Penetration Testing 5-9

Ace your homework & exams now with Quizwiz!

Multifunction devices (MFDs) are rarely which of the following?

Scanned for vulnerabilities

Using the following Perl code, how many times will "This is easy..." be displayed onscreen?for ($count=1; $count <= 5; $count++){print "This is easy...";}

5

Which of the following HTML tags is used to create a hyperlink to a remote Web site?

<A HREF="http://URL>

A C program must contain which of the following?

A main() function

VxWorks is which of the following?

A proprietary embedded OS

An algorithm is defined as what?

A set of instructions for solving a specific problem

Which of the following doesn't use an embedded OS?

A workstation running Windows Vista Business

Which of the following describes an RTOS?

An embedded OS capable fo multitasking and responding predictably

Why does the fping -f 193.145.85.201 193.145.85.220 command cause an error?

An incorrect parameter is used

Port scanning provides the state for all but which of the following ports? a. Closed b. Open c. Filtered d. Buffered

Buffered

Which organization offers free benchmark tools for Windows and Linux?

Center for Internet Security

*nix embedded OSs are most likely to be found on which of the following devices?

Cisco switches and routers

What protocol replaced SMB in Windows 2000 Server and later?

Common Internet File System (CIFS)

Which of the following testing process is the most intrusive?

Enumeration

A NULL scan requires setting the FIN, ACK, and URG Flags. True or False?

False

An embedded OS must be developed specifically for use with embedded systems. True or False?

False

Employees should be able to install programs on their company computers as long as the programs aren't copyrighted. True or False?

False

For a Windows computer to be able to access a *nix resource, CIFS must be enabled on at least one of the systems. True or False?

False

Fping doesn't allow pinging multiple IP addresses simultaneously. True or False?

False

HTML files must be compiled before users can see the resulting Web pages. True or False?

False

Linux antivirus software can't detect backdoor Trojans. True or False?

False

Most printers now have only TCP/IP enabled and don't allow default administrator passwords, so they're inherently more secure. True or False?

False

The Windows Net use command is a quick way to discover any shared resources on a computer or server. True or False?

False

The Nbtstat command is used to enumerate *nix systems. True or False?

Fasle

What is the best method of preventing NetBIOS attacks

Filtering certain ports at the firewall

Which of the following is the Win32 API function for verifying the file system on a Windows computer?

FsType()

SCADA systems are used for which of the following?

Monitoring equipment in large-scale industries

If you don't have access to Nessus, which of the following can be used by an attacker to gain information about remote *nix hosts?

NMap

Which type of port scan sends a packet with all flags turned off?

NULL

Which of the following is the vulnerability scanner from which OpenVAS was developed?

Nessus

A null session is enabled by default in all the following Windows versions except: a. Windows 95 b. Windows Server 2008 c. Windows 98 d. Windows 2000

Windows Server 2008

SMB2 was released with which version of Windows?

Windows Vista

Which of the following is the most efficient way to determine which OS a company is using?

call the company and ask

Which program can detect rootkits on *nix systems?

chrootkit

A closed port responds to a SYN packet with which of the following packets?

RST

Which of the following programs includes several buffer overflow exploit plug-ins?

Metasploit

Which of the following is a popular network management service for network administrators?

SNMP

Which of the following is a commonly used UNIX enumeration tool?

SNMPWalk

The Net view command can be used to see whether there are any shared resources on a server. True or False?

True

The lack of a familiar interface, such as CD/DVD-ROM drives, contributes to the difficulty of updating embedded OSs. True or False?

True

Which of the following is considered a good defense against low-level rootkits?

Trusted Platform Module(TPM)

To see a brief summary of Nmap commands in a Linux shell, which of the following should you do?

Type help nmap

What is the result of running the following C program?main(){int a = 2; if (a = 1)printf("I made a mistake!");elseprintf("I did it correctly!");}

"I made a mistake!" is displayed

To add comments to a Perl script, you use which of the following symbols?

#

Which parameter can be added to nmap to run a script scan with the default scripts?

-sC

Which port numbers indicate NetBIOS is in use on a remote target?

135 to 139

Which ports should be filtered out to protect a network from SMB attacks?

137 to 139 and 445

Enumeration of Windows systems can be more difficult if port _______ is filtered. a. 110/UDP b. 443/UDP c. 80/TCP d. 139/TCP

139/TCP

A NetBIOS name can contain a maximum of how many characters?

15

Which of the following tags enables an HTML programmer to create a loop?

HTML doesn't have a looping function or tag

Which of the following is a tool for creating a custom TCP/IP packet and sending it to a host computer?

Hping

In basic network scanning, ICMP Echo Requests (type 8) are sent to host computers from the attacker, who waits for which type of packet to confirm that the host computer is live?

ICMP Echo Reply (type 0)

What is a potential mistake when performing a pings sweep on a network?

Including a broadcast address in the ping sweep range

Which of the following is an advantage of Windows CE over other Windows embedded OSs?

Its source code is available to the public

Which of the following is an OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?

Mandatory Access Control

Which of the following commands connects to a computer containing shared files and folders?

Net use

Which of the following is a Windows command-line utility for seeing NetBIOS shares on a network?

Net view

What is the most widely used port-scanning tool?

Nmap

Most NetBIOS enumeration tools connect to the target system by using which of the following? a. ICMP packets b. Default logons and blank passwords c. Null sessions d. Admin accounts

Null sessions

Which of the following is a major challenge of securing embedded OSs?

Patching

Security testers and hackers use which of the following to determine the services running on a host and the vulnerabilities associated with these services?

Port scanning

Before writing a program, many programmers outline it first by using which of the following?

Pseudocode

Windows OSs are vulnerable to the Conficker worm because of which of the following?

RPC vulnerability

A FIN packet sent to a closed port responds with which of the following packets? a. FIN b. SYN-ACK c. RST d. SYN

RST

A missing parenthesis or brace might cause a C compiler to return which of the following?

Syntax error

Which of the following are more difficult to detect today because programmers develop them to make legitimate calls on outbound ports that an IDS or firewall wouldn't detect?

Trojan programs

If the time and money required to compromise an embedded system exceeds the value of the system's information, a security tester might recommend not fixing the vulnerability. True or False?

True

In Windows Server 2016, the administrator must enable IIS manually to use it. True or False?

True

In object-oriented programming, classes are defined as the structures that hold data and functions. True or False?

True

One reason that some vendors of embedded OSs are using open-source software more is that the cost of developing and patching an OS is shared by the entire open-source community. True or False?

True

Perl and C are the most widely used programming languages among security professionals. True or False?

True

Security testers can use Hping to bypass filtering devices. True or False?

True

SCADA systems controlling critical infrastructure are usually separated from the Internet by which of the following?

air gap

A common vulnerability of routers and other network devices with built-in Web management interfaces is which of the following?

authentication vulnerability

Which of the following commands would you enter from the directory you want to analyze to display any alternate data streams?

dir /r

In C, which looping function performs an action first and then test to see whether the action should continue to occur?

do loop

Which of the following C statements has the highest risk of creating an infinite loop?

for (;;)

To find extensive Nmap information and examples of the correct syntax to use in Linux, which of the following commands should you type?

man nmap

To identify the NetBIOS names of systems on the 193.145.85.0 network, which of the commands do you use?

nbtscan 193.145.85.0/24

Which of the following commands should you use to determine whether there are any shared resources on a Windows computer with the IP address 193.145.85.202?

nbtstat -a 193.145.85.202

An interprocess communication mechanism that allows a program running on one host to run code on a remote host is known as which of the following?

remote procedure call (RPC)

Which of the following can modify part of the OS or install themselves as kernel modules, drivers, libraries, and even applications?

rootkit


Related study sets

4. Process Data from Dirty to Clean

View Set

ACC 4110 Ch 19 - Professional Conduct, Independence, and Quality Control

View Set

ASE 8 Chapter 61 Ignition System

View Set

Pennsylvania State Health and Life Insurance Exam

View Set

Chapter 3 - Job-Order Costing: Cost Flows and External Reporting.

View Set