Module 8 Quiz Flashcards

1
Q

Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?

A

HFNetChk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The MSBA tool can quickly identify missing patches and misconfigurations. True or False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Early Windows OSs used which of the following programs loaded into memory to interact with a network resource or device?

A

NetBIOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is an open-source implementation of CIFS?

A

Samba

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What programming languages are vulnerable to buffer overflow attacks?

A

C and C++

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?

A

MBSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?

A

TCP/IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the current file system that Windows utilizes that has strong security features?

A

NTFS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following Window’s utilities includes a suite of tools to help administrators deploy and manage servers and even allows for administrators to control mobile devices running Android, iOS, and Windows Mobile OS?

A

SCCM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later?

A

Common Internet File System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is a Window’s client/server technology designed to manage patching and updating systems software from the network?

A

WSUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the most serious shortcoming of Microsoft’s original File Allocation Table (FAT) file system?

A

no ACL support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following?

A

backward compatibility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is a common Linux rootkit?

A

Linux Rootkit 5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?

A

RPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Windows 10, Windows 8, Windows Server 2016, and Windows Server 2012 have most services and features enabled by default. (True or False)

17
Q

Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?

A

Mandatory Access Control

18
Q

What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?

A

domain controllers

19
Q

What critical component of any OS, that can be can be vulnerable to attacks, is used to store and manage information?

A

file system

20
Q

Rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs. True or False

21
Q

Ubuntu and Debian Linux use what command to update and manage their RPM packages?

22
Q

For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?

23
Q

Which of the following protocols does NetBios use to access a network resource?

24
Q

Red Hat and Fedora Linux use what command to update and manage their RPM packages?

25
Which of the following is considered to be the most critical SQL vulnerability?
null SA password
26
Windows Software Update Services (WSUS) is designed to manage patching and updating system software from the network. True or False
True
27
Samba is a proprietary implementation of CIFS.
False
28
To determine whether a system could be vulnerable to an RPC-related issue, which of the following tools can be used?
MBSA
29
Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?
HFNetChk
30
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?
Share-level security
31
When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource?
User-level security
32
NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following?
backward compatibility
33
NetBIOS over TCP/IP is called which of the following in Windows Server 2003?
NetBT