Midterm

Ace your homework & exams now with Quizwiz!

What utility may be used to stop auditing or logging of events?

Auditpol

If you have not been contracted to perform an attack against a target system, and take it on as a target of opportunity to quickly make some money by selling PII, you are what type of hacker?

Black Hat

A white-box test means the tester has which of the following?

Complete Knowledge

A scan of a network client shows that port 53 is open; what protocol is this aligned with?

DNS

A virus does not do which of the following?

Display pop-ups

In IPsec, what does Encapsulating Security Payload (ESP) provide?

Encryption of the entire packet

A polymorphic virus ______________

Evades detection through rewriting itself

The group Anonymous is an example of what?

Hacktivists

A _______________ is used to represent a password.

Hash

A message digest is a product of which of algorithm?

Hashing

What network appliance sense irregularities and plays an active role in stopping that irregular activity from continuing?

IPS

What is an SID used to do?

Identify a user

What separates a suicide hacker from other attackers?

Lack of fear of being caught

SNMP is used to perform which function?

Monitor network equipment

An attacker can use ___________________ to enumerate users on a system.

NETBIOS

Which of the following types of attack has no flags set?

NULL

Which of the following is capable of port redirection?

Netcat

What is used to synchronize clocks on a network.

Network Time Protocol (NTP)

Wireshark requires a network card to be able to enter which mode to sniff all network traffic?

Promiscuous mode

This is a type of offline attack

Rainbow attack

Which network topology uses a token-based access methodology?

Ring

What is the proper sequence of the TCP three-way-handshake?

SYN, SYN-ACK, ACK

This is used to partially encrypt the SAM

SYSKEY

Symmetric encryption is also referred to as which of the following?

Shared Key

Which of the following is used for banner grabbing?

Telnet

What is the three-way handshake?

The opening sequence of a TCP connection

What does the enumeration phase not discover?

ports

What are worms typically known for?

rapid replication

Another Name for a covert channel is

A backdoor

What is a code of ethics?

A description of expected behavior

A full-open scan means that the three-way handshake has been completed. What is the difference between this and a half-open scan?

A half-open does not include the final ACK

IPsec uses which two modes?

AH ESP

An attacker can use a(n) ______________ to return to a system

Backdoor

What common tool can be used for launching an ARP poisoning attack?

Cain & Abel

A contract is important because it does what?

Gives permission

Which of the following prevents ARP poisoning?

IP DHCP Snooping

Which of the following is a common hashing protocol?

SHA-256

A trojan relies on _______________ to be activated.

Social Engineering

What is the process of exploiting services on a system.

System Hacking

An SYN attack uses which protocol?

TCP

Which port uses TLS to secure web traffic?

TCP 443

Which utility will tell you in real time which ports are listening or in another state?

TCP View

Why would you need to use a proxy to perform scanning?

To enhance anonymity

A public and private key system differs from symmetric because it uses which of the following?

Two Keys

VRFY is used to do which of the following?

Validate an email address

On a switch, each switchport represents a ____________.

collision domain

Tiffany is analyzing a capture from a client's network. She is particularly interested in NetBIOS traffic. What port does Tiffany filter for?

139

MAC spoofing applies a legitimate MAC address to an unauthenticated host, which allows the attacker to pose as a valid user. Based on your understanding of ARP, what would indicate a bogus client?

A reverse ARP request maps to two hosts.

Which of the following best describes PGP?

A way of encrypting data in a reversible method

What technique funnels all traffic back to a single client, allowing sniffing from allconnected hosts?

ARP poisoning


Related study sets

Bab 4: Perlembagaan Persekutuan: Tiang Seri Hubungan Etnik

View Set

NCLEX - RN Practice Questions Exam 1

View Set

NUR211 Mental Health Substance Addictive Disorders.

View Set

Government Branches, Premble, and Concurent powers.

View Set

HR MGMT - Chapter 8 Aplia Assigment

View Set

Music Appreciation Listening Quiz - Chapter 6: The Middle Ages (6-10)

View Set

HLTH 231 Chapter 1 Key Terms, Chapter Questions, and quiz

View Set

midterm 1 study guide (chapter 4)

View Set