Questions Flashcards Preview

port Numbers > Questions > Flashcards

Flashcards in Questions Deck (78):
1

How can you tell a UDP port is closed on a target IP?

Returns ICMP_PORT_UNREACHABLE

2

What is a socket?

The combination of the IP address of the station and a port number

3

What is a packet (RFC 1594 definition)

Self contained independent entity of data
Carries sufficient information to be routed from the source to the destination computer without reliance on earlier exchanges between source/destination computer and the transporting network

4

What is a hash function

One way mathematical function
Can't calculate input from the result

5

What does !X mean in trace route output?

Communication administratively prohibited

6

What is a zone?

A point of delegation in the DNS tree. Contains all the names from a certain point downward except those which are delegated to other zones

7

How can you tell a TCP port is open on a target IP?

The target returns SYN/ACK

8

Ports 135 139 and 445 are open. What's the best guess at the OS

Windows 2000 or later (port 445 is 2k+)

9

What do some firewalls try to limit by enforcing rules on how long get and post requests can be

Buffer overflow attacks

10

What happens if you digitally sign and inject a footer on an email message in the wrong order

The footer will invalidate the signature

11

Does the sasser worm only attack hosts running the MSSQL server

No

MS04-011
Starts an FTP server
Generates a list of IP addresses to target based on the hosts IP addresses
Modifies the registry so it runs on system startup

12

What malware exploits XSS vulnerability and was developed to propagate over MySpace?

Samy

13

What RPC program number represents ttdbserverd

100083

14

What weak reversible cipher can be used by Cisco routers to encrypt passwords?

Type 7

15

What is RIPv1 authentication method

Does not support authentication of messages

Routing information protocol

Allowed via insecure plaintext password or an MD5 hash for version 2

16

Key size for DES

56

17

IPSec 4 main attribute classes

Encryption algorithm
Hash algorithm
Authentication method
Diffie-Hellman group

18

What is click jacking

An attacker tricks a user into performing actions on a website by hiding clickable elements in an invisible iframe

19

What command displays the group membership for the current user, type of account, SID and attributes?

Whoami /groups

20

Http status code 407

Proxy authentication required

21

WEP uses a integrity check value (ICV) what attack would an attack be trying to achieve submitting a packet without an ICV

It will allow the attacker to derive the key stream

22

SSH server version 1.99 supports which versions of SSH

Versions 1 and 2

23

What is 0x0100 in an sql server password?

Padding, the salt value is placed after this padding

24

RPORT 10,2,0,2,10,10

10.2.0.2 is the IP address of the client

10,10 must be converted to hex then to binary then to decimal to get the TCP port number

25

RealVNC 4.1.1 is vulnerable to what attack

Type 1 authentication can be specified to disable authentication

26

How many secret bits in a 128 bit WEP key

104

27

TCP ports 135 and 139 open on a server. What's the best guess at the OS

Windows NT 4 or later

28

ArcServe 5.11 is vulnerable to which attack

Stack based buffer overflow causing custom code to run in the processes current context

29

What ports must be open on a firewall to allow IKE VPN to function

UDP 500, protocol 50 & 51

30

What responds to an nap fin scan -sF with FIN/ACK

Solaris
AIX
HPUX
Linux

31

SNMP MIB 55 and 53 meaning

53 copies from router to the server (to the device)
55 from the server to the router (from the device)

32

Correct sequence to send SMTP mail

Help
Mail from
Rcpt to
Subject
Data

33

Where does record route (ping -r) store the list of hops

In the IP header

34

What device has a TTL of 255

Cisco

35

TTL of 64

Linux kernel 2.4 and 2.6
Googles customised Linux
Free BSD

36

TTL of 128

Windows XP
Windows 7, vista and server 08

37

TCP window size 65535

Free BSD
Windows XP

38

TCP window size 5840

Linux kernel 2.4 and 2.6

39

TCP window size 5720

Googles customised Linux

40

TCP window size 8192

Windows 7, vista and server 08

41

TCP window size 4128

Cisco

42

Mtu max transmission unit for a PPoE point to point over Ethernet network device

1492

43

What is used for authentication in a Microsoft active directory domain

RADIUS

44

What is the purpose of LDAP

A central point for user management

45

What is a method of managing the flow of network traffic by allowing or denying traffic based on ports protocols and addresses

Firewall rules

46

What is the best choice to prevent intrusions on a individual computer

Host based firewall

47

An organisation has a web security gateway installed. What function is this performing

Content filtering

48

What can you do to ensure the WPA signal doesn't reach outside the building it is installed in

Decrease the power level

49

What protocol did WEP implement incorrectly allowing it to be cracked

RC4

50

What authentication method can provide centralised authentication for a wireless network

RADIUS

51

What can you use to prevent company employees connecting their personal devices to the wireless network

MAC filtering

52

If you want to segment wireless users from each other on a hotspot what should you use

Isolation mode

53

What type of attack starts on a virtual system but can affect the physical host

VM escape

54

What is the difference between a worm and a virus

A worm is self replicating a virus is not

55

What type of malware is installed with USB drives

Trojans

56

A process running on a system has system level access to the OS kernel. It has modified system files. What best describes this behaviour

Root kit

57

Where would a security specialist look for a hooked process

RAM

58

What will protect against a SYN attack

Flood guard

59

An IDS detected a NOP sled. What does this indicate

Buffer overflow
A NOP sled makes the target address bigger so the code can jump anywhere in the sled not only at the beginning of the injected code. (No-OPeration)

60

What provides fault tolerance through disk mirroring

RAID 1
Or disk mirroring is the technique of writing the same data to more than one disk drive

61

What can remove a server as a single point of failure

Clustering
Allows computers to work together as a computer cluster to provide failover and increased availability of applications (also parallel calculating power)

62

Which encryption algorithm uses prime numbers to generate keys

RSA algorithm

63

What is CRL

Certificate revocation list
List of certificates that have been revoked/ compromised and should therefore no longer be trusted

64

How many bits in an IPv6 address

128

65

IPv6 loop back address

Ff00:0000:0000:0000:0000

66

Which algorithm is used to store cached windows domain credentials

MS-CACHE

67

What is the purpose of port 111

Portmapper
To allow the lookup of RPC services that bind to dynamic ports

68

What key size is recommended as minimum for a new ssl certificate

2048 bits

69

If nap shows a port as open/filtered what does this mean

UDP port
Has been filtered or is listening but not responding

70

Which part of an IP header contains the source and destination IP addresses

The next 8 bytes/ two rows of the header

After the first 12 bytes/ top 3 rows of the header

71

What does an ICMP smurf/packet magnification attack result in

A dos condition due to an attacker sending forged ICMP packets to vulnerable networks multicast addresses resulting in all systems on those networks sending ICMP Echo replies to the broadcast address

72

Ping of death is what

ICMP Echo request larger than the maximum IP packet size is sent. This results in a fragmented message that the target system is unable to reassemble causing the OS to crash

73

Http code 307

Address changed temporarily

74

What vulnerability allows an attack to take control of an IIS we server from the Internet through a firewall

Microsoft server message block vulnerability

75

Http code 413

Request entity too large

76

What layer of the osi model is IPv4 considered to be at

Layer 3 network

77

What osi later are TCP and udp considered to be at

Layer 4, transport

78

What is an any cast address

A group of addresses where packets are delivered to only one member within the any cast group