Network Vulnerabilities 2
In a Linux script, which of the lines is important because it identifies the file as a script?
#!/bin/sh
What policy, provided by a typical ISP, should be read and understood before performing any port scanning outside of your private network?
Acceptable User Policy
What type of malicious code could be installed in a system's flash memory to allow an attacker to access the system at a later date?
BIOS-based rootkit
What programming languages are vulnerable to buffer overflow attacks?
C and C++
What professional level security certification did the "International Information Systems Security Certification Consortium" (ISC2) develop?
Certified Information Systems Security Professional (CISSP)
What area of a network is a major area of potential vulnerability because of the use of URLs?
DNS
What enumeration tool is extremely useful when working with Windows NT, 2000, and Windows XP systems?
DumpSec
An open port allows access to specific applications and cannot be vulnerable to attack.
False
Samba is a proprietary implementation of CIFS.
False
The HTTP CONNECT method starts a remote application-layer loopback of the request message.
False- HTTP TRACE starts a remote application-layer loopback of the request message
A device that performs more than one function, such as printing and faxing is called which of the following?
MFD
What is the current file system that Windows utilizes that has strong security features?
NTFS
Which of the following is a Windows programming interface that allows computers to communicate across a LAN?
NetBIOS
NetBIOS over TCP/IP is called which of the following in Windows Server 2003?
NetBt
What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM) as its standardized methodology?
OPST
Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect?
Rootkit
Which of the following systems should be used when equipment monitoring and automation is critical?
SCADA
What protocol is widely used and allows all computers on a network to communicate and function correctly?
TCP/IP
Attackers typically use ACK scans to get past a firewall or other filtering devices.
True
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?
UDP
Which of the following sometimes displays a banner that notifies the user of its presence?
adware
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
apt-get
Windows Server 212 introduced what protection feature to prevent pass-the-hash attacks?
authentication silos
Which of the following is a text file generated by a web server and stored on a user's browser?
cookie
In the TCP/IP stack, the transport layer includes network services and client software.
false
To retrieve email from a mail server, you most likely access port 119.
false
in a NULL scan, all packet flags are turned on
false
Which of the following is a common Linux rootkit?
linux rootkit 5
When using a port scanner, what procedure can be conducted to identify which Ip addresses belong to active hosts?
ping sweep
Which HTTP method starts a remote application-layer loopback of the request message?
trace
Namedroppers is a tool that can be used to capture web server information and vulnerabilities in a web site's pages that could allow exploits such as SQL injection and buffer overflows.
true
Penetration testers and security testers need technical skills to perform their duties effectively.
true
Port scanning is a method of finding out which services a host computer offers.
true
What open-source network utility allows you to use plug-ins to run test programs (scripts) that can be selected for the client interface?
OpenVAS
What does the acronym TCP represent?
Transmission Control Protocol
An ethical hacker is a person who performs most of the same activities a hacker does, but with the owner or company's permission.
True
What process allows a security professional to extract valuable information, such as information about users and recent login times from a network?
enumeration
A NetBIOS name does not need to be unique on a network.
false
A hex number is written with two characters, each representing a byte.
false
All of the enumeration techniques that work with older Windows OSs still work with Windows Server 2012.
false
As a security tester, you can make a network impenetrable.
false
Network attacks can often begin by gathering information from a company's web site.
false
Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law.
false
Malware programs cannot be detected by antivirus programs.
false-
Wget is a *nix system command that can be sued to retrieve HTTP, HTTPS, and FTP files over the internet.
false-
A DDoS attack is launched against a host from a single server or workstation.
false-a DISTRIBUTED Denial of Service attack is launched against a host from multiple servers or workstations.
Walking in an automated way to discover pages of a web site by following links.
false-spidering or crawling
Rootkits that pose the biggest threat to an OS are those that infect what part of the targeted device?
firmware
Windows 10, Windows 8, Windows Server 2016, and Windows Server 2012 have most services and features enabled by default.
flase
What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system?
keyloggers
What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth?
man-in-the-middle
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
no ACL support
What type of unauthenticated connection is considered to be a significant vulnerability of NetBIOS systems?
null sessions
Which type of social engineering attack attempts to discover personal information through the use of email?
phishing
Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?
router
Which of the following describes a text file containing multiple commands that would usually be entered manually at the command prompt?
script
Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?
signatures
An octal digit can be represented with only three bits because the largest digit in octal is seven.
true
Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have.
true
Even though the Certified Information Systems Security Professional (CISSP) certification is geared toward the technical IT professional, it has become one of the standards for many security professionals.
true
In a buffer overflow attack, and attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use.
true
NBTscan is a utility that can be used for enumerating Windows OSs.
true
NTFS was implemented to replace FAT 16 and FAT 32 because of the difficulty in incorporating security in these files systems.
true
The MSBA tool can quickly identify missing patches and misconfigurations.
true
The latest version of Nessus Server and Client can run on Windows, Mac OS X, FreeBSD, and most Linux distributions.
true
Whitelisting allows only approved programs to run on a computer.
true
Windows Software Update Services (WSUS) is designed to manage patching and updating software from the network.
true
You can search for vulnerabilities in a host computer by using a port-scanning tool.
true
malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network.
true
no matter what medium connects computers on network-copper wires, fiber-optic cables, or a wireless setup; the same protocol must be running on all computers if communication is going to function correctly.
true
rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs.
true
When using the Common Internet File System (CIFS), which security model will require network users to have a username and password to access a specific resource?
user-level security
