CPSA Flashcards
(500 cards)
1
Q
What is the default password for user ADAMS on Oracle 7/8/9?
A
WOOD
2
Q
What is the default password for user BLAKE on Oracle 7/8?
A
PAPER
3
Q
What is the default password for user DBSNMP on Oracle 7/8?
A
DBSNMP
4
Q
What is the default password for user internal on Oracle 7/8/9?
A
oracle
5
Q
What is the default password for user JONES on Oracle 7/8/9?
A
STEEL
6
Q
What is the default password for user MODTEST on Oracle 7/8/9?
A
YES
7
Q
What is the default password for user Scott on Oracle 7/8/9?
A
Tiger
8
Q
What is the default password for user SYS on Oracle 7/8/9?
A
CHANGE_ON_INSTALL
9
Q
What is the default password for user SYSADM on Oracle 7/8/9?
A
SYSADM
10
Q
What is the default password for user SYSTEM on Oracle 7/8/9?
A
MANAGER
11
Q
What is the default password for user TRACESRV on Oracle 7/8/9?
A
TRACE
12
Q
What does DNS stand for?
A
Domain Name System
13
Q
What does HTTP stand for?
A
Hypertext Transfer Protocol
14
Q
What does HTTPS stand for?
A
Hypertext Transfer Protocol Secure
15
Q
What does ICMP stand for?
A
Internet Control Message Protocol
16
Q
What does IIS stand for?
A
Internet Information Services
17
Q
What does IP stand for?
A
Internet Protocol
18
Q
What does RIP stand for?
A
Routing Information Protocol
19
Q
What does SIP (VoIP) stand for?
A
Session Initiation Protocol
20
Q
What does SMTP stand for?
A
Simple Mail Transfer Protocol
21
Q
What does SOAP stand for?
A
Simple Object Access Protocol
22
Q
What does TCP stand for?
A
Transmission Control Protocol
23
Q
What does UDP stand for?
A
User Datagram Protocol
24
Q
What does SNMP stand for?
A
Simple Network Management Protocol
25
What does TFTP stand for?
Trivial File Transfer Protocol
26
What does SSH stand for?
Secure Shell
27
What does FTP stand for?
File Transfer Protocol
28
What does SMB stand for?
Server Message Block
29
What does LDAP stand for?
Lightweight Directory Access Protocol
30
What does FTPS stand for?
File Transfer Protocol Secure
31
What does SFTP stand for?
Simple File Transfer Protocol (TCP/115), SSH File Transfer Protocol
32
What does NFS stand for?
Network File System
33
What does IMAP stand for?
Internet Message Access Protocol
34
What does HTTPS stand for?
Hypertext Transfer Protocol Secure (over TLS/SSL)
35
What does Rlogin stand for?
Remote Login
36
What does Rexec stand for?
Remote Process Execution
37
What port does SNMP operate on?
UDP 161
38
What port does TFTP operate on?
UDP 69;
39
What port does SMTP operate on?
TCP 25
40
What port does SSH operate on?
port 22
41
What port does HTTP operate on?
TCP 80
42
What port does SIP (VoIP) operate on?
port 5060
43
What port does FTP data transfer operate on?
port 20
44
What port does FTP control operate on?
port 21
45
What port does SMB operate on?
139/tcp (NETBIOS over TCP/IP), 445/tcp (raw SMB transport)
46
What port does LDAP operate on?
port 389
47
What port does HTTPS operate on?
TCP 443
48
What port does rlogin operate on?
TCP 513
49
What port does RIP operate on?
UDP 520
50
What port does FTPS data transfer operate on?
port 989
51
What port does FTPS control operate on?
port 990
52
What port does rexec operate on?
TCP 512
53
What port does Telnet operate on?
port 23
54
What port does WHOIS operate on?
port 43
55
What port does DNS operate on?
port 53
56
What port does Finger operate on?
TCP 79
57
What port does Kerberos operate on?
port 88
58
What port does SFTP (Simple FTP) operate on?
TCP 115
59
What port does NFS operate on?
port 2049
60
What port does MSSQL Server operate on?
TCP 1433
61
What port does MSSQL Monitor operate on?
port 1434
62
What port does MySQL database system operate on?
port 3306
63
What port does PostgreSQL database system operate on?
port 5432
64
What port does IMAP operate on?
TCP 143
65
What does OSPF stand for?
Open Shortest Path First
66
What does IGRP stand for?
Interior Gateway Routing Protocol
67
What does EIGRP stand for?
Enhanced Interior Gateway Routing Protocol
68
What does DES stand for?
Data Encryption Standard
69
What does 3DES stand for?
Triple Data Encryption Standard
70
What does AES stand for?
Advanced Encryption Standard
71
What does RSA stand for?
Rivest Shamir Adleman
72
What does RC4 stand for?
Rivest Cipher 4
73
What does SHA1 stand for?
Secure Hash Algorithm 1
74
What does MD5 stand for?
Message Digest (Algorithm) 5
75
What does HMAC stand for?
Hash-based Message Authentication Code
76
What does SSL stand for?
Secure Sockets Layer
77
What does IPsec stand for?
Internet Protocol Security
78
What does PGP stand for?
Pretty Good Privacy
79
What does WEP stand for?
Wired Equivalent Privacy
80
What does WPA stand for?
Wi-Fi Protected Access
81
What does TKIP stand for?
Temporal Key Integrity Protocol
82
What does NTP stand for?
Network Time Protocol
83
What does PCAP stand for?
Packet Capture
84
What does ARP stand for?
Address Resolution Protocol
85
What does DHCP stand for?
Dynamic Host Configuration Protocol
86
What does CDP stand for?
Cisco Discovery Protocol
87
What does HSRP stand for?
Hot Standby Router Protocol
88
What does VRRP stand for?
Virtual Router Redundancy Protocol
89
What does VTP stand for?
VLAN Trunking Protocol
90
What does STP stand for?
Spanning Tree Protocol
91
What does TACACS+ stand for?
Terminal Access Controller Access-Control System Plus
92
DNS Records: What does SOA stand for?
Start of Authority Record
93
DNS Records: What does MX stand for?
Mail Exchange Record
94
DNS Records: What does TXT stand for?
Text Record
95
DNS Records: What does A stand for?
Address Record
96
DNS Records: What does NS stand for?
Name Server Record
97
DNS Records: What does HINFO stand for?
Host Information Record
98
DNS Records: What does CNAME stand for?
Canonical Name Record
99
What does EAP stand for?
Extensible Authentication Protocol
100
What does LEAP stand for?
Lightweight Extensible Authentication Protocol
101
What does PEAP stand for?
Protected Extensible Authentication Protocol
102
What port does POP3S operate on?
TCP 995
103
What port does Echo operate on?
port 7
104
What port does CHARGEN operate on?
port 19
105
What port does Daytime operate on?
port 13
106
What port does Quote of the Day operate on?
port 17
107
What port does Telnet operate on?
port 23
108
What port does POP2 operate on?
TCP 109
109
What port does POP3 operate on?
TCP 110
110
What port does NNTP operate on?
TCP 119
111
What port does Syslog operate on?
UDP 514
112
What port does LDAPS operate on?
port 636
113
What port does IMAPS operate on?
TCP 993
114
What port does Oracle operate on by default for older releases?
TCP 1521
115
What port does Oracle database officially run on, for newer releases?
port 2483
116
What port does Oracle database officially run on over SSL, for newer releases?
port 2484
117
What is the common alternative port for Oracle database to run on?
TCP 1528
118
What port does OpenVPN operate on?
port 1194
119
What port does NetBIOS Name Service operate on?
port 137
120
What port does NetBIOS Datagram Service operate on?
port 138
121
What port does NetBIOS Session Service operate on?
port 139
122
What port does RDP operate on?
port 3389
123
Which two ports does X11 operate on?
TCP 6000, UDP 6001
124
What port does Virtual Network Computing (VNC)/Remote Frame Buffer (RFB) operate on?
port 5900
125
What port does RPC operate on in Linux?
port 111
126
What port does ISAKMP operate on?
port 500
127
What port does Telnet over SSL operate on?
port 992
128
What port does IDENT operate on?
TCP 113
129
What port does Authentication Service (auth) operate on?
UDP 113
130
What port does IMAP version 3 operate on?
port 220
131
What port does SMTPS operate on?
TCP 465
132
What does CVE stand for?
Common Vulnerabilities & Exposures
133
What frequency does 802.11a operate on?
5 Ghz
134
5 Ghz
What frequency does 802.11a operate on?
135
What frequency does 802.11b operate on?
2.4 GHz
136
2.4 GHz
What frequency does 802.11b operate on?
137
What frequency does 802.11g operate on?
2.4 GHz
138
2.4 GHz
What frequency does 802.11g operate on?
139
What frequency does 802.11n operate on?
Both 2.4 GHz and 5 GHz
140
Both 2.4 GHz and 5 GHz
What frequency does 802.11n operate on?
141
What is IP protocol number 1?
ICMP
142
What is IP protocol number 2?
IGMP
143
What is IP protocol number 6?
TCP
144
What is IP protocol number 16?
CHAOS
145
What is IP protocol number 17?
UDP
146
What is IP protocol number 47?
GRE (Generic Routing Encapsulation)
147
What message is ICMP type 0?
Echo Reply
148
What message is ICMP type 3 code 0?
Destination network unreachable
149
What message is ICMP type 4?
Source Quench
150
What message is ICMP type 8?
Echo
151
What message is ICMP type 13?
Timestamp
152
What message is ICMP type 14?
Timestamp Reply
153
What message is ICMP type 15?
Information Request
154
What message is ICMP type 16?
Information Reply
155
What message is ICMP type 30?
Traceroute
156
What message is ICMP type 37?
Domain Name Request
157
What message is ICMP type 38?
Domain Name Reply
158
What port does Sysstat operate on?
port 11
159
What port does Tcpmux operate on?
port 1
160
What port does Netstat operate on?
port 15
161
What does QOTD stands for?
Quote Of The Day
162
What port does Message Send Protocol operate on?
port 18
163
Identify the OS version from this banner: "220 hostname FTP server ready"
Solaris 9 and later, SGI IRIX 6.x
164
Identify the OS version from the banner: "220 Microsoft FTP Service"
Windows 2003
165
Identify the OS version from the banner: "220 hostname FTP server (Version 6.00LS) ready"
FreeBSD 4.x and later
166
Identify the OS version from the banner: "220 hostname FTP server (Version 6.00) ready"
FreeBSD 3.x, MacOS
167
Identify the OS version from the banner: "220 hostname Microsoft FTP Service (Version 5.0)"
Windows 2000
168
Identify the OS version from the banner: "220 hostname FTP server (Digital Unix Version 5.60) ready"
Compaq Tru64
169
Identify the OS version from the banner: "220 hostname Microsoft FTP Service (Version 4.0)"
Windows NT 4.0
170
Identify the OS version from the banner: "220 hostname FTP server (Version 4.1 Tue Sep 8 17:35:59 CDT 1998) ready
IBM AIX 4.x
171
Identify the OS version from the banner: "220 hostname FTP server (NetBSD-ftpd 20020615) ready"
NetBSD 1.6.x
172
Identify the OS version from the banner: "220 hostname FTP server (SunOS 5.7) ready"
Solaris 7
173
Identify the OS version from the banner: "220 hostname FTP server (Version 1.1.214.6 Wed Feb 9 08:03:34 GMT 2000) ready"
HP-UX 11.x
174
Identify the FTP implementation from the banner:"220 hostname FTP server (Version 6.5/OpenBSD) ready"
WU-FTPD 2.6.2
175
Which service is related to glob() vulnerability?
FTP
176
How many different versions of SSH servers exist?
4
177
Which service uses the PAM option?
SSH
178
Which SSH version was deprecated?
SSH Version 1.0
179
Identify the OS version from the banner: "Unix(r) System V Release 4.0 (hostname)"
Solaris 2.6
180
What is the Exim?
Mail Transport Agent
181
Where is PGP used?
It is used for SMTP encryption
182
What port does TIME protocol operate on?
port 37
183
What port does WINS service operate on?
port 42
184
What is the POSTFIX?
Mail Transport Agent
185
What does RIR stand for?
Regional Internet Registries
186
What port does TACACS+ operate on?
port 49
187
What does the BIND refers to?
Default Linux DNS server
188
What does BIND stand for?
Berkley Internet Name Domain
189
DNS Records: What does RP stand for?
Responsible Person record
190
What does DIG stand for?
Domain Information Groper
191
What protocol and ports are associated with DHCP networking protocol?
BOOTP, UDP 67(server), UDP 68(client)
192
Why do you need to tell a client to inform their employees about a pentest either before the test commences or via the computer usage policy (Answer the Law)?
Human Rights Act
193
Why do you need to get permission from the owner of a system before commencing a pentest (Answer the Law)?
Breach of Computer Misuse Act
194
Each DNS ____ represents a boundary of authority subject to management by certain entities
Zone
195
How many IP addresses could be used in an IP range with mask bit /25?
126
196
What port can be queried to request a zone transfer?
TCP 53
197
How many bits, bytes and octets are there in an IPv4 address?
32 bits, 4 bytes, 4 octets
198
You have connected to an SSH service and its banner states it is running SSH v1.99. Which versions of the SSH protocol does this SSH support?
v1 and v2
199
Which of the following is not a reserved IP range? a) 10.0.0.0/8b) 75.0.0.0/16c) 192.168.0.0/16d) 172.16.0.0/12
75.0.0.0/16
200
How many possible IP addresses are there in a class A??
16777216
201
On an assessment, if you are told that the network is a /28 subnet on an IPv4 network with 14 active hosts how many IPs are free?
0
202
If ICMP is filtered, how you can view your possible traffic route to a secure web server from a Windows machine? a) tcptraceroute server.comb) traceroute -p 80 server.com c) ping -r server.comd) ping -R server.com:443 e) tcptraceroute server.com 443
tcptraceroute server.com 443
203
How many mask bits are there for a subnet mask of 255.255.248.0?
/21
204
Which IP addresses are used for automatic addressing (APIPA)?
169.254.0.0 - 169.254.255.255
205
What does IANA stands for?
Internet Assigned Numbers Authority
206
What does IGMP stands for?
Internet Group Message Protocol
207
What does CAT5 stand for?
Category 5
208
What does IEEE stand for?
Institute of Electrical and Electronic Engineers
209
What does SING stand for?
Send ICMP Nasty Garbage
210
What does SSRR stand for?
Strict Source and Route Record
211
What does LSRR stand for?
Loose Source and Route Record
212
What does WINS stand for?
Windows Internet Name Service
213
DNS Records: What does PTR stand for?
Pointer Record
214
What does HTML stand for?
HyperText Markup Language
215
What is IP protocol number 4?
IP-in-IP
216
What is IP protocol number 9?
IGP Interior Gateway Protocol, used by CISCO for their IGRP
217
What is IP protocol number 41?
IPv6
218
What is IP protocol number 88?
EIGRP
219
What is IP protocol number 89?
OSPF
220
What does CHARGEN stand for?
Character Generator Protocol
221
How many bits is the IPv6 address?
128 bits
222
What message is ICMP type 3 code 1?
Destination host unreachable
223
What message is ICMP type 3 code 2?
Destination Protocol unreachable
224
What message is ICMP type 3 code 3?
Destination port unreachable
225
What message is ICMP type 3 code 6?
Destination network unknown
226
What message is ICMP type 3 code 7?
Destination host unknown
227
What message is ICMP type 11 code 1?
Fragment reassembly time exceeded
228
What message is ICMP type 11 code 0?
TTL Time Exceeded
229
What message is ICMP type 17?
Address mask request
230
What message is ICMP type 18?
Address mask reply
231
What message is ICMP type 37?
Domain name request
232
What message is ICMP type 38?
Domain name reply
233
What message is ICMP type 3 code 13?
Communication administratively prohibited
234
What message is ICMP type 5?
Redirect message
235
What is the meaning of 802.3?
Ethernet
236
What is the meaning of 802.5
Token Ring
237
What frequency does 802.3 operate on?
100Mb/s or Gigabit Ethernet (1Gb/s)
238
What kind of connectors does the 802.3 uses?
RJ-45
239
Name a specific property of 802.5 regarding bandwidth
It is shared fairly
240
Which is the OSes that the nmap Inverse TCP Flag Scanning is deemed unsuccessful?
Microsoft Windows, many Cisco devices, IBM OS/400
241
How can you perform a UDP scan using netcat?
nc -v -w 4 -u -z <> <>
242
You perform a UDP scan and the target port returns no response. What is the state of the port?
open | filtered
243
You perform an ACK scan and the target port returns TCP RST response. What is the conclusion regarding the firewall?
Stateless, blocks simply SYN packets
244
You perform an nmap Maimon Scan and the target port returns no response. What is the state of the port?
open | filtered
245
You perform an nmap Protocol scan and the target port returns a garbage response. What is the state of the port?
open
246
What kind of packets does xprobe2 uses to fingerprint OS version?
ICMP
247
ICMP Default system response: 8 and 13. Which is the OS?
Linux, BSD, Windows 2000
248
ICMP Default system response: 8, 13 and 15. Which is the OS?
HP-UX, AIX, CISCO IOS, Ultrix
249
ICMP Default system response: 8, 13, 17. Which is the OS?
Solaris, Windows 95, 98, ME
250
ICMP Default system response: 8. Which is the OS?
Windows NT 4.0
251
Which file should be changed in order to avoid disclosing WU-FTPD banner?
/etc/ftpaccess
252
Which file should be changed in order to avoid disclosing ProFTPD banner?
/etc/proftpd.conf
253
Which file should be changed in order to avoid disclosing host information after a user connects using telnet?
/etc/issue
254
Which file should be changed in order to avoid disclosing sendmail banner?
sendmail.cf
255
Which file should be changed in order to avoid disclosing qmail banner?
qmail-smtpd
256
Which file should be changed in order to avoid disclosing Postfix banner?
main.cf
257
Which file should be changed in order to avoid disclosing Exim banner?
exim.conf
258
Identify the OS version from the banner: "SunOS 5.9"
Solaris 9
259
Identify the OS version from the banner: "Unix (hostname)"
SunOS 4.1.x SunOS
260
Identify the OS version from the banner: "IRIX (hostname)"
SGI IRIX 6.x
261
Identify the OS version from the banner: "AIX Version 5 (C) Copyrights by IBM and by others 1982, 2000"
IBM AIX 5.2.x
262
Identify the OS version from the banner: "AIX Version 4 (C) Copyrights by IBM and by others 1982, 1996"
IBM AIX 4.2.x or 4.3.x
263
Identify the OS version from the banner: "AIX Version 4 (C) Copyrights by IBM and by others 1982, 1994"
IBM AIX 4.1.x
264
Identify the OS version from the banner: "IPSO (hostname) (ttyp0)"
Nokia IPSO
265
Identify the OS version from the banner: "User Access Verification"
Cisco IOS
266
Which part of cryptography is used to describe the feature: same input produces same output?
Hash
267
Which part of cryptography is used to describe the feature: it is not possible to go from the output to the input?
Hash
268
Which part of cryptography is used to describe the feature: Integrity
Hash
269
Which part of cryptography is used to describe the feature:Confidentiality
Encryption
270
Which part of cryptography is used to describe the feature: Usability
Encoding
271
Which cipher starts from a random seed that is XORed with the clear text to generate the cipher text?
Stream Cipher
272
What is the length of the DES key?
56 bits
273
What is the block size of DES?
64 bits
274
How many secret bits are there in a standard 3DES key?
168 bits if 3 keys DES is used (standard 3DES), 112 bits if 2 keys DES is used
275
What is the size of AES block?
128, 192 or 256 bits
276
What is the key length of AES?
128, 192 or 256 bits
277
How many bytes output does the SHA1 cryptographic algorithm produce?
20 bytes hex value or 160 bits
278
How many bytes output does the MD5 cryptographic hash function produce?
16 bytes or 128 bits
279
Which protocols use HMAC?
TLS, IPsec
280
What key is used to sign a website valid public key certificate?
The private key of a CA
281
Which mode of operation for block ciphers discloses structure of clear-text?
ECB
282
What does CVE stand for?
Common Vulnerabilities and Exposures
283
Which of the following statements is not true about hashing?a) It is a deterministic procedureb) It does not take an arbitrary block of datac) It returns a fixed-size bit string referred to as cryptographic hash valued) Accidental or intentional change to the data will change the hash valuee) It is an one-way function
b)
284
TCP wrappers use which configuration files?
/etc/hosts.allow and /etc/hosts.deny
285
What is the following type of port scan being used?nmap -sX -n 192.168.1.100
XMAS Scan
286
What operating system has a TTL of 64?
Solaris 8
287
What does AH stand for?
Authentication Header
288
Which encryption modes are used in IPSec?
Tunnel and Transport
289
Which IPSec security component is used to ensure integrity?
Authentication Header (AH)
290
Which IPSec security component is used to ensure confidentiality?
Encapsulating Security Payload (ESP)
291
What does ESP stand for?
Encapsulating Security Payload
292
What does IKE stand for?
Internet Key Exchange
293
What is the purpose of IKE in IPSec?
To securely exchange the secret key
294
Which shared key exchange are used in IPSec?
Main mode, Aggressive mode (possible to capture Pre Shared Key using a sniffer and crack it offline)
295
What does ISAKMP stand for?
Internet Security Association and Key Management Protocol
296
Which command is used to add a user to a group?
usermod -G group user
297
What are the group permissions of the following file?drwxr-xr-x file
Read and Execute
298
How can you set the sticky bit to a directory?
chmod +t
299
What does the -i UNIX file attribute mean?
That the file cannot be modified or deleted
300
Which command is used in UNIX to find files with suid enabled?
find / \( -perm -4000 -o -perm -2000 \) -ls 2>/dev/null
301
What does ARIN stand for?
American Registry for Internet Numbers
302
What does RIPE stand for?
Reseaux IP Europeens
303
What does APNIC stand for?
Asia Pacific Network Information Centre
304
What does LACNIC stand for?
Latin American and Caribbean Network Information Centre
305
What does AfrNIC stand for?
African Network Information Centre
306
DNS Records: Where can you find domain administrator's email?
SOA not MX!
307
What does NNTP stand for?
Network News Transfer Protocol
308
What does DTP stand for?
Dynamic Trunking Protocol
309
What does CRLF stand for?
Carriage Return Line Feed
310
What port does Cisco HSRP operate on?
UDP 1985
311
Name two DHCP vulnerabilities
DHCP Server SpoofDHCP Table Exhaustion - Snoop
312
Name CDP vulnerabilities
Information disclosureSend a CDP packet and setup virtual deviceFlood CDP neighbors table
313
Name HSRP vulnerabilities
DoS or MITMClear-text authentication
314
Name VRRP vulnerabilities
Take over VRRP master role
315
Name VTP vulnerabilities
Network topology information disclosureDelete all/one VLAN (DoS)Add a VLANCatalyst crash (DoS)
316
Name TACACS vulnerabilities
Clear-text data transmission in RADIUS
317
Which NET-SNMP versions were vulnerable?
All prior to 4.2.2
318
Which SNMP version uses MD5 and encryption?
SNMPv2
319
What does MIB stand for?
Management Information Base
320
What does OID stand for?
Object Identifier
321
Which SNMP version uses clear text data transfer?
SNMPv1
322
OID: .1.3.6.1.2.1.1.5. What is the information retrieved?
Hostname
323
OID: .1.3.6.1.4.1.77.1.4.2. What is the information retrieved?
Domain Name
324
OID: .1.3.6.1.4.1.77.1.2.25. What is the information retrieved?
Usernames
325
OID:.1.3.6.1.4.1.77.1.2.3.1.1. What is the information retrieved?
Running Services
326
OID:.1.3.6.1.4.1.77.1.2.27. What is the information retrieved?
Share Information
327
What does PPTP stand for?
Point-to-Point Tunelling Protocol
328
What kind of encryption is IPSec based?
Based on symmetric-key encryption
329
What does SA stand for?
Security Association
330
Which module is used to define the IPSec protocol to be used, as well as crypttographic algorithms, keys and their lifetime?
Security Association (SA)
331
What port does PPTP operate on?
TCP 1723
332
What does MGCP stand for?
Media Gateway Control Protocol
333
What does RTP stand for?
Real-Time Transport Protocol
334
What does RTCP stand for?
Real-time Transport Control Protocol
335
What does SRTP stand for?
Secure Real-time Transport Protocol
336
What does SDP stand for?
Session Description Protocol
337
What does IAX stand for?
Inter-Asterisk eXchange (IAX)
338
What does BSS stand for?
Basic Service Set
339
What does BSSID stand for?
Basic Service Set Identifier
340
What does ESSID stand for?
Enhanced Service Set Identifier
341
What does SSID stand for?
Service Set Identifier
342
What does CCMP stand for?
Counter Cipher Mode with block chaining MAC Protocol
343
What is the length of the WEP secret key?
40 bits
344
What is the length of the WEP IV?
24 bits
345
What does WEP use for integrity?
32-bit CRC
346
What does MAIC stand for?
Message Authentication and Integrity Code
347
What does WPS stand for?
Wi-Fi Protected Setup
348
What protocol uses TKIP?
WPA
349
What is the purpose of TKIP?
Encryption. 128-bit per packet
350
What is the difference between WPA and WPA2?
Different encryption algorithm (WPA2 uses CCMP)
351
What ports are available for Cisco web servers?
1003, 1004, 1005
352
What does enable password and enable secret commands mean for a Cisco device?
enable password (clear-text), enable secret (MD5 or SHA)
353
What kind of authentication is used in authNoPriv for SNMPv3 in Cisco?
MD5 or SHA, no encryption
354
Which command is used to disable CDP from a CISCO device?
no cdp run
355
What does authPriv means in a Cisco device?
MD5 or SHA 1 authentication and DES encryption
356
In 64-bit WEP key, how many bits is the IV?
24
357
How can you distinguish a root domain controller from a child domain controller?
Root DC has the NETBIOS name entry of <1B> (Domain Master Browser)
358
What is the maximum which is defined by Microsoft for a new device to appear in the browse list of all other machines in the domain?
48 minutes, anywhere from 24 minutes on a well specified network
359
What does CIFS stand for?
Common Internet File System
360
What port does RPC operate on in Windows?
port 135
361
What does NBT stand for?
NetBIOS Name Table
362
What port does CIFS operate on?
port 445
363
What port does Kerberos version IV operate on?
UDP 750
364
What port does Kerberos change/set password - authentication mechanism operate on?
port 464
365
What does RDP stand for?
Remote Desktop Protocol
366
What does IFID stand for?
Interface ID
367
What does SID stand for?
Security Identifier
368
What is the command to perform a NULL session connection from Linux?
rpcclient -U ""%"" <>
369
What is the command to perform a NULL session connection from smbclient?
smbclient //<>/ipc$
370
What does LSA stand for?
Local Security Authority
371
What does SAM stand for?
LSA Security Account Manager
372
What does SCM stand for?
Service Control Manager
373
RID Values: Administrator?
500
374
RID Values: Guest user?
501
375
RID Values:Domain Admins Group?
512
376
RID Values:Domain User?
513
377
RID Values:Domain Guest?
514
378
What port does LDAP Global Catalogue server operate on?
port 3268
379
What port does LDAP Global Catalogue server over SSL operate on?
port 3269
380
What does FSMO stand for?
Flexible Single Master Operation
381
On a Windows OS how are domain cached credentials stored?
Salted Hash
382
What does DSE stand for?
Domain Specific Entry
383
Which Windows password technique does not use salt?
LM / NT
384
What does SMS stand for?
Systems Management Server
385
What does SCCM stand for?
System Centre Configuration Manager
386
What does SUS stand for?
Software Update Services
387
What does WSUS stand for?
Windows Server Update Services
388
What port does rwho operate on?
UDP 513
389
Which OS is vulnerable to this kind of user enumeration: finger '1 2 3 4 5 6 7 8 9 0'@host?
Solaris, Returns all users
390
What does this command means in Solaris: finger 0@host
Returns users with blank GCOS field in /etc/passwd
391
What kind of password hash uses $1 in UNIX password?
MD5
392
What kind of password hash uses $2 in UNIX password?
Blowfish
393
What kind of password hash uses $2a in UNIX password?
EKS Blowfish
394
What kind of password hash uses $3 in UNIX password?
NTLM, no salt
395
What kind of password hash uses $5 in UNIX password?
SHA-256
396
What kind of password hash uses $6 in UNIX password?
SHA-512
397
What does NIS stand for?
Network Information Service
398
How many clear-text characters is each LM hash?
14
399
Which command would you use to list NFS shares on the system 10.10.10.10?
showmount -e 10.10.10.10
400
Which of these is not a network service that can be used to obtaining usernames? a) rusers b) rwhoc) SMTP d) finger e) rpcinfo
e) RPCInfo
401
What does the following .rhosts file signify in bob's home directory?+ exchange
The user exchange can log in as bob from any server
402
What is the default password for the SYS account on Oracle 10?
CHANGE_ON_INSTALL
403
How many bits, bytes and octets are there in an IPv6 address? a) 128 bits, 16 bytes, 16 octets b) 32 bits, 4 bytes, 4 octets c) 64 bits, 8 bytes, 8 octets d) 32 bits, 8 bytes, 8 octets e) 64 bits, 4 bytes, 4 octets
a) 128 bits, 16 bytes, 16 octets
404
What does POP stand for?
Post Office Protocol
405
What port does videoconf (H.323) service operate on?
TCP 1720
406
Which file defines host level authorization in NFS?
/etc/exports
407
Which command is used to query NFS server?
showmount
408
What action does an HTTP GET request perform?
It retrieves a resource from the web server.
409
What action does an HTTP HEAD request perform?
It returns the same headers as a GET request but with no message body.
410
What action does an HTTP POST request perform?
It performs actions sent in both URL query strings and in the message body.
411
What action does an HTTP PUT request perform?
It attempts to upload the specified resource to the server, contained in the body of the request.
412
What action does an HTTP DELETE request perform?
It attempts to remove the specified resource, contained in the body of the request.
413
What action does an HTTP TRACE request perform?
It asks the server to return in the response body the exact contents of the request message it recieved. It is used to detect the effect of any proxy servers between the client and server.
414
What action does an HTTP OPTIONS request perform?
It asks the server to report the HTTP methods that are available for a particular resource.
415
What action does an HTTP CONNECT request perform?
It converts the request connection to a transparent TCP/IP tunnel, usually to facilitate HTTPS communication through an unencrypted HTTP proxy.
416
What action does an HTTP PATCH request perform?
It attempts to apply partial modifications to a resource, contained in the body of the request.
417
What is the HTTP status code for "OK"?
200
418
What is the HTTP status code for "Created"?
201
419
What is the HTTP status code for "Found"?
302
420
What is the HTTP status code for "Not Modified"?
304
421
What is the HTTP status code for "Bad Request"?
400
422
What is the HTTP status code for "Unauthorized"?
401
423
What is the HTTP status code for "Forbidden"?
403
424
What is the HTTP status code for "Not Found"?
404
425
What is the HTTP status code for "Method Not Allowed"?
405
426
What is the HTTP status code for "Request Entity Too Large"?
413
427
What is the HTTP status code for "Request URI Too Long"?
414
428
What is the HTTP status code for "Internal Server Error"?
500
429
What is the HTTP status code for "Service Unavailable"?
503
430
What is the reason for using root_squash in NFS?
Prevent root on the NFS client from taking a superuser privilege on the NFS server
431
What is the reason for using nosuid in NFS?
To disallow suids and guids to take effect on an NFS export mounted on the client
432
What is the reason for using noexec in NFS?
To disable execution of executable files
433
Which files list hosts and users that are trusted when a connection is made using R* services?
/etc/hosts.equiv, .rhosts
434
What port does XDMC display protocol operate on?
UDP 177
435
What port does Citrix operate on?
port 1494
436
What does ICA stand for?
Independent Computing Architecture
437
What does VNC stand for?
Virtual Network Computing
438
Where does the VNC password string is stored in registry?
\HKEY_CURRENT_USER\Software\ORL\WinVNC3\HKEY_USERS\.DEFAULT\Software\ORL\WinVNC3
439
How can nmap be used to query RPC services?
nmap -sS -sR <>
440
What does ISAPI stand for?
Internet Server Application Programming Interface
441
/_vti_inf.html. Which kind of web server is this?
Microsoft IIS. Contains Microsoft Frontpage extensions
442
What does SSP stand for?
Security Support Provider
443
What port does BGP operate on?
TCP 179
444
What does the Daytime service return?
Current date and current time in human readable form
445
What does WSDL stand for?
Web Services Description Language
446
IP Address: 192.168.1.29/24. How many hosts exist in total without the Network ID and the Broadcast Address?
254
447
IP Address: 10.25.253.2/23Which is the broadcast address?
10.25.253.255
448
IP Address: 10.145.25.1/9. Which is the Network ID?
10.128.0.0
449
The maximum size of IP header is:a) 40b) 64c) 48d) 60
d)
450
What does LSASS stand for?
Local Security Authority Subsystem Service
451
How many possible IP addresses are there in a class B?
65536
452
What informational message indicates web redirection? a) 1xx b) 2xx c) 3xx d) 4xx e) 5xx
c) 3xx
453
Which act protects Privacy?
Human Rights Act
454
IIS Banner: Microsoft-IIS/8.0. What is the OS?
Windows Server 2012, Windows 8
455
IIS Banner: Microsoft-IIS/7.5. What is the OS?
Windows Server 2008 R2, Windows 7
456
IIS Banner: Microsoft-IIS/7.0. What is the OS?
Windows Vista, Windows Server 2008
457
IIS Banner: Microsoft-IIS/6.0. What is the OS?
Windows Server 2003, Windows XP Professional x64
458
IIS Banner: Microsoft-IIS/5.0. What is the OS?
Windows 2000
459
IIS Banner: Microsoft-IIS/4.0. What is the OS?
Windows NT 4 Option Pack
460
IIS Banner: Microsoft-IIS/3.0. What is the OS?
Windows NT 4 SP2
461
IIS Banner: Microsoft-IIS/2.0. What is the OS?
Windows NT 4
462
Windows Versions: Windows 4.00?
Windows 95
463
Windows Versions: Windows NT 4.1?
Windows 98
464
Windows Versions: Windows NT 5.0?
Windows 2000
465
Windows Versions: Windows NT 5.1?
Windows XP, Windows 2003
466
Windows Versions: Windows NT 6.0?
Windows Vista, Windows 2008
467
Windows Versions: Windows NT 6.1?
Windows 7, Windows 2008 R2
468
Windows Versions: Windows NT 6.2?
Windows 8, Windows 2012
469
Windows Versions: Windows NT 6.3?
Windows 8.1, Windows 2012 R2
470
Which layer implements the application's interface in a 3-tier architecture?
Presentation Layer
471
Which layer implements the core application's logic in a 3-tier architecture?
Application Layer
472
What does XML stand for?
Extensible Markup Language
473
Which are the files used from Apache for authentication?
.htaccess, httpd.conf
474
Name the three different kinds of HTTP authentication
BasicNTLMDigest
475
What does the If-None-Match header means and who is able to send it?
The client sends it to specify and submit an entity tag that the server issued earlier
476
Which two headers does the server use to cache data?
Cache-Control, Pragma
477
What does the 201 response code mean?
It is a response to a PUT request indicating a successful request
478
What does the 301 response code mean?
Moved Permanently. Permanently redirects the browser to a different URL as specified to Location header
479
What does the 302 response code mean?
Found. Temporarily redirects the browser to a different URL as specified in the Location header
480
What does the 304 response code mean?
Not Modified. Instructs the browser to use its cached copy of the requested resource
481
What does the 403 response code mean?
Forbidden. No one is allowed to access the resource regardless authentication
482
What does the 401 response code mean?
Unauthorized. The server requires HTTP authentication
483
What does the 405 response code mean?
Method Not Allowed. The method used in the request is not supported for the specified URL
484
What does the 413 response code mean?
Request Entity Too Large
485
What does the 414 response code mean?
Request URI Too Long
486
The web server itself is functioning but the application accessed via the server is not responding. Which response code is likely to be returned?
503 Service Unavailable
487
What does 404 response code mean?
Not Found. Requested resouce does not exist
488
What does 500 response mean?
Internal Server Error. The server encountered a problem fullfilling the request
489
Which header enforces secure connections to the server?
HTTP Strict-Transport-Security
490
Which header prevents Clickjacking attacks?
X-Frame-Options
491
Which header reduces exposure to drive-by download attacks?
X-Content-Type-Options
492
How many possible IP addresses are there in a class C?
256
493
What kind of password uses no dollar sign in Unix password?
DES
494
What message is ICMP type 3 code 4?
Fragmentation required
495
What message is ICMP type 3 code 5?
Source route failed
496
What message is ICMP type 3 code 8?
Source host isolated
497
What operating system has a TTL of 128?
Windows 98, 2000, Server 2003, XP
498
What operating system has a TTL of 254?
Cisco IOS
499
What Linux kernel version has a TTL of 255?
2.2.14, 2.4
500
What does IMS stand for?
IP Multimedia Subsystem
