NotSeemSetOne

Ace your homework & exams now with Quizwiz!

Which of the following parameters describe LM Hash: I The maximum password length is 14 charactersII There are no distinctions between uppercase and lowercaseIII The password is split into two 7-byte halves A. II B. I C. I, II, and III D. IandII

I II and III

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASPs Top Ten Project Most Critical Web Application Security Risks? A. Cross Site Scripting B. Injection C. Path disclosure D. Cross Site Request Forgery

Injection

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety? A. Read the first 512 bytes of the tape B. Perform a full restore C. Read the last 512 bytes of the tape D. Restore a random file

full restore

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular expressions. Which command-line utility are you most likely to use? A. Relational Database B. MS Excel C. Notepad D. Grep

grep

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____ database structure instead of SQLs ______ structure. Because of this, LDAP has difficulty representing many-to-one relationships. A. Strict, Abstract B. Simple, Complex C. Relational, Hierarchical D. Hierarchical, Relational

hierarchical relational

You have successfully gained access to your clients internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Microsoft Windows workstations have file sharing enabled. Which port would you see listening on these Windows machines in the network? A. 161 B. 3389 C. 445 D. 1433

445

You have just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job? A. Establish attribution to suspected attackers B. Interview all employees in the company to rule out possible insider threats C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels. D. Start the wireshark application to start sniffing network traffic.

Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: -Verifies success or failure of an attack Monitors system activities Detects attacks that a network-based IDS fails to detect. Near real-time detection and response Does not require additional hardware Lower entry cost. Which type of IDS is best suited for Tremps requirements? A. Network-based IDS B. Open source-based IDS C. Host-based IDS D. Gateway-based IDS

Open source-based IDS

What does the oX flag do in an Nmap scan? A. Perform an Xmas scan B. Perform an eXpress scan C. Output the results in truncated format to the screen D. Output the results in XML format to a file

Output the results in XML format to a file

The purpose of a _______is to deny network access to local area networks and other information assets by unauthorized wireless devices. A. Wireless Analyzer B. Wireless Jammer C. Wireless Access Point D. Wireless Access Control List

Wireless Access Control List

Elliot is in the process of exploiting a web application that uses SQL as a back-end database. He is determined that the application is vulnerable to SQL injection and has introduced conditional timing delays into injected queries to determine whether they are successful. What type of SQL injection is Elliot most likely performing? A. NoSQL injection B. Blind SQL injection C. Union-based SQL injection D. Error-based SQL injection

blind sql injection

It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short-range wireless connection. Which of the following terms best matches the definition? A. Bluetooth B. WLAN C. InfraRed D. Radio-Frequency identification

bluetooth

#!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer) <= 100: buffer.append(""A""*counter) counter=counter+50 commands=[""HELP"",""STATS ."",""RTIME ."",""LTIME ."",""SRUN ."",""TRUN ."",""GMON ."",""GDOG ."",""KSTET ."",""GTER ."",""HTER ."",""LTER ."",""KSTAN .""] for command in commands: for buffstring in buffer: print ""Exploiting "" +command +"":""+str(len(buffstring)) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(('127.0.0.1', 9999)) s.recv(50) s.send(command + buffstring) s.close()What is the code written for? A. Buffer Overflow B. Encryption C. Denial-of-service (DoS) D. Bruteforce

buffer

A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk? A. Accept B. Delegate C. Mitigate D. Avoid

delegate

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrators Computer to update the router configuration. What type of an alert is this? A. False negative B. True negative C. True positive D. False positive

false positive

This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering and it will tell you the landscape looks like.What is the most important phase of ethical hacking in which you need to spend a considerable amount of time? A. network mapping B. footprinting C. escalating privileges D. gaining access

footprinting

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. What should you do? A. Forward the message to your companys security response team and permanently delete the message from your computer. B. Reply to the sender and ask them for more information about the message contents. C. Delete the email and pretend nothing happened. D. Forward the message to your supervisor and ask for her opinion on how to handle the situation.

forward message to security response team

It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure. Which of the following regulations best matches the description? A. FISMA B. ISO/IEC 27002 C. HIPAA D. COBIT

hipaa

Which of the following statements is FALSE with respect to Intrusion Detection Systems? A. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic B. Intrusion Detection Systems can examine the contents of the data in context of the network protocol C. Intrusion Detection Systems can be configured to distinguish specific content in network packets D. Intrusion Detection Systems require constant update of the signature library Correct Answer: A

ids can distinguish malicious payload

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort? A. Increase his technical skills B. Read the incident manual every time it occurs C. Select someone else to check the procedures D. Create an incident checklist

incident checklist

What is the purpose of DNS AAAA record? A. Address prefix record B. Address database record C. Authorization, Authentication and Auditing record D. IPv6 address resolution record

ipv6 resolution

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain. If the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer? A. list domain=abccorp.local type=zone B. Is d accorp.local C. list server=192.168.10.2 type=all D. Iserver 192.168.10.2 t all

is d accorp local

Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place? A. Malicious code is attempting to execute instruction a non-executable memory region. B. A page fault is occuring, which forces the operating system to write data from the hard drive. C. A race condition is being exploited, and the operating system is containing the malicious process. D. Malware is executing in either ROM or a cache memory area.

malicious code is attempting to execute

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it. What tool will help you with the task? A. Armitage B. DMitry C. Metagoofil D. cdpsnarf

metagoofil

Which command can be used to show the current TCP/IP connections? A. Netsh B. Net use connection C. Netstat D. Net use

netstat

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using? A. Armitage B. Nikto C. Metasploit D. Nmap

nikto

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern. A. nmap p 445 n T4 open 10.1.0.0/16 B. nmap p 445 max Pn 10.1.0.0/16 C. nmap sn sF 10.1.0.0/16 445 D. nmap s 445 sU T5 10.1.0.0/16

nmap p 445 n t4 open

A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do? A. Try to sell the information to a well-paying party on the dark web. B. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem. C. Ignore it. D. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.

notify the web site owner

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occuring during non-business hours. After further examination of all login activities, it is notices that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realized the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux serves to synchronize the time has stopped working? A. NTP B. TimeKeeper C. OSPF D. PPP

ntp

The "black box testing" methodology enforces what kind of restriction? A. Only the internal operation of a system is known to the tester. B. The internal operation of a system is completely known to the tester. C. The internal operation of a system is only partly accessible to the tester. D. Only the external operation of a system is accessible to the tester.

only external operation of system

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server? A. openssl s_client site www.website.com:443 B. openssl_client site www.website.com:443 C. openssl_client connect www.website.com:443 D. openssl s_client connect www.website.com:443

openssl s client connect

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corps lobby. He checks his current SID, which is S-1-5-21-12233523971872883824-861252104-501. What needs to happen before Matthew has full administrator access? A. He needs to gain physical access. B. He must perform privilege escalation. C. He already has admin privileges, as shown by the 501 at the end of the SID. D. He needs to disable antivirus protection.

perform privilege escalation.

>NMAP sn 192.168.11.200-215 The NMAP command above performs which of the following? A. A port scan B. A ping scan C. An operating system detect D. A trace sweep

ping scan

You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrators bank account password and login information for the administrators bitcoin account. What should you do? A. Do not report it and continue the penetration test. B. Transfer money from the administrators account to another account. C. Do not transfer the money but steal the bitcoins. D. Report immediately to the administrator.

report immediately

Risks=Threats x Vulnerabilities is referred to as the: A. BIA equation B. Disaster recovery formula C. Risk equation D. Threat assessment

risk equation

During an Xmas scan, what indicates a port is closed? A. RST B. SYN C. ACK D. No return response

rst

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what? A. Network Sniffer B. Vulnerability Scanner C. Intrusion Prevention Server D. Security Incident and Event Monitoring (SIEM)

siem

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation. What command will help you to search files using Google as a search engine? A. site: target.com filetype:xls username password email B. domain: target.com archieve:xls username password email C. inurl: target.com filename:xls username password email D. site: target.com file:xls username password email

site: target.com filetype:xls username password email

A penetration test was done at a company. After the test, a report was written and given to the companys IT authorities. A section from the report is shown below: Access List should be written between VLANs.Port security should be enabled for the intranet.A security solution which filters data packets should be set between intranet (LAN) and DMZ.A WAF should be used in front of the web applications.According to the section from the report, which of the following choice is true? A. A stateful firewall can be used between intranet (LAN) and DMZ. B. There is access control policy between VLANs. C. MAC Spoof attacks cannot be performed. D. Possibility of SQL Injection attack is eliminated.

stateful firewall between intranet & dmz

A companys security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate? A. Attempts by attackers to access the user and password information stored in the companys SQL database. B. Attempts by attackers to access Web sites that trust the Web browser user by stealing the users authentication credentials. C. Attempts by attackers to access password stored on the users computer without the users knowledge. D. Attempts by attackers to determine the users Web browser usage patterns, including when sites were visited and for how long.

stealing users authentication credentials

Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides security through obscurity. What technique is Ricardo using? A. Encryption B. Steganography C. RSA algorithm D. Public-key cryptography

steganography

What is the correct process for the TCP three-way handshake connection establishment and connection termination? A. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: FIN, ACK-FIN, ACK B. Connection Establishment: ACK, ACK-SYN, SYN Connection Termination: FIN, ACK-FIN, ACK C. Connection Establishment: FIN, ACK-FIN, ACK Connection Termination: SYN, SYN-ACK, ACK D. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: ACK, ACK-SYN, SYN

syn syn ack ackS fin ack fin ack

It is an entity or event with the potential to adversely impact a system through unauthorized access, destruction, disclosure, denial of service or modification of data. Which of the following terms best matches the definition? A. Attack B. Vulnerability C. Threat D. Risk

threat

Jesse receives an email with an attachment labeled Court_Notice_21206.zip. Inside the zip file named Court_Notice_21206.docx.exe disguised as a word document. Upon execution, a window appears stating, This word document is corrupt. In the background, the file copies itself to Jesse APPDATAlocal directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered? A. Worm B. Macro Virus C. Key-Logger D. Trojan

trojan

You have successfully logged on a Linux system. You want to now cover your track. Your login attempt may be logged on several files located in /var/log. Which file does NOT belong to the list: A. wtmp B. user.log C. btmp D. auth.log

user log

Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:[eve@localhost ~]$ john secret.txtLoaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16])Press 'q' or Ctrl-C to abort. almost any other key for status0g 0:00:00:03 3/3 0g/s 86168p/s 86168c/s 172336C/s MERO..SAMPLUI0g 0:00:00:04 3/3 0g/s 3296Kp/s 3296Kc/s 6592KC/s GOS..KARIS40g 0:00:00:07 3/3 0g/s 8154Kp/s 8154Kc/s 16309KC/s NY180K..NY18370g 0:00:00:10 3/3 0g/s 7958Kp/s 7958Kc/s 1591KC/s SHAGRN..SHENY9What is she trying to achieve? A. She is using ftp to transfer the file to another hacker named John. B. She is using John the Ripper to crack the passwords in the secret.txt file C. She is encrypting the file. D. She is using John the Ripper to view the contents of the file.

using john the ripper to crack the passwords

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications? A. Use security policies and procedures to define and implement proper security settings. B. Use digital certificates to authenticate a server prior to sending data. C. Validate and escape all information sent to a server. D. Verify access right before allowing access to protected information and UI controls.

validate and escape all information

In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4? A. Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too. B. Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical. C. Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses. D. Vulnerabilities in the application layer are greatly different from IPv4.

vulnerabilities in the application layer are independent of the network layer attacks & mitigation identical

To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such an audit? A. Protocol analyzer B. Intrusion Detection System C. Port scanner D. Vulnerability scanner

vulnerability scanner

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software? A. Cross-site scripting vulnerability (XSS) B. Session management vulnerability C. SQL injection vulnerability D. Cross-site Request Forgery vulnerability

xxs


Related study sets

AWS Cloud Practitioner Ultimate Guide

View Set

Exam 2 (ALL) - Upper Limb & Thorax

View Set

Agency formation and termination

View Set

El Maestro File 7 (plus have impression materials section added)

View Set

Chapter 11 - Pricing with Market Power

View Set

Chapter 490 - Psychological Services Act, Chapter 64B19 - Board of Psychology F.A.C. & Chapter 456 Health Professions General Provisions

View Set

Immuno. Chapter 3 BCR/TCR study questions

View Set

Chapter 7 PRIMARY AND SECONDARY MARKETS

View Set

CH 42 Management of Patients with Musculoskeletal Trauma (E4)

View Set