Second 100 Flashcards
(90 cards)
In which part of OSI layer, ARP Poisoning occurs?
A.
Transport Layer
B.
Datalink Layer
C.
Physical Layer
D.
Application layer
B
What ICMP message types are used by the ping command?
A. Timestamp request (13) and timestamp reply (14)
B. Echo request (8) and Echo reply (0)
C. Echo request (0) and Echo reply (1)
D. Ping request (1) and Ping reply (2)
B
You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using
ADS streams. How will you accomplish this?
A.
copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt
B.
copy secret.txt c:\windows\system32\tcpip.dll:secret.txt
C.
copy secret.txt c:\windows\system32\tcpip.dll |secret.txt
D.
copy secret.txt >
B
Which of the following systems would not respond correctly to an nmap XMAS scan?
A.
Windows 2000 Server running IIS 5
B.
Any Solaris version running SAMBA Server
C.
Any version of IRIX
D.
RedHat Linux 8.0 running Apache Web Server
A
You just purchased the latest DELL computer, which comes pre-installed with Windows 7,
McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to
your cable modem and start using the computer immediately. Windows is dangerously insecure
when unpacked from the box, and there are a few things that you must do before you use it.
A.
New installation of Windows should be patched by installing the latest service packs and
hotfixes
B.
Key applications such as Adobe Acrobat,Macromedia Flash,Java,Winzip etc.,must have the
latest security patches installed
C.
Install a personal firewall and lock down unused ports from connecting to your computer
D.
Install the latest signatures for Antivirus software
E.
Configure “Windows Update” to automatic
F.
Create a non-admin user with a complex password and logon to this account
G.
You can start using your computer as vendors such as DELL,HP and IBM would have already
installed the latest service packs.
A,C,D,E,F
In the context of Trojans, what is the definition of a Wrapper?
A.
An encryption tool to protect the Trojan
B.
A tool used to bind the Trojan with a legitimate file
C.
A tool used to calculate bandwidth and CPU cycles wasted by the Trojan
D.
A tool used to encapsulate packets within a new header and footer
B
Wrapper does not change header or footer of any packets but it mix between legitimate file and
Trojan file.
Your computer is infected by E-mail tracking and spying Trojan. This Trojan infects the computer
with a single file – emos.sys
Which step would you perform to detect this type of Trojan?
A.
Scan for suspicious startup programs using msconfig
B.
Scan for suspicious network activities using Wireshark
C.
Scan for suspicious device drivers in c:\windows\system32\drivers
D.
Scan for suspicious open ports using netstat
C
When Nmap performs a ping sweep, which of the following sets of requests does it send to the
target device?
A.
ICMP ECHO_REQUEST & TCP SYN
B.
ICMP ECHO_REQUEST & TCP ACK
C.
ICMP ECHO_REPLY & TFP RST
D.
ICMP ECHO_REPLY & TCP FIN
B
Which type of hacker represents the highest risk to your network?
A.
black hat hackers
B.
grey hat hackers
C.
disgruntled employees
D.
script kiddies
C
________ is one of the programs used to wardial.
A.
DialIT
B.
Netstumbler
C.
TooPac
D.
Kismet
E.
ToneLoc
E
Shayla is an IT security consultant, specializing in social engineering and external penetration
tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense.
Shayla has been given authority to perform any and all tests necessary to audit the company’s
network security.
No employees for the company, other than the IT director, know about Shayla’s work she will be
doing. Shayla’s first step is to obtain a list of employees through company website contact pages.
Then she befriends a female employee of the company through an online chat website. After
meeting with the female employee numerous times, Shayla is able to gain her trust and they
become friends. One day, Shayla steals the employee’s access badge and uses it to gain
unauthorized access to the Treks Avionics offices.
What type of insider threat would Shayla be considered?
A.
She would be considered an Insider Affiliate
B.
Because she does not have any legal access herself,Shayla would be considered an Outside
Affiliate
C.
Shayla is an Insider Associate since she has befriended an actual employee
D.
Since Shayla obtained access with a legitimate company badge; she would be considered a
Pure Insider
A
What are the default passwords used by SNMP? (Choose two.)
A.
Password
B.
SA
C.
Private
D.
Administrator
E.
Public
F.
Blank
C,E
What port number is used by Kerberos protocol?
A.
88
B.
44
C.
487
D.
419
A
Which of the following ICMP message types are used for destinations unreachables?
A.
0
B.
3
C.
11
D.
13
E.
17
B
What does FIN in TCP flag define?
A.
Used to abort a TCP connection abruptly
B.
Used to close a TCP connection
C.
Used to acknowledge receipt of a previous packet or transmission
D.
Used to indicate the beginning of a TCP connection
B
What is the proper response for a FIN scan if the port is closed?
A.
SYN
B.
ACK
C.
FIN
D.
PSH
E.
RST
E
Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the
cookie even while the session is invalid on the server. Why do you think this is possible?
A.
It works because encryption is performed at the application layer (single encryption key)
B.
The scenario is invalid as a secure cookie cannot be replayed
C.
It works because encryption is performed at the network layer (layer 1 encryption)
D.
Any cookie can be replayed irrespective of the session status
A
What is the proper response for a X-MAS scan if the port is closed?
A.
SYN
B.
ACK
C.
FIN
D.
PSH
E.
RST
F.
No response
E
This attack technique is used when a Web application is vulnerable to an SQL Injection but the
results of the Injection are not visible to the attacker.
A.
Unique SQL Injection
B.
Blind SQL Injection
C.
Generic SQL Injection
D.
Double SQL Injection
B
What flags are set in a X-MAS scan?(Choose all that apply.
A.
SYN
B.
ACK
C.
FIN
D.
PSH
E.
RST
F.
URG
C,D,F
Which of the following is an automated vulnerability assessment tool?
A.
Whack a Mole
B.
Nmap
C.
Nessus
D.
Kismet
E.
Jill32
C
What file system vulnerability does the following command take advantage of?
type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe
A.
HFS
B.
Backdoor access
C.
XFS
D.
ADS
D
John is using a special tool on his Linux platform that has a signature database and is therefore
able to detect hundred of vulnerabilities in UNIX, Windows, and commonly-used web CGI scripts.
Additionally, the database detects DDoS zombies and Trojans. What would be the name of this
multifunctional tool?
A.
nmap
B.
hping
C.
nessus
D.
make
C
Nessus is the world’s most popular vulnerability scanner,estimated to be used by over 75,000
organizations world-wide. Nmap is mostly used for scanning,not for detecting vulnerabilities. Hping
is a free packet generator and analyzer for the TCP/IP protocol and make is used to automatically
build large applications on the *nix plattform.
You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct
assessments to protect the company’s network. During one of your periodic checks to see how
well policy is being observed by the employees, you discover an employee has attached cell
phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem
to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a
direct result of this activity. The employee explains that he used the modem because he had to
download software for a department project. How would you resolve this situation?
A.
Reconfigure the firewall
B.
Enforce the corporate security policy
C.
Install a network-based IDS
D.
Conduct a needs analysis
B