CIS 102 – College Essay

question
A major difference between a hacker and an ethical hacker is the:
answer
Code of ethics to which each subscribes.
question
Breaking the trust the client has placed in the ethical hacker can lead to the:
answer
Questioning of other details, such as the results of the test
question
During the planning phase of a penetration test, the aim should be to:
answer
Determine why a penetration test and its associated tasks are necessary.
question
Planning, discovery, attack, and reporting are considered:
answer
Ethical hacking steps.
question
What type of penetration testing is most often used when an organization wants to closely simulate how an attacker views a system?
answer
Black-box testing
question
Which of the following is NOT considered one of the three types of controls you can use in risk mitigation?
answer
Distribution
question
Which of the following refers to a piece of software, a tool, or a technique that targets or takes advantage of a vulnerability?
answer
Exploit
question
Which of the following refers to the structured and methodical means of investigating, uncovering, attacking, and reporting on a target system's strengths and vulnerabilities?
answer
Penetration testing
question
Which of the following tests includes anything that targets equipment or facilities and can also include actions against people, such as social engineering-related threats?
answer
Physical attack
question
Which of the following tests is designed to simulate an attack against technology from either the inside or the outside depending on the goals and intentions of the client?
answer
Technical attack
question
A hierarchical system of servers and services specifically designed to translate IP addresses into domain names (forward lookups) as well as the reverse (reverse lookups) is called:
answer
Domain Name Service (DNS).
question
Blocking everything and allowing only what is needed is known as:
answer
the deny-all principle.
question
Repeaters, hubs, bridges, and switches are part of:
answer
Physical or Network Access Layer equipment
question
The act of a third party covertly monitoring Internet and telephone conversations is called:
answer
wiretapping.
question
Which of the following is a connectionless protocol that offers speed and low overhead as its primary advantage?
answer
User Datagram Protocol
question
Which of the following is a largely obsolete protocol that was originally designed for use in connections established by modems?
answer
Serial Line Interface Protocol
question
Which of the following is method of separating a network into segments for better management and performance?
answer
Subnet mask
question
Which of the following offers the greatest level of security for wireless networks?
answer
Wi-Fi Protected Access 2 (WPA2)
question
Which of the following regulates the flow of traffic between different networks?
answer
A firewall
question
Which routing protocol calculates the best path to a target network by one or more metrics such as delay, speed, or bandwidth?
answer
Link state
question
A hash algorithm can be compromised with a collision, which occurs when two separate and different messages or inputs pass through the hashing process and generate:
answer
the same value.
question
Cryptography provides an invaluable service to security by providing all of the following except:
answer
the ability to hack into systems and remain undetected.
question
In using symmetric encryption to encrypt a given piece of information, there are two different mechanisms an algorithm can use, either:
answer
a stream cipher or a block cipher.
question
The main function or capability of certificate authorities (CAs) is to:
answer
generate key pairs and bind a user's identity to the public key.
question
To create a digital signature, two steps take place that result in the actual signature that is sent with data. In the first step, the message or information to be sent is passed through a hashing algorithm that creates a hash to:
answer
private key as the key in the encryption process.
question
What type of encryption uses the same key to encrypt and to decrypt information?
answer
Symmetric encryption
question
Which of the following is used to bring trust, integrity, and security to electronic transactions?
answer
Public key infrastructure
question
Which of the following terms refers to functions employed in asymmetric encryption that are easy to compute in one direction, but tough to compute in the other?
answer
Trapdoor functions
question
Which of the following terms refers to the ability to verify that information has not been altered and has remained in the form originally intended by the creator?
answer
Integrity
question
Which password attack method tries every possible sequence of keys until the correct one is found?
answer
Brute-force password attack
question
Automated methods for obtaining network range information:
answer
are faster than manual methods.
question
Countermeasures an organization can take to thwart footprinting of the organization's Web site include all of the following except:
answer
adding unnecessary information to the Web site to throw attackers off the trail.
question
Countermeasures that an organization can take regarding protecting domain information include:
answer
employing a commonly available proxy service to block the access of sensitive domain data.
question
Google hacking can be thwarted to a high degree by:
answer
sanitizing information that is available publicly whenever possible.
question
The manual method of obtaining network range information requires the attacker to visit at least one or more of the Regional Internet Registries (RIRs), which are responsible for:
answer
management, distribution, and registration of public IP addresses within their respective assigned regions.
question
Which of the following is NOT one of the Internet sources that hackers use to gather information about a company or its employees?
answer
Internet protocol resources
question
Which of the following is specifically designed to passively gain information about a target?
answer
Footprinting
question
Which of the following refers to a software program used to determine the path a data packet traverses to get to a specific IP address?
answer
Traceroute
question
Which of the following refers to is the protocol designed to query databases to look up and identify the registrant of a domain name?
answer
Whois
question
Which step(s) in the information-gathering process does footprinting cover?
answer
Gathering information and determining the network range
question
An attacker using friendliness, trust, impersonation, and empathy, to get a victim to do what they want him or her to do is participating in:
answer
persuasion/coercion.
question
An attacker who sets up such a realistic persona that the victim volunteers information is participating in:
answer
reverse social engineering.
question
Attackers observing victims as they enter codes at a bank cash machine or a gas pump are participating in:
answer
shoulder surfing.
question
Which of the following gives Facebook users flexibility as to who is allowed to see which portions of a profile?
answer
Limited Profile Settings
question
Common scams used in social media include all of the following EXCEPT:
answer
reaching out to users to raise money for a legitimate charity.
question
Which of the following is NOT considered a common mistake that people make when using social media?
answer
Posting so little personal information that others do not want to "follow" or "friend" them
question
Which of the following is NOT considered a sensible guideline to follow when using social networking sites?
answer
Posting so little personal information that others do not want to "follow" or "friend" them
question
Which of the following is true regarding account passwords?
answer
Passwords should have at least one number and one special character.
question
Which of the following statements is NOT true regarding over-sharing of company activities?
answer
a. Over-sharing of company activities typically is conducted by disgruntled employees who are intentionally trying to harm their company.
question
Which of the following statements is NOT true regarding social engineering?
answer
Social engineering has different goals and objectives than other types of hacking.
question
Which of the following is NOT a network mapping tool?
answer
Conquistador
question
A technique that has existed for more than 25 years as a footprinting tool and involves the use of modems is called:
answer
Wardialing
question
The practice of identifying the operating system of a networked device through either passive or active techniques is called:
answer
OS identification.
question
Which of the following excels at allowing the security professional to find services that have been redirected from standard ports?
answer
THC-Amap
question
Which of the following is a form of OS fingerprinting that involves actively requesting information from the target system?
answer
Active fingerprinting
question
Which of the following is a method of identifying the OS of a targeted computer or device in which no traffic or packets are injected into the network and attackers simply listen to and analyze existing traffic?
answer
Passive fingerprinting
question
Which of the following is a Windows-based port scanner designed to scan TCP and UDP ports, perform ping scans, run Whois queries, and use Traceroute?
answer
Banner
question
Which of the following is the process of locating wireless access points and gaining information about the configuration of each?
answer
Wardriving
question
Which of the following reveals telling information such as version and service data that will help an attacker?
answer
Banner
question
Which of the following techniques is not used to locate network access points, but to reveal the presence of access points to others?
answer
Warchalking
question
A form of offline attack that functions much like a dictionary attack, but with an extra level of sophistication, is a:
answer
hybrid attack.
question
An attacker can deprive the system owner of the ability to detect the activities that have been carried out by:
answer
disabling auditing.
question
Cain and Abel, John the Ripper, Pandora, and Pwdump3 are examples of:
answer
password crackers
question
Precomputed hashes are used in an attack type known as a:
answer
rainbow table.
question
Shoulder surfing, keyboard sniffing, and social engineering are considered:
answer
nontechnical attacks
question
The database on the local Windows system that is used to store user account information is called:
answer
the Security Account Manager (SAM)
question
The unique ID that is assigned to each user account in Windows that identifies the account or group is called a(n):
answer
security identifier (SID)
question
Which of the following are considered passive online attacks?
answer
Packet sniffing, or man-in-the-middle and replay attacks
question
Which of the following is NOT true regarding the use of a packet sniffer?
answer
Packet sniffing involves the attacker capturing traffic from both ends of the communication between two hosts.
question
Which of the following refers to a utility designed to detect Simple Network Management Protocol (SNMP)-enabled devices on a network and locate and identify devices that are vulnerable to SNMP attacks?
answer
SNScan
question
Common database vulnerabilities include all of the following EXCEPT:
answer
strong audit log settings.
question
Common forms of distributed denial of service (DDoS) attacks include all of the following EXCEPT:
answer
Buffer overflows
question
Exploitative behaviors against Web applications include all of the following EXCEPT:
answer
man-in-the-middle attacks.
question
NGSSquirreL and AppDetective are:
answer
pieces of software for performing audits on databases.
question
Offloading services from the local intranet to the Internet itself can be done by the use of:
answer
cloud computing.
question
Security issues that can arise in cloud computing that are above and beyond those with standard environments include all of the following EXCEPT:
answer
detectability.
question
SQLPing and SQLRecon are:
answer
tools for locating rogue or unknown database installations.
question
The categories of Web application vulnerabilities include all of the following EXCEPT:
answer
end-user education.
question
Typical categories of databases include all of the following EXCEPT:
answer
applied database.
question
Web applications that require a user to log on prior to gaining access can track information relating to improper or incorrect logons; this information typically lists entries such as all of the following EXCEPT:
answer
entry of a valid user ID and password.
question
What type of attack relies on a variation of the input validation attack but has the goal of going after a user instead of the application or data.
answer
Cross-site scripting (XSS)
question
Which category of risk inherent with Web servers includes risks such as the ability to steal information from a server, run scripts or executables remotely, enumerate servers, and carry out denial of service (DoS) attacks?
answer
Defects and misconfiguration risks
question
Which class of individuals is primarily concerned with the security of the Web server because it can provide an easy means of getting into the local network?
answer
Server administrator
question
Which class of individuals works the most with the server and is primarily concerned with access to content and services?
answer
Server administrator
question
Which of the following is a hierarchical, structured format for storing information for later retrieval, modification, management, and other purposes?
answer
Database
question
Which of the following is NOT considered a vulnerability of Web servers?
answer
Poor end-user training
question
Which of the following refers to a language used to interact with databases, making it possible to access, manipulate, and change data?
answer
Structured Query Language (SQL)
question
Which of the following refers to encryption using short keys or keys that are poorly designed and implemented that can allow an attacker to decrypt data easily and gain unauthorized access to the information?
answer
Weak ciphers or encoding algorithms
question
Which of the following statements is NOT true regarding Structured Query Language (SQL) injections?
answer
They are specific to only one vendor's database and cannot force the application to reveal restricted information.
question
Which of the following statements is NOT true regarding the protection of databases?
answer
Very few tools are available to locate, audit, and ultimately protect databases.
question
A process where communications are redirected to different ports than they would normally be destined for is called:
answer
port redirection.
question
A section of the hard drive record responsible for assisting in locating the operating system to boot the computer is called the:
answer
master boot records (MBRs).
question
A software development kit specifically designed to facilitate the design and development of Trojans is called a:
answer
Trojan construction kit.
question
The part of a hard drive or removable media that is used to boot programs is called the:
answer
boot sector.
question
Which of the following is a malware program designed to replicate without attaching to or infecting other files on a host system?
answer
Worm
question
Which of the following is a next-generation Trojan tool that was designed to accept customized, specially designed plug-ins?
answer
Back Orifice (BO2K)
question
Which of the following is a remote access Trojan authored entirely in Delphi that uses TCP port 26097 by default?
answer
Let Me Rule
question
Which of the following is a U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?
answer
Trusted Computer System Evaluation Criteria (TCSEC)
question
Which of the following is malware that looks legitimate but hides a payload that does something unwanted?
answer
Trojan
question
Which of the following is NOT a type of malware?
answer
Gameware
question
Which of the following is NOT one of the key goals of a backdoor?
answer
To obtain a Trojan construction kit
question
Which of the following laws was originally passed to address federal computer-related offenses and the cracking of computer systems?
answer
The Computer Fraud and Abuse Act of 1986
question
Which of the following statements is NOT true about dictionary-based virus detection?
answer
This method can detect both viruses that it knows about and those it does not know about.
question
Which of the following terms refers to any software that is inherently hostile, intrusive, or annoying in its operation?
answer
Malware
question
Which of the following types of malware is a piece of code or software that spreads from system to system by attaching itself to other files and is activated when the file is accessed?
answer
Macro virus
question
Which of the following types of viruses infects and operates through the use of a programming language built into applications such as Microsoft Office in the form of Visual Basic for Applications (VBA)?
answer
Macro virus
question
Which of the following types of viruses infects using multiple attack vectors, including the boot sector and executable files on the hard drive?
answer
Logic bomb
question
Which of the following types of viruses is a piece of code or software designed to lie in wait on a system until a specified event occurs?
answer
Logic bomb
question
Which of the following types of viruses is designed to change their code and "shape" to avoid detection by virus scanners, which would look for a specific virus code and not the new version?
answer
Polymorphic virus
question
Which one of the following is NOT a goal of Trojans?
answer
Replicating
question
A group of infected systems that are used to collectively attack another system is called a:
answer
botnet
question
All of the following are commonly used tools to perform session hijacking EXCEPT:
answer
Smurf.
question
Botnets are used to perform all of the following attacks EXCEPT:
answer
passive session hijacking.
question
Countermeasures that can be used to defeat sniffing include all of the following EXCEPT:
answer
Media Access Control (MAC) flooding.
question
Media Access Control (MAC) flooding and Address Resolution Protocol (ARP) poisoning are:
answer
methods of bypassing a switch to perform sniffing.
question
What type of sniffing takes place on networks such as those that have a hub as the connectivity device?
answer
Passive sniffing
question
Which of the following is NOT one of the steps an attacker must perform to conduct a successful session hijacking?
answer
Inject packets into the network prior to the authentication process.
question
Which of the following statements is NOT true regarding Address Resolution Protocol (ARP) poisoning?
answer
It cannot be used to alter data in transmission or tap Voice over IP (VoIP) phone calls.
question
Which of the following statements is NOT true regarding passive session hijacking?
answer
In passive session hijacking, the attacker assumes the role of the party he has displaced.
question
With a hub connectivity device in place, all traffic can be seen by all other stations, which can be also referred to as all stations being on the same:
answer
collision domain
question
A piece of media that contains a complete and bootable operating system is called a(n):
answer
Live CD.
question
One of the bigger benefits of a Live CD is that a user can boot a computer off a Live CD:
answer
without making any alterations to the existing operating system on the computer.
question
Which of the following are used to specify filenames or other targets that fine-tune the action of the command in Linux?
answer
Arguments
question
Which of the following is NOT a common use of live distributions?
answer
Increasing RAM
question
Which of the following is NOT one of the more common distributions of Linux?
answer
Timbuktu
question
Which of the following Linux commands is used to copy files from location to location?
answer
cp
question
Which of the following Linux commands is used to display the current location of the user within the Linux directory structure?
answer
pwd
question
Which of the following Linux commands is used to remove or delete empty directories from the Linux filesystem?
answer
rmdir
question
Which of the following statements is NOT true about Kali Linux?
answer
It is designed to be used as a desktop replacement operating system.
question
Which of the following will happen after using a Live CD, ejecting the media, and rebooting the system from the hard drive?
answer
v
question
A setup created by wireless networking technologies that are designed to extend or replace wired networks is called:
answer
wireless local area network (WLAN).
question
The 802.11n standard uses a new method of transmitting signals, which can transmit multiple signals across multiple antennas. This new method of transmitting signals is called:
answer
multiple input and multiple output (MIMO).
question
The Institute of Electrical and Electronics Engineers (IEEE) 802.11 family of standards, which range from 802.11a to 802.11n are known collectively in standard jargon as:
answer
Wi-Fi.
question
Which of the following is a capability implemented through Bluetooth technology, designed to reach a maximum range on average of 10 meters or 30 feet?
answer
Personal area network (PAN)
question
Which of the following is NOT a countermeasure to threats against wireless LANs?
answer
Promiscuous clients
question
Which of the following is used to make calls or send text messages from the targeted device?
answer
Bluebugging
question
Which of the following is used to uniquely identify a network, thereby ensuring that clients can locate the correct wireless local area network (WLAN) that they should be attaching to?
answer
Service set identifier (SSID)
question
Which of the following technologies emerged for the first time in 1998 and was designed to be a short-range networking technology that could connect different devices together?
answer
Bluetooth
question
Which of the following was NOT a benefit of the 802.11a over 802.11b?
answer
Lower cost of equipment
question
Which one of the following is the strongest authentication technology for protecting wireless networks?
answer
Wi-Fi Protected Access version 2 (WPA2)
question
A device that prevents entry into designated areas by motor vehicle traffic is called a:
answer
bollard.
question
A measurement of the percentage of individuals who have gained access but should not have been granted such is called:
answer
false acceptance rate (FAR).
question
A mechanical or electronic device designed to secure, hold, or close items operated by a key, combination, or keycard is a:
answer
lock.
question
When considering closed circuit TV as a security measure, the focal length must be considered. What is focal length?
answer
The camera's effectiveness in viewing objects from a horizontal and vertical view
question
Which of the following allows the placing of telephone calls over computer networks and the Internet?
answer
Voice over IP (VoIP)
question
Which of the following is a disadvantage of alarms?
answer
False alarms tied to the police may result in fines.
question
Which of the following is a type of smash-and-grab burglary in which a heavy vehicle is driven through the windows or doors of a closed shop, usually one selling electronics or jewelry, to quickly rob it?
answer
Ram-raiding
question
Which of the following lock types are smart and programmable?
answer
Cipher
question
Which of the following types of lighting is randomly turned on to create an impression of activity?
answer
Standby
question
Which type of token does NOT require that the card be inserted or slid through a reader?
answer
Contactless
question
Information or physical remnants collected from a crime scene and used to determine the extent of a crime and potentially prove a case in court is called:
answer
fault tolerance.
question
The capacity of a system to keep functioning in the face of hardware or software failure is called:
answer
fault tolerance.
question
The phase of incident response that involves determining which evidence is relevant to the investigation and which is not is called:
answer
analysis and tracking.
question
The process of tracking and carefully processing evidence from collection to trial to the return to its owner is called:
answer
creating a paper trail.
question
Which of the following defines how the organization will maintain what is accepted as normal day-to-day business in the event of a security incident or other events disruptive to the business?
answer
Business continuity plan
question
Which of the following documents states how personnel and assets will be safeguarded in the event of a disaster?
answer
Debriefing and feedback
question
Which of the following is NOT a commonly accepted rule of evidence?
answer
Rumored
question
Which of the following phases has the goal of determining what was done right, what was done wrong, and how to improve?
answer
Debriefing and feedback
question
Which of the following tests of a disaster recovery plan involves practicing backup and restore operations, incident response, communication and coordination of efforts, and alternative site usage in such a way that normal business operations are not adversely affected?
answer
Simulation
question
Which of the following types of evidence is received as the result of testimony or interview of an individual regarding something he or she directly experienced?
answer
Direct
question
A group of computers or a network configured to attract attackers is called a(n):
answer
honeynet.
question
Any activity that should not be but is occurring on an information system is called:
answer
an intrusion.
question
The primary components of a host-based intrusion detection system (HIDS) are:
answer
the command console and the monitoring agent software.
question
The principle that individuals will be given only the level of access that is appropriate for their specific job role or function is called:
answer
least privilege.
question
Which of the following controls fit in the area of policy and procedure?
answer
Administrative
question
Which of the following is a firewall best able to control?
answer
Traffic
question
Which of the following is commonly known as misuse detection because it attempts to detect activities that may be indicative of misuse or intrusions?
answer
Signature recognition
question
Which of the following options for firewall implementation has a region of the network or zone that is sandwiched between two firewalls?
answer
Demilitarized zone (DMZ)
question
Which of the following provides the ability to monitor a network, host, or application, and report back when suspicious activity is detected?
answer
Intrusion detection system (IDS)
question
Which of the following statements is NOT true about firewall policy?
answer
A policy is not necessary if the firewall is configured in the way the administrator wants.
1 of

Unlock all answers in this set

Unlock answers
question
A major difference between a hacker and an ethical hacker is the:
answer
Code of ethics to which each subscribes.
question
Breaking the trust the client has placed in the ethical hacker can lead to the:
answer
Questioning of other details, such as the results of the test
question
During the planning phase of a penetration test, the aim should be to:
answer
Determine why a penetration test and its associated tasks are necessary.
question
Planning, discovery, attack, and reporting are considered:
answer
Ethical hacking steps.
question
What type of penetration testing is most often used when an organization wants to closely simulate how an attacker views a system?
answer
Black-box testing
question
Which of the following is NOT considered one of the three types of controls you can use in risk mitigation?
answer
Distribution
question
Which of the following refers to a piece of software, a tool, or a technique that targets or takes advantage of a vulnerability?
answer
Exploit
question
Which of the following refers to the structured and methodical means of investigating, uncovering, attacking, and reporting on a target system's strengths and vulnerabilities?
answer
Penetration testing
question
Which of the following tests includes anything that targets equipment or facilities and can also include actions against people, such as social engineering-related threats?
answer
Physical attack
question
Which of the following tests is designed to simulate an attack against technology from either the inside or the outside depending on the goals and intentions of the client?
answer
Technical attack
question
A hierarchical system of servers and services specifically designed to translate IP addresses into domain names (forward lookups) as well as the reverse (reverse lookups) is called:
answer
Domain Name Service (DNS).
question
Blocking everything and allowing only what is needed is known as:
answer
the deny-all principle.
question
Repeaters, hubs, bridges, and switches are part of:
answer
Physical or Network Access Layer equipment
question
The act of a third party covertly monitoring Internet and telephone conversations is called:
answer
wiretapping.
question
Which of the following is a connectionless protocol that offers speed and low overhead as its primary advantage?
answer
User Datagram Protocol
question
Which of the following is a largely obsolete protocol that was originally designed for use in connections established by modems?
answer
Serial Line Interface Protocol
question
Which of the following is method of separating a network into segments for better management and performance?
answer
Subnet mask
question
Which of the following offers the greatest level of security for wireless networks?
answer
Wi-Fi Protected Access 2 (WPA2)
question
Which of the following regulates the flow of traffic between different networks?
answer
A firewall
question
Which routing protocol calculates the best path to a target network by one or more metrics such as delay, speed, or bandwidth?
answer
Link state
question
A hash algorithm can be compromised with a collision, which occurs when two separate and different messages or inputs pass through the hashing process and generate:
answer
the same value.
question
Cryptography provides an invaluable service to security by providing all of the following except:
answer
the ability to hack into systems and remain undetected.
question
In using symmetric encryption to encrypt a given piece of information, there are two different mechanisms an algorithm can use, either:
answer
a stream cipher or a block cipher.
question
The main function or capability of certificate authorities (CAs) is to:
answer
generate key pairs and bind a user's identity to the public key.
question
To create a digital signature, two steps take place that result in the actual signature that is sent with data. In the first step, the message or information to be sent is passed through a hashing algorithm that creates a hash to:
answer
private key as the key in the encryption process.
question
What type of encryption uses the same key to encrypt and to decrypt information?
answer
Symmetric encryption
question
Which of the following is used to bring trust, integrity, and security to electronic transactions?
answer
Public key infrastructure
question
Which of the following terms refers to functions employed in asymmetric encryption that are easy to compute in one direction, but tough to compute in the other?
answer
Trapdoor functions
question
Which of the following terms refers to the ability to verify that information has not been altered and has remained in the form originally intended by the creator?
answer
Integrity
question
Which password attack method tries every possible sequence of keys until the correct one is found?
answer
Brute-force password attack
question
Automated methods for obtaining network range information:
answer
are faster than manual methods.
question
Countermeasures an organization can take to thwart footprinting of the organization's Web site include all of the following except:
answer
adding unnecessary information to the Web site to throw attackers off the trail.
question
Countermeasures that an organization can take regarding protecting domain information include:
answer
employing a commonly available proxy service to block the access of sensitive domain data.
question
Google hacking can be thwarted to a high degree by:
answer
sanitizing information that is available publicly whenever possible.
question
The manual method of obtaining network range information requires the attacker to visit at least one or more of the Regional Internet Registries (RIRs), which are responsible for:
answer
management, distribution, and registration of public IP addresses within their respective assigned regions.
question
Which of the following is NOT one of the Internet sources that hackers use to gather information about a company or its employees?
answer
Internet protocol resources
question
Which of the following is specifically designed to passively gain information about a target?
answer
Footprinting
question
Which of the following refers to a software program used to determine the path a data packet traverses to get to a specific IP address?
answer
Traceroute
question
Which of the following refers to is the protocol designed to query databases to look up and identify the registrant of a domain name?
answer
Whois
question
Which step(s) in the information-gathering process does footprinting cover?
answer
Gathering information and determining the network range
question
An attacker using friendliness, trust, impersonation, and empathy, to get a victim to do what they want him or her to do is participating in:
answer
persuasion/coercion.
question
An attacker who sets up such a realistic persona that the victim volunteers information is participating in:
answer
reverse social engineering.
question
Attackers observing victims as they enter codes at a bank cash machine or a gas pump are participating in:
answer
shoulder surfing.
question
Which of the following gives Facebook users flexibility as to who is allowed to see which portions of a profile?
answer
Limited Profile Settings
question
Common scams used in social media include all of the following EXCEPT:
answer
reaching out to users to raise money for a legitimate charity.
question
Which of the following is NOT considered a common mistake that people make when using social media?
answer
Posting so little personal information that others do not want to "follow" or "friend" them
question
Which of the following is NOT considered a sensible guideline to follow when using social networking sites?
answer
Posting so little personal information that others do not want to "follow" or "friend" them
question
Which of the following is true regarding account passwords?
answer
Passwords should have at least one number and one special character.
question
Which of the following statements is NOT true regarding over-sharing of company activities?
answer
a. Over-sharing of company activities typically is conducted by disgruntled employees who are intentionally trying to harm their company.
question
Which of the following statements is NOT true regarding social engineering?
answer
Social engineering has different goals and objectives than other types of hacking.
question
Which of the following is NOT a network mapping tool?
answer
Conquistador
question
A technique that has existed for more than 25 years as a footprinting tool and involves the use of modems is called:
answer
Wardialing
question
The practice of identifying the operating system of a networked device through either passive or active techniques is called:
answer
OS identification.
question
Which of the following excels at allowing the security professional to find services that have been redirected from standard ports?
answer
THC-Amap
question
Which of the following is a form of OS fingerprinting that involves actively requesting information from the target system?
answer
Active fingerprinting
question
Which of the following is a method of identifying the OS of a targeted computer or device in which no traffic or packets are injected into the network and attackers simply listen to and analyze existing traffic?
answer
Passive fingerprinting
question
Which of the following is a Windows-based port scanner designed to scan TCP and UDP ports, perform ping scans, run Whois queries, and use Traceroute?
answer
Banner
question
Which of the following is the process of locating wireless access points and gaining information about the configuration of each?
answer
Wardriving
question
Which of the following reveals telling information such as version and service data that will help an attacker?
answer
Banner
question
Which of the following techniques is not used to locate network access points, but to reveal the presence of access points to others?
answer
Warchalking
question
A form of offline attack that functions much like a dictionary attack, but with an extra level of sophistication, is a:
answer
hybrid attack.
question
An attacker can deprive the system owner of the ability to detect the activities that have been carried out by:
answer
disabling auditing.
question
Cain and Abel, John the Ripper, Pandora, and Pwdump3 are examples of:
answer
password crackers
question
Precomputed hashes are used in an attack type known as a:
answer
rainbow table.
question
Shoulder surfing, keyboard sniffing, and social engineering are considered:
answer
nontechnical attacks
question
The database on the local Windows system that is used to store user account information is called:
answer
the Security Account Manager (SAM)
question
The unique ID that is assigned to each user account in Windows that identifies the account or group is called a(n):
answer
security identifier (SID)
question
Which of the following are considered passive online attacks?
answer
Packet sniffing, or man-in-the-middle and replay attacks
question
Which of the following is NOT true regarding the use of a packet sniffer?
answer
Packet sniffing involves the attacker capturing traffic from both ends of the communication between two hosts.
question
Which of the following refers to a utility designed to detect Simple Network Management Protocol (SNMP)-enabled devices on a network and locate and identify devices that are vulnerable to SNMP attacks?
answer
SNScan
question
Common database vulnerabilities include all of the following EXCEPT:
answer
strong audit log settings.
question
Common forms of distributed denial of service (DDoS) attacks include all of the following EXCEPT:
answer
Buffer overflows
question
Exploitative behaviors against Web applications include all of the following EXCEPT:
answer
man-in-the-middle attacks.
question
NGSSquirreL and AppDetective are:
answer
pieces of software for performing audits on databases.
question
Offloading services from the local intranet to the Internet itself can be done by the use of:
answer
cloud computing.
question
Security issues that can arise in cloud computing that are above and beyond those with standard environments include all of the following EXCEPT:
answer
detectability.
question
SQLPing and SQLRecon are:
answer
tools for locating rogue or unknown database installations.
question
The categories of Web application vulnerabilities include all of the following EXCEPT:
answer
end-user education.
question
Typical categories of databases include all of the following EXCEPT:
answer
applied database.
question
Web applications that require a user to log on prior to gaining access can track information relating to improper or incorrect logons; this information typically lists entries such as all of the following EXCEPT:
answer
entry of a valid user ID and password.
question
What type of attack relies on a variation of the input validation attack but has the goal of going after a user instead of the application or data.
answer
Cross-site scripting (XSS)
question
Which category of risk inherent with Web servers includes risks such as the ability to steal information from a server, run scripts or executables remotely, enumerate servers, and carry out denial of service (DoS) attacks?
answer
Defects and misconfiguration risks
question
Which class of individuals is primarily concerned with the security of the Web server because it can provide an easy means of getting into the local network?
answer
Server administrator
question
Which class of individuals works the most with the server and is primarily concerned with access to content and services?
answer
Server administrator
question
Which of the following is a hierarchical, structured format for storing information for later retrieval, modification, management, and other purposes?
answer
Database
question
Which of the following is NOT considered a vulnerability of Web servers?
answer
Poor end-user training
question
Which of the following refers to a language used to interact with databases, making it possible to access, manipulate, and change data?
answer
Structured Query Language (SQL)
question
Which of the following refers to encryption using short keys or keys that are poorly designed and implemented that can allow an attacker to decrypt data easily and gain unauthorized access to the information?
answer
Weak ciphers or encoding algorithms
question
Which of the following statements is NOT true regarding Structured Query Language (SQL) injections?
answer
They are specific to only one vendor's database and cannot force the application to reveal restricted information.
question
Which of the following statements is NOT true regarding the protection of databases?
answer
Very few tools are available to locate, audit, and ultimately protect databases.
question
A process where communications are redirected to different ports than they would normally be destined for is called:
answer
port redirection.
question
A section of the hard drive record responsible for assisting in locating the operating system to boot the computer is called the:
answer
master boot records (MBRs).
question
A software development kit specifically designed to facilitate the design and development of Trojans is called a:
answer
Trojan construction kit.
question
The part of a hard drive or removable media that is used to boot programs is called the:
answer
boot sector.
question
Which of the following is a malware program designed to replicate without attaching to or infecting other files on a host system?
answer
Worm
question
Which of the following is a next-generation Trojan tool that was designed to accept customized, specially designed plug-ins?
answer
Back Orifice (BO2K)
question
Which of the following is a remote access Trojan authored entirely in Delphi that uses TCP port 26097 by default?
answer
Let Me Rule
question
Which of the following is a U.S. Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?
answer
Trusted Computer System Evaluation Criteria (TCSEC)
question
Which of the following is malware that looks legitimate but hides a payload that does something unwanted?
answer
Trojan
question
Which of the following is NOT a type of malware?
answer
Gameware
question
Which of the following is NOT one of the key goals of a backdoor?
answer
To obtain a Trojan construction kit
question
Which of the following laws was originally passed to address federal computer-related offenses and the cracking of computer systems?
answer
The Computer Fraud and Abuse Act of 1986
question
Which of the following statements is NOT true about dictionary-based virus detection?
answer
This method can detect both viruses that it knows about and those it does not know about.
question
Which of the following terms refers to any software that is inherently hostile, intrusive, or annoying in its operation?
answer
Malware
question
Which of the following types of malware is a piece of code or software that spreads from system to system by attaching itself to other files and is activated when the file is accessed?
answer
Macro virus
question
Which of the following types of viruses infects and operates through the use of a programming language built into applications such as Microsoft Office in the form of Visual Basic for Applications (VBA)?
answer
Macro virus
question
Which of the following types of viruses infects using multiple attack vectors, including the boot sector and executable files on the hard drive?
answer
Logic bomb
question
Which of the following types of viruses is a piece of code or software designed to lie in wait on a system until a specified event occurs?
answer
Logic bomb
question
Which of the following types of viruses is designed to change their code and "shape" to avoid detection by virus scanners, which would look for a specific virus code and not the new version?
answer
Polymorphic virus
question
Which one of the following is NOT a goal of Trojans?
answer
Replicating
question
A group of infected systems that are used to collectively attack another system is called a:
answer
botnet
question
All of the following are commonly used tools to perform session hijacking EXCEPT:
answer
Smurf.
question
Botnets are used to perform all of the following attacks EXCEPT:
answer
passive session hijacking.
question
Countermeasures that can be used to defeat sniffing include all of the following EXCEPT:
answer
Media Access Control (MAC) flooding.
question
Media Access Control (MAC) flooding and Address Resolution Protocol (ARP) poisoning are:
answer
methods of bypassing a switch to perform sniffing.
question
What type of sniffing takes place on networks such as those that have a hub as the connectivity device?
answer
Passive sniffing
question
Which of the following is NOT one of the steps an attacker must perform to conduct a successful session hijacking?
answer
Inject packets into the network prior to the authentication process.
question
Which of the following statements is NOT true regarding Address Resolution Protocol (ARP) poisoning?
answer
It cannot be used to alter data in transmission or tap Voice over IP (VoIP) phone calls.
question
Which of the following statements is NOT true regarding passive session hijacking?
answer
In passive session hijacking, the attacker assumes the role of the party he has displaced.
question
With a hub connectivity device in place, all traffic can be seen by all other stations, which can be also referred to as all stations being on the same:
answer
collision domain
question
A piece of media that contains a complete and bootable operating system is called a(n):
answer
Live CD.
question
One of the bigger benefits of a Live CD is that a user can boot a computer off a Live CD:
answer
without making any alterations to the existing operating system on the computer.
question
Which of the following are used to specify filenames or other targets that fine-tune the action of the command in Linux?
answer
Arguments
question
Which of the following is NOT a common use of live distributions?
answer
Increasing RAM
question
Which of the following is NOT one of the more common distributions of Linux?
answer
Timbuktu
question
Which of the following Linux commands is used to copy files from location to location?
answer
cp
question
Which of the following Linux commands is used to display the current location of the user within the Linux directory structure?
answer
pwd
question
Which of the following Linux commands is used to remove or delete empty directories from the Linux filesystem?
answer
rmdir
question
Which of the following statements is NOT true about Kali Linux?
answer
It is designed to be used as a desktop replacement operating system.
question
Which of the following will happen after using a Live CD, ejecting the media, and rebooting the system from the hard drive?
answer
v
question
A setup created by wireless networking technologies that are designed to extend or replace wired networks is called:
answer
wireless local area network (WLAN).
question
The 802.11n standard uses a new method of transmitting signals, which can transmit multiple signals across multiple antennas. This new method of transmitting signals is called:
answer
multiple input and multiple output (MIMO).
question
The Institute of Electrical and Electronics Engineers (IEEE) 802.11 family of standards, which range from 802.11a to 802.11n are known collectively in standard jargon as:
answer
Wi-Fi.
question
Which of the following is a capability implemented through Bluetooth technology, designed to reach a maximum range on average of 10 meters or 30 feet?
answer
Personal area network (PAN)
question
Which of the following is NOT a countermeasure to threats against wireless LANs?
answer
Promiscuous clients
question
Which of the following is used to make calls or send text messages from the targeted device?
answer
Bluebugging
question
Which of the following is used to uniquely identify a network, thereby ensuring that clients can locate the correct wireless local area network (WLAN) that they should be attaching to?
answer
Service set identifier (SSID)
question
Which of the following technologies emerged for the first time in 1998 and was designed to be a short-range networking technology that could connect different devices together?
answer
Bluetooth
question
Which of the following was NOT a benefit of the 802.11a over 802.11b?
answer
Lower cost of equipment
question
Which one of the following is the strongest authentication technology for protecting wireless networks?
answer
Wi-Fi Protected Access version 2 (WPA2)
question
A device that prevents entry into designated areas by motor vehicle traffic is called a:
answer
bollard.
question
A measurement of the percentage of individuals who have gained access but should not have been granted such is called:
answer
false acceptance rate (FAR).
question
A mechanical or electronic device designed to secure, hold, or close items operated by a key, combination, or keycard is a:
answer
lock.
question
When considering closed circuit TV as a security measure, the focal length must be considered. What is focal length?
answer
The camera's effectiveness in viewing objects from a horizontal and vertical view
question
Which of the following allows the placing of telephone calls over computer networks and the Internet?
answer
Voice over IP (VoIP)
question
Which of the following is a disadvantage of alarms?
answer
False alarms tied to the police may result in fines.
question
Which of the following is a type of smash-and-grab burglary in which a heavy vehicle is driven through the windows or doors of a closed shop, usually one selling electronics or jewelry, to quickly rob it?
answer
Ram-raiding
question
Which of the following lock types are smart and programmable?
answer
Cipher
question
Which of the following types of lighting is randomly turned on to create an impression of activity?
answer
Standby
question
Which type of token does NOT require that the card be inserted or slid through a reader?
answer
Contactless
question
Information or physical remnants collected from a crime scene and used to determine the extent of a crime and potentially prove a case in court is called:
answer
fault tolerance.
question
The capacity of a system to keep functioning in the face of hardware or software failure is called:
answer
fault tolerance.
question
The phase of incident response that involves determining which evidence is relevant to the investigation and which is not is called:
answer
analysis and tracking.
question
The process of tracking and carefully processing evidence from collection to trial to the return to its owner is called:
answer
creating a paper trail.
question
Which of the following defines how the organization will maintain what is accepted as normal day-to-day business in the event of a security incident or other events disruptive to the business?
answer
Business continuity plan
question
Which of the following documents states how personnel and assets will be safeguarded in the event of a disaster?
answer
Debriefing and feedback
question
Which of the following is NOT a commonly accepted rule of evidence?
answer
Rumored
question
Which of the following phases has the goal of determining what was done right, what was done wrong, and how to improve?
answer
Debriefing and feedback
question
Which of the following tests of a disaster recovery plan involves practicing backup and restore operations, incident response, communication and coordination of efforts, and alternative site usage in such a way that normal business operations are not adversely affected?
answer
Simulation
question
Which of the following types of evidence is received as the result of testimony or interview of an individual regarding something he or she directly experienced?
answer
Direct
question
A group of computers or a network configured to attract attackers is called a(n):
answer
honeynet.
question
Any activity that should not be but is occurring on an information system is called:
answer
an intrusion.
question
The primary components of a host-based intrusion detection system (HIDS) are:
answer
the command console and the monitoring agent software.
question
The principle that individuals will be given only the level of access that is appropriate for their specific job role or function is called:
answer
least privilege.
question
Which of the following controls fit in the area of policy and procedure?
answer
Administrative
question
Which of the following is a firewall best able to control?
answer
Traffic
question
Which of the following is commonly known as misuse detection because it attempts to detect activities that may be indicative of misuse or intrusions?
answer
Signature recognition
question
Which of the following options for firewall implementation has a region of the network or zone that is sandwiched between two firewalls?
answer
Demilitarized zone (DMZ)
question
Which of the following provides the ability to monitor a network, host, or application, and report back when suspicious activity is detected?
answer
Intrusion detection system (IDS)
question
Which of the following statements is NOT true about firewall policy?
answer
A policy is not necessary if the firewall is configured in the way the administrator wants.
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New