

Which command is used to create new directories?

mkdir

What is a security vulnerability found in RIP?

no authentication

Which of the following is an example of a passive fingerprinting tool?

p0f

What is the best description of footprinting?

passive information gathering

What technique is used when traffic is captured on a network with hubs?

passive sniffing

A _______________________ is used to reveal passwords.

password cracker

Which of the following is not typically a web resource used to footprint a company?

phonebooks

The most common type of ICMP message is ___________________.

ping

The seventh and final step in the hacking process is _____________________.

planting backdoors

________________________ involves increasing access on a system.

privilege escalation

Which of the following challenges can be solved by firewalls?

protection against scanning

Which of the following is the best example of passive information gathering?

reviewing job listings posted by the targeted company

Which command can be used to remove a file or folder?

rm

A ______________________ replaces and alters system files changing the way a system behaves at a fundamental level.

rootkit

The second step of the hacking process is ___________________.

scanning

How is the practice of tricking employees into revealing sensitive data about their computer system or infrastructure best described?

social engineering

________________ is used to fake a MAC address.

spoofing

Which of the following is NOT an attribute of OSPF?

subject to route poisoning

What type of device can have its memory filled up when MAC flooding is used?

switch

The fourth step in the hacking process is ___________________.

system hacking

_____________________ is the process of exploiting services on a system.

system hacking

You need to determine the path to a specific IP address. Which of the following tools is the best to use?

traceroute

What can enumeration discover?

user accounts

A security exposure in an operating system or application software component is called a ______________________.

vulnerability

It is most important to obtain _______________________ before beginning a penetration test.

written authorization

Which of the following switches is used for an ACK scan?

-sA

Which of the following is the Nmap command line switch for a full connect port scan?

-sT

You have been asked to perform a port scan for POP3. Which port will you scan for?

110

______________ operates at 5GHz.

802.11a

_______________ runs completely from removable media.

A Live CD

In Linux, you issue commands from a command line using which of the following?

A terminal window

Which of the following statements is most correct? A. Active fingerprinting tools inject packets into the network B. Passive fingerprinting tools inject traffic into the network C. Nmap can be used for passive fingerprinting D. Passive fingerprinting tools do not require network traffic to fingerprint an operating system

A. Active fingerprinting tools inject packets into the network

If you need to find a domain that is located in Canada the best RIR to check first would be __________________.

ARIN

___________________ are scripting languages (select two)

ActiveX and CGI

What is another way used to describe Ethernet? A. Collision detection B. Sends traffic to all nodes on a hub C. CSMA/CD D. All of the above

All of the above

Several APs group together to form a _____________.

BSS

If a penetration test team does not have anything more than a list of IP addresses of the organization's network, what type of test are the penetration testers conducting?

Black Box

______________ is a short-range wireless technology.

Bluetooth

_______________ uses trusted devices.

Bluetooth

How are brute force attacks performed?

By trying all possible combinations of characters

Hackers may justify their actions based on which of the following: A. All information should be free B. Access to computers and their data should be unlimited C. Writing viruses, malware, or other code is not a crime D. Any of the above

D. Any of the above

If you were looking for information about a company's financial history, you would want to check the __________________ database.

EDGAR

A database can be a victim of source code exploits.

FALSE

An ad hoc network scales well in production environments.

FALSE

Botnets are used to bypass the functionality of a switch.

FALSE

Enumeration discovers which ports are open.

FALSE

Input validation is a result of SQL injections.

FALSE

Ping scanning does not identify open ports.

FALSE

SNMP uses encryption and is therefore a secure program.

FALSE

Session hijacking is used to capture traffic.

FALSE

TCP and UDP both use flags.

FALSE

The command mv is used to remove empty directories.

FALSE

The command used to display where you are in the file system is cd.

FALSE

The stability of a web server does not depend on the operating system.

FALSE

Wireless refers to all the technologies that make up 802.11.

FALSE

Which type of network requires an AP?

Infrastructure

Which of the following is a desktop interface for Linux?

KDE

_______________ blocks systems based on physical address.

MAC filtering

___________________ is used to flood a switch with bogus MAC addresses.

MAC flooding

__________________ is used to audit databases.

NGSSquirreL

Which of the following is not a network mapping tool?

Netstat

The process of determining the underlying version of the system program being used is best described as __________________________.

OS fingerprinting

Which of the following statements most closely expresses the difference in routing and routable protocols?

OSPF is a routing protocol whereas IP is a routable protocol.

Which of the following represents a valid ethical hacking test methodology?

OSSTMM (Open Source Security Testing Methodology Manual)

You have been asked to look up a domain that is located in Europe. Which RIR should you examine first?

RIPE

A ___________________ is an offline attack.

Rainbow attack

The individual responsible for releasing what is considered to be the first Internet worm was __________________.

Robert T. Morris, Jr.

_________________ can be caused by the exploitation of defects and code.

SQL injection

Which of the following is used to identify a wireless network?

SSID

An XMAS tree scan sets all of the following flags except __________________.

SYN

A DoS attack is meant to deny a service from legitimate usage.

TRUE

A NULL session is used to attack to Windows remotely.

TRUE

Active sniffing is used when switches are present.

TRUE

During the footprinting process social networking sites can be used to find out about employees and look for technology policies and practices.

TRUE

Session hijacking is used to take over an authenticated session.

TRUE

The command mv is designed to move files.

TRUE


Related study sets

~SPC2608~Final Exam: chpts 11-19

View Set

Foundational Physical Assessment Exam. 2

View Set