Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Security+ labs > lab 34 > Flashcards

lab 34 Flashcards

1
Q

If you also wanted to add rules to iptables to drop outbound packets, which of the following lines could be added to the script?

iptables -A EGRESS -s $IP -j DROP
iptables -A OUTPUT-s $IP -j DROP
iptables -A FORWARD -s $IP -j DROP
iptables -A EXTERNAL -s $IP -j DROP

A

iptables -A OUTPUT-s $IP -j DROP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What hashing algorithm is being used by the script?

MD5
SHA-1
SHA256
SHA512

A

SHA256

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What “malicious” files were found and removed by the script based on the malware threat feed? (Select all that apply)

/usr/share/sqlninja/apps/nc.exe

/usr/share/windows-resources/binaries/nc.exe

/usr/share/seclists/Web-Shells/FuzzDB.nc.exe

/usr/share/windows-resources/binaries/klogger.exe

/usr/share/windows-resources/binaries/vncviewer.exe

A

/usr/share/windows-resources/binaries/nc.exe

/usr/share/windows-resources/binaries/klogger.exe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What command is used to add a firewall rule to block inbound communications from an IP address range referenced by $IP?

iptables -A INBOUND -s $IP -j DROP
iptables -A INPUT -s $IP -j DROP
iptables -A INGRESS -s $IP -j DROP
iptables -A eth0 -s $IP -j DROP

A

iptables -A INPUT -s $IP -j DROP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following commands would configure the system to automatically execute a script weekly at 4:15 AM?

echo “15 4 * * * /bin/bash /root/ip_block.sh” | crontab -

echo “15 4 * 1 * /bin/bash /root/ip_block.sh” | crontab -

echo “15 4 * * 1 /bin/bash /root/ip_block.sh” | crontab -

echo “15 4 1 * * /bin/bash /root/ip_block.sh” | crontab -

A

echo “15 4 * * 1 /bin/bash /root/ip_block.sh” | crontab -

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the command “chmod +x ip_block.sh” do?

sets the file to be executable for user, group, and other

sets the file to be executable for only the user

sets the file to be executable for only the group

sets the file to be executable for only other

A

sets the file to be executable for user, group, and other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Based on the malware removal script used in this lab, which of the following would result in a file being removed from the system?

only filename matches the value from the threat feed

only hash matches the value from the threat feed

filename and hash both matching the value from the threat feed

filename or hash matching the value from the threat feed

A

filename and hash both matching the value from the threat feed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What issue must be addressed when automatically adding IP block rules from a threat feed using iptables?

duplicate rules

only blocking known problematic IP addresses

defining allow rules for internal IP addresses

resolving FQDN to IP addresses

A

duplicate rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ labs (37 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions