eh e1
What command can be used to check for the presence of an email username?
VRFY
Risk = Threats X _____
Vulnerabilities
Which program captures network traffic?
Wireshark
Why is it important to find the IP address when running a Nikto web server scan?
You need the IP address as part of the Nikto command to run the scan.
What does the MITRE ATT&CK repository provide?
a deep dive into the tactics and techniques used to infiltrate malware
Carmen combined available existing source code for a malware with additional new code to produce a revised code base. What has Carmen created?
a hybrid malware
"Automatically locking an account after, say, five unsuccessful logon attempts is often used to prevent _________ password cracking
active online
which tool would be best for Vscan nmap wireshark kali linux acunetix
acunetix
in the field of hacking, apt stands for
advance persistent threat
A(n) _____ is when a malicious actor gains access to a network, and remains undetected for weeks, months and even years
advanced persistent threat
Which type of malware is often seen as legitimate?
adware
When would you write code as a new polymorphic version of malware?
after modifying existing code in memory
Which of the folliwing is not an attack vector web pages email automobiles
all are attack vectors
Which of the following is NOT considered malware?
all are malware
which kali tool is used to provide a list of suitable exploits
amitage
How is BlackEnergy2 delivered?
as an encrypted payload from which a rootkit is installed by a decrypting dropper
Organizations seek to develop and employ good security practices to protect _____, which are tangible and intangible items that can be assigned a value.
assets
tangible or intangible items that can be assigned a value are
assets
Juanita is in charge of scanning for vulnerabilities at her job. Her manager wants her to check for outdated patches and listening ports. Juanita should use a(n) ___ scan
authenticated
A DoS attack refers to which basic tenet of information security
availability
Which of the following is NOT a recommended way to keep a smart home more secure?
avoid VPN's
which part of the command ""nmap -O -v 100.10.10.10 refers to operating system
-O
In Linux, the user ID and password are kept in the _____ file.
/etc/shadow
The well-known ports are in the range _____.
1-1023
The normal range of Bluetooth signals is about ________ meters
10
Let's encrypt requires that digital certificates be renewed every _____ days
180
Software viruses began in the ___________.
1970s
scanning is the ____ phase of ethical hacking
2nd
security policies should be reassessed about every _______ years
3 years
In 2017, about ______________ websites were hacked every day
30,000
About what % of companies have had their security compromised via mobile devices in 2020?
40%
About _________ of recently created Zoomdomains have characteristics of malware
5%
the dark web is estimated to be about ____ times larger than the public web
500
About __________ of global employees work from home at least once a week
70%
An HTTP tunnel it doesn't encapsulate within the HTTP protocol but sends contents over port _____.
80
Which wireless standard has the greatest bandwidth?
802.11n
Over ______ of data breaches are due to inadequate training in cybersecurity?
90%
A good way to prevent cross-site scripting in a web form is to prohibit the use of these symbols
<>
a good way to prevent XSS in a web form is to prohibit the use of these symbols
<>
A list of _____ is an example of personally identifiable information.
A complete name and their corresponding social security number
Which of these techniques redirects traffic to an attackers MAC address?
ARP poisoning
In defending against spyware, disable _____, which has been known to be a security risk for quite a while.
Active X
This is a suite of WLAN auditing tools
Aircrack-ng
Which of the following is NOT a Linux distribution?
All are
NTFS __________ can be used to store data in hidden files that are linked to a regular visible file.
Alternate Data Streaming (ADS)
How does a typical Sofacy attack start?
An exploit triggers a dropper to plant the malware onto a target.
Google _____ will allow you to do your own analytics that will help you get a picture of your web traffic and to see what your customers see.
Analytics
____ is a very powerful scanner that seeks out vulnerabilities, and once found will provide a list of suitable exploits.
Armitage
Which acronym refers to something that focuses heavily on cost?
BIA
Which can be applied to a switch on your network that will prevent spanning tree attacks?
BPDU Guard
The _____ group in the CVSS represents the basic qualities of a vulnerability that are constant over time and across user environments.
Base
Part of a vulnerability assessment is Fuzz Testing, which is a(n) _____ method that floods a system with input to discover errors and security gaps in systems and software.
Black Box
Which of the following is a password cracker used for Web applications?
Brutus
_____ attacks are denial of service attacks that shower the network with aggressive amounts of traffic to shut down a service.
Burst
Encryption applies to primarily which tenet of CIA triad
C
If a hacker is using a phone-based attack, he would probably first call the
CEO office
_____is a set of IT principles, provides a best practice framework designed to safeguard the privacy and security of company specific data to ensure value for its stakeholders.
COBIT is Control Objectives for Information and Related Technology used in IT governance and management.
_____ changes the DNS cache on the local name server to point to a bogus server.
Cache Poisoning
Which hacking tool is the swiss army knife of tools
Cain
_____ is used in business to help a company learn about its competitors in order to make better business decisions.
Competitive intelligence
Before leaving, the final phase of Ethical Hacking is to clean up any evidence or trace of any activity on that machine.
Covering Tracks
This type of attack involves many different attacking systems
DDoS
SYN flooding is usually part of ______________ attack
DDos
_____ is a set of security extensions for DNS that provides authentication mechanisms when dealing with DNS records.
DNSSec
_____ is used to test a DNS query and report the results.
Dig is native to Linux. If using Windows, you can use nslookup to test a DNS query.
With ICMP, a(n) _____ is used to test reachability
Echo request/echo reply
is one of the original methods to send malware, spam, and bogus links. It continues to improve in sophistication.
How can you reduce data exfiltration with mobile devices?
Ensure patches and software updates are applied regularly.
Enumeration occurs before scanning.
FALSE
Hping can create and send DNS and FTP packets to remote hosts and determine firewall rules
FALSE
MSRPC is a network protocol.
FALSE
Microsoft's RPC is a true implementation of DCE/RPC
FALSE
SNMP can only be used across a local area network
FALSE
Shodan is a real-time system check.
FALSE
In order to be totally in stealth mode, use the IDLE scan, which is an easy scan to use.
FALSE (hard to use)
'Vulnerability databases, such as CVE and NVD, are providing up-to-date info for organizations
False
A hacker prefers to cleartext in their scripting attacks
False
An IDS is most effective against new attacks?
False
Cybersecurity-as-a-Service is not yet recognized as an effective security tool
False
If you use a password manager totrac all you differant users ids and passwords, the password for the manager should be simple
False
It's usually easier to guess someones password than to guess the answers to security questions
False
Linux commands are not case sensitive
False
Netwitness Investigator is preferred over Wireshark for capturing network traffic.
False
One of the first things you should do when an incident has occurred is to power off the machine
False
Passive fingerprinting has a higher likelihood of detection.
False
Small databases installed by users do not pose a significant security risk
False
The command 'cd' in Linux means current directory
False
The sample security incident report in the lab advocates users should install their own preferred anti-virus software on their computers
False
Zero-click attacks are the most common form of cyber attacks
False
One IP addresses spoofing detection technique is called the "TCP Flow Control Method", which sends a SYN packet to what you perceive to be the attacker. It the IP address is spoofed, you will not receive a SYN-ACK.
Flow Control
A company's annual report on Edgar is called _____ and offers a thorough picture of a company's business
Form 10-K
Cookies help making browsing easier, yet some can be dangerous. _____ is a free download that blocks and cleans Google cookies and helps you to stay anonymous while searching online.
G-Zapper
With the knowledge of the vulnerabilities, this Ethical Hacking phase will launch an exploit, such as a web server attack including buffer overflows, or cross-site scripting (XSS).
Gaining Access
What was the first attempt to distribute a shareware virus construction kit?
GenVir
_____ Alerts will monitor the web for interesting new content and send you a notification.
_____ uses advanced operators and keywords that may possibly yield pages that contain sensitive information such as protected login screens
Google Hacking
In Linux, to erase the command history and set it back to zero so there's no trace you were in the system use the command: export _____.
HISTSIZE=0
To create a basic webpage, we can use _____. It's a simple language that was developed in 1990 and is used to created web pages and link content.
HTML
What is one way to minimize threats to operating system?
Hardening
What is the difference between a hardware firewall and a personal firewall?
Hardware firewalls are used as part of a router, while personal firewalls are usually software-based and are used on an endpoint.
Question 3 of 5 Eduardo works as a security professional at TechCo. Part of his job requires him to run vulnerability scans on Cisco applications. How can Eduardo find out CVE scores based on the vulnerabilities?
He can go to the National Vulnerability Database to find scores on a particular vulnerability.
which browser is more susceptible to malware
IE
How do indicators of compromise (IOCs) prevent malware attacks?
IOCs can be identified and shared among members of the computing community.
With a(n) _____ scan, the TCP header is split over several packets and makes it hard for packet filters and intrusion detection systems to detect a port scan.
IP Fragmentation
The _____ ensures the information is classified appropriately, and assigned the appropriate level of protection.
Information Owner
In a company, _____ is the software side that ensures data availability and drives business processes and decision-making. IT or IS
Information Systems not INFORMATION TECHNOLOGY
This is used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts.
Internet Control Message Protocol is used along side of IPv4 or IPv6 to test for reachability.
IDS stands for _____________ detection system
Intrusion
Why is most malware constructed from kits?
It lowers the cost of malware creation to basically nothing.
The _____________ security distribution for Linux contains open source security software packages.
Kali
Which linux distribution is used in Lab 8?
Kali
Juno is part of the security applications team at Wells Fargo, which tests Wells Fargo's web applications for vulnerabilities. Which operating system will Juno use to do his fuzz testing?
Kali Linux
When conducting Ethical Hacking, _____ provides you with nearly all tools for Penetration Testing.
Kali Linux
_____ is built into Active Directory and uses tickets to access services.
Kerberos
Because a _____ records ALL keystrokes, you can see a user name and password in plain text as someone types it into a form.
Keylogger
What protocol is used to authenticate a user in an organizational unit?
LDAP
SSH tunnels allows you to bypass a firewall that restricts certain Internet services. The most common type of SSH tunnel is _____ port forwarding
Local
Which of these techniques is an attack on a switch
MAC flooding
Where would you find the commonly used WMI classes documented?
MSDN
Which of the following is an OSINT Google Alerts MXtoolbox Maltego Edgar
Maltego
The first description of threat modeling was done at
Microsoft
Which tool is used to perform audits on databases?
NGSSQuirrel
Which of the following is used to conduct a vulnerability scan?
Nessus
The nbtscan tool uses what protocol?
NetBios
_____ tools is a graphical user interface utility for Windows that is used to help collect information on a network for assessing irregularities and vulnerabilities.
NetScan
While data mining or gathering intelligence, a(n) _____ tool is used to gather artifacts, consolidated from publicly available sources.
OSINT
A free and open software security site that provides information on vulnerabilities along with guidelines on best practices to secure web infrastructures.
OWASP
The _____ Routing or TOR is an open framework that encrypts and moves traffic within the network, and enables anonymous browsing
Onion
_____ is the set of widely accepted requirements to secure credit card transactions.
PCI DSS
Cybercriminals now offer complete phishing services to inexperienced hackers-- this is known as
PHaaS
Cutting a fiber optic backbone is an example of a _____ attack
Physical
What is used to query host to test for reachability?
Ping
The goal of _____ is to force an application into running with a higher security environment than intended by the designer
Privilege Escalation
"What technology can perform centralized authentication, authorization, and accounting of wireless networks?
RADIUS
This Ethical Hacking phase is about obtaining as much information about the target as possible.
Reconnaissance
In Windows, applications run in which Ring?
Ring 3
Which of the following poses the greatest threat to wireless security?
Rogue AP
_____ is software used to encrypt and hide text messages within images.
S-tools
Which acronym refers to a legal document
SLA
Proxy chaining is done to conceal your real IP address. Servers use _____, which provides authentication, so only authorized users can access a server.
SOCKS5
which law is designed to proect investors
SOX
Which of the following is related to user input into a web form?
SQL injection
Which type of web site security vulnerability is most closely related with databases
SQL injection
Which of the following protocols does not send information in the clear?
SSL
You can find templates to create policies that are free to use and will step you through the process at _____, a respected source for information security training
Sans
This Ethical Hacking phase maps the network, including the make and model of the devices, checking for listening services, learning the operating systems, and evidence of data being sent in clear text.
Scanning
In Microsoft, user's passwords are stored in the _____ database
Security Account Manager (SAM)
automates vulnerability management, to ensure compliance with PCI, FISMA, HIPAA, and SOX
Security Content Automation Protocol (SCAP)
_____ define how the assets are protected and a set of rules of conduct for anyone or anything that interacts with the assets.
Security policies
A(n) _____ record is an extension of the SMTP protocol and helps prevent spammers from forging the From fields in email messages.
Sender Policy Framework
The _____ is where the plan is passed on to become the policies procedures, controls and guidelines for expected behavior.
Senior Agency Information Security Officer
Which of the following is a tool for graphically mapping a network?
SolarWinds
Why does an anomaly detection system (ADS) typically result in a false positive detection?
Sometimes a stream of legitimate packets contains the same sequence of coding as the attack signature.
To search on an individual by using Public Records, White Pages listings, and Social Networking sites to find information, you should use _____.
Spokeo
Installing _____ on a phone allows you to monitor all types of activity, including: Text messages, social media posts, passwords, location, conversations, photos and videos, emails, and websites visited.
Spyware
what is required to transmit data over a network between two computers
Syn Ack Syn-Ack
Which of the following is NOT an example of something detected by NIDS
System software modifications
To make sure a DNS zone transfer is only with authorized servers, deny all inbound connection requests to _____.
TCP Port 53
A Trojan Horse is presented as a useful tool or utility through a free download, or bundled into a popular program. It can create a backdoor that allows your PC to be remotely controlled.
TRUE
Attacks can be active or passive against a network resource, with the hopes of exploiting a vulnerability to achieve some result such as denial of service, data interception, modification, or theft.
TRUE
If the source IP is spoofed, a reply cannot be returned to the sender
TRUE
Keyloggers are hard to detect since their very goal is to steal data without being discovered, and because data theft is at stake, can do more damage than a virus.
TRUE
Normal TCP traffic begins with a 3-way handshake. The first packet is a synchronization packet, which is used to synchronize sequence numbers.
TRUE
SMB and SAMBA are interoperable.
TRUE
There are many network mapping tools available for device and topology discovery. Some include GeoIP database from MaxMind to locate targets.
TRUE
Universal Plug and Play (UPnP) works by discovery and advertisements so that the network is aware of what services and devices are available.
TRUE
_____creates guidelines for US agencies to create and implement risk-based policies and procedures that provide security protection for data.
The Federal Information Security Management Act (FISMA), also requires periodic penetration testing on all systems and data.
Legislation that governs data privacy and security practices that safeguard all patient electronic protected health information (e-PHI) in U.S medical facilities.
The Health Insurance Portability and Accountability Act (HIPAA), is also called the Privacy Rule. Anyone who is in violation will face penalties.
Nolan is preparing a vulnerability assessment report for the IT team. Which type of vulnerability assessment report should he prepare?
The IT team should have an executive summary, along with technical details.
How do rootkits achieve persistence?
They insert code into the startup boot records.
Which type of malware is often installed when a user thinks he is downloading legitimate software?
Trojan
"AVG cannot scan compressed files such as *.zip files"
True
"In a planned hacking attack, footprinting occurs before port scanning."
True
A fault tolerance system should be implemented only if its cost is less than the cost of losing a service
True
A sniffer captures network traffic
True
All Linux distributions are open source
True
An incident response policy should be developed before procedures and guidelines
True
Anomaly detection involves observing network traffic in training mode
True
If security incident is suspected to be a crime, systems should not be shut down
True
One of the first things you should do when an incident has occurred is to disconnect the infected machine from the network.
True
Sniffing network traffic without permission is usually illegal
True
Zenmap is a GUI for Nmap
True
Zenmap is the GUI version of Nmap.
True
iOS does a better job of patch hygiene than Android
True
inSSIDer has more advanced features than NetStumbler
True
The two protocols used by ports are TCP and _________.
UDP
A "rubber ducky" is a _________ used by hackers
USB drive
_____ is a comprehensive data privacy law, that gives consumers control of their data and affects companies located in and outside the European Union.
Under the General Data Protection Regulation (GDPR), companies can face up to 4% of total global turnover if they breach the rules.
_____ threat management devices provide firewall functions, intrusion prevention, antivirus, data loss prevention along with content filtering.
Unified
Which group of the CVSS relects characteristics of a vulnerability that are constant over time and across user environment
base
A(n) _____ is a snapshot of network traffic during a particular window of time and can include utilization, network protocols, and latency issues.
baseline
Steganography can be detected by spotting an unusually large payload, or by observing image irregularities called _____ with the naked eye.
blocky artifacts
A _____ attack uses software to try every possible combination of characters and generate a massive amount of consecutive guesses in order to get the password.
brute force
Which of the following is not considered a 'nontechnical' password cracking attack?
brute-force
Nikto performs testing on web servers for a variety of vulnerabilities, such as outdated versions of servers, missing headers such as anti-_____ X-Frame-Options header, and dangerous files and CGIs.
clickjacking
the common vuln scoring system does not include cost of an asset attack vector impact user interaction
cost of an asset
The final phase in system hacking is to _____.
cover tracks .
The process of enumeration is primarily designed to yield
detailed system information
The steps to take after an incident include: Identify, respond, consider possible causes, _____, and resolve and document.
develop a solution
A _____ attack is a subset of a brute force attack and this uses a list of common passwords.
dictionary
From 2018 to 2023, demand for video surveillance is expected to
double
least preferred way to prevent keystroke logging free anti-malware use FW use admin acc for install use more secure browsers
download free anti-malware
which search engine does not remember your searches
duck duck go
When someone looks into the trash outside or inside an organization for anything that might reveal sensitive information, this is called _____.
dumpster diving
which tool is best for investigating a company's financial performance
edgar
What is the most important way of defending against viruses?
education
Before installing any software, you should make sure malware protection is used with _____ filtering to block communication with malicious websites.
egress
which of the following is not reconmended for mobile devices enable geotagging use biometric autherication use https update OS
enable geotagging
Cyber actors use _____ to conceal malicious behavior
encryption
Paasswords are usually stored with the aid of hash functions, not ____
encryption functions
The Ethical Hacker attempts to _____ in order to achieve access to resources normally restricted from an end user or application.
escalate privilege
In the command netstat -abop, what does the b option provide?
executable
When Google Hacking, if I want to find all PDFs with the keyword networking, I would enter _____ in the search.
ext:pdf networking
RSA is a hash algorithm
false
SHA-1 is a highly preferred hash algorithm
false
a hacker usually prefers to use plaintext in their scripting attacks.
false
a hacker will likely clear logs when entering a system
false
a hardware keylogger runs with the aid of the target's OS
false
an example of a security incident is a business transaction
false
an organization generally has the ability to reduce security threats
false
nessus is used to fix vuln on a target system
false
penetration testing is usually done more often than vscanning
false
Which of the following is most likely to use hashing techniques?
file integrity checking
A _____is a hardware or software-based mechanism that controls in-coming and out-going traffic based on a set of rules that either permit or deny traffic on a network or host, and provide access control and active filtering.
firewall
which term mostly applies to limiting ping request from a computer
firewall
which stage of system hacking comes first priveledge escal obtaining password gaining access covering tracks
gaining access
which group often breaks the law but does not intend to do any real harm
gray hat hackers
A _____ hacker may try to gain access to a system without permission, but in general, without malice. Often, they will notify an organization in some manner that their system was vulnerable.
grey
Using legal and illegal tools to attack computer systems, deface web sites, and protest to promote political ideology or other causes is called _____.
hacktivism
A _____ is a small device that records each keystroke and then saves it to its on-board memory. It must be physically attached to the system and is observable within the task manager.
hardware keylogger
Salting is a technique that is most closely related to ___________
hashing
_____ is a one-way cryptographic function.
hashing
A ________ site results in little or no downtime
hot site
Which of the following phases of incident response occurs first?
identification
Steganography is the process of hiding data in a carrier. A popular method of hiding data in files is to use a(n) _____ which creates subtle changes in the color of pixels.
image
Which admin control state that all ports should be off unless needed for a job function
implicit deny
Where would you do sandboxing so it doesn't cause damage?
in a contained environment
Where is the configuration block for malware stored in encrypted form?
in the body of the deployed payload
Where is the best place for a rootkit to hide?
in the operating system kernel
A(n) _____ is an unplanned occurrence that disrupts operational or day to day activities.
incident
Which type of malware has both a software and a hardware version?
keylogger
A regulatory _____ is a set of conditions outlined by a governing body.
law
Which admin control states that employees are given only the access they needs
least privilege
which phase of hacking installs a backdoor
maintaining access
The zmap tool is used to _____.
map the internet .
a cyber attack occurs about every
minute
What enumeration tool primarily works with the NetBIOS service
nbstat
Zenmap is a gui for
nmap
vulerabilities do not exist in software people network none
none
in windows, the _____ command will show only the ip address of the destination
nslookup
What does the command nmap -PS 10.0.2.13 list?
open TCP ports
Intrusion detection works _____ to identify, log, and report any malicious activity.
out of band
Bob works at the Veterans Administration (VA) as a Security Analyst. The VA is requiring vulnerability assessments for all 3,500 VA projects. The most efficient way he can accomplish this is by _____.
outsourcing the vulnerability assessment to qualified and approved vendors.
Which of the following is a passive OS fingerprinting tool?
pOf
Ricky responded to an intrusion alert which indicated someone was running an unauthorized port scan on the network. Ricky immediately notified his supervisor as this was indicative of a(n) _____ attack.
passive
A password cracking attack that uses a packet sniffer is called
passive online
weakest form of authetication
password
When launching a(n) _____ attack, the attacker wants to make sure the victim believes the site they are clicking on is real.
phishing
In Windows, the ________command will send 4 data packets to the destination
ping
Which of the following is a DoS attack?
ping flood
Which technique determines whether a system is present and powered?
pinging
Which of the following is probably the last thing that a hacker does on a system
planting backdoors
Which type of virus changes its form to avoid detection?
polymorphic virus
which type of scan determines listening services port ping OS fngprnt
port
Reduce the threat of tunnels by allowing only _____ software and is best if done only by the administrator or network specialist.
pre-approved
The _____ value of the Exploitability metric captures the level of access required for a successful exploit of the vulnerability.
privileges required
The ps command enumerates
processes .
The term _____ stems from a military reference that deals with gathering information about the location of a target by scouting or by setting up covert observation posts.
reconnaissance
which element of the cyber kill chain occues earlier than others
reconnasisance
A sinister employee invites a new hire to lunch and pretends to be a tech support staffer. This is known as
reverse social engineering
A _____ is installed so the Ethical Hacker can access the system at a later date.
rootkit
When using Nmap, use _____ to do a ping scan
sP
_____ software can be installed without someone's knowledge, and all activity can be monitored.
screen monitoring
Actively inserting oneself between two parties on a network is called
session hijacking
You interact with the kernal using a
shell
Why does a malware have the ability to change its binary file as it propagates?
so the malware can defeat traditional signature-based detection
Anti-malware will also most of the time pick up a _____ keylogger as they are a form of spyware.
software
What information does the psinfo -s command enumerate?
software
_____ can monitor screen activity, capture keystrokes, gather web form data, track internet usage, and allow access to sensitive data, then phone home with the information.
spyware
Within the evolution of malware, _____ has become the most concerning issue because it is extremely sophisticated and difficult to defeat.
state-sponsored malware
Automating the analysis of malware through hybrid analysis includes both _____.
static and dynamic analysis
_____ is hiding in plain sight.
steganography
By the time we get to the _______________, we have completed the Reconnaissance and scanning phases of Ethical Hacking.
system hacking phase
An organization must incorporate safeguards into the security compliance plan to defend against attacks. Safeguards include administrative, physical, and _____controls.
technical
Who runs the command and control systems over legitimate systems that are compromised?
the botmaster
hackers would be known as a
threat
the probability of a negative event happening to an asset
threat
How can you recover the source key of a malware and decrypt it to reveal the code?
through reverse engineering
Why does a ransomware DLL first create a mutex?
to ensure only one copy of ransomware is active
In a government classification system, _____ data is where the unauthorized disclosure of data could cause exceptionally grave damage.
top secret
_____ is a command line tool that traces the route of a packet across the Internet and provides route path and transit times.
tracert
Kevin downloaded what he thought was a harmless app. Instead, his computer was infected with a virus. Which type of virus was Kevin's computer most likely infected with?
trojan
An intrusion detection system does not block potentially malicious activity
true
Using google hacking database is legal
true
When defending against privilege escalation, restrict interactive logon privileges. Instead of using only a password, require multifactor authentication.
true
nmap can show you which ports are open on a computer
true
Salting the password with a random string will protect against a rainbow table attack.
truetrTrueuetrue
"Hardening" a system is related to addressing this vulnerability
unnecessary features
Which of the following is NOT a recommended way to keep your home router more secure?
use routers supplied by ISP
In the command "hping3 - - traceroute -V -1 66.32.101.17 " the -1 option is to
use the ICMP protocol .
When dealing with risk an organization can transfer the risk by _____.
using insurance
nessus is software used for
v- assessment
An attack _____is way for a hacker to gain access into a system, and can include software, networks, and the user.
vector
Ethical hacking is an important element of a comprehensive security plan, as it provides a method to test a computer system or network with the purpose of identifying and addressing
vulnerabilities
A _____ is a weakness in the system that can include unpatched systems, human error, software flaws, or weak or missing passwords.
vulnerability
A _____ scan will find known weaknesses, but it may miss key components that should be tested as it lacks the ability to reduce the overall threat.
vulnerability
For network systems, _____ management is a proactive approach to prevent the exploitation of IT vulnerabilities that exist within an organization.
vulnerability
Which sniffing technique searches for wireless access points?
wardriving
Step two of the cyber kill chain is _____, where the malicious actors are aware of the weak spots in the organization and they devise a plan to get inside the network.
weaponization
Which of the following is most likely to be located in a DMZ?
web server
Use _____ download an entire website and study the contents to find emails, phone numbers, and other organizational information such as employee directories.
website mirroring
which of the followingn would not be affective against email attacks website mirroring spam filtering user education spf
website mirroring
Footprinting a target and reconaisse usually takes several
weeeks
Anti-virus scans should occur several times a week
week
When are advanced persistent threats (APTs) usually found?
when network monitoring detects the installed malware attempting to connect to its command and control systems
When is malware reverse engineering typically done?
when the original source of the executable code is not available
The _____ hat hackers are Ethical Hackers who have the support of government and industry.
white
I am working with technology companies to fix a flaw with DNS, I did this because I am a _____ hacker
white hat
Which type of malware is primarily known for self-replicating very rapidly?
worm
Which type of malware propagates itself through a network, without requiring any user action to move from one target to the next?
worm
