Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

JCAC Mod 14 > 14.2 test review > Flashcards

14.2 test review Flashcards

1
Q

win xp exploit

uses port 135

A

Meterpreter command:
expoit/windows/dcerpc/ms03_026_dcom
allows exec of staged payload on xp with system payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

win 2k3 exploit

uses port 445

A

Meterpreter command:
exploit/windows/smb/ms08_067_netapi
does not create logs, creates a buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

win 2k8 exploit

uses port 445

A

Meterpreter command:

exploit/windows/smb/ms09_050_smb2_negotiate_func_index

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

meterpreter piv esc commands

5 of them

A

getsystem: Elevate privileges to system
getprivs: get privs from current process owner
steal_token: impersonates priv of running proces
drop_token: releases impersonated priviliges
migrate: Injects meterpreter session into another proc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

windows scheduled jobs commands

2 of them

A

at: lists commands and jobs scheduled

schtasks :lists jobs scheduled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

windows network services commands

5 of them

A

netstat -ano: displays all connections, ports, and pid
net use: displays remote shares & connection
net start: lists services
arp -a: prints arp table
route: manipulates routing table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

windows system and hardware info commands

4 of them

A

systeminfo: displays config and processor info
driverquery: lists device drivers and properties
ver: displays windows version
set: displays windows environment variables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

windows user and group command

2 of them

A

net user: displays local user accounts

net localgroup: displays local groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

windows software registry keys

4 of them

A

reg query hklm\software
reg query hklm\software\microsoft\windows nt\currentversion\winlogon
reg query hklm\software\microsoft\windows\currentversion\run
reg query hklm\software\microsoft\windows\currentversion\runonce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

windows powershell commands

4 of them

A

get-process: lists running processes
get-WmiObject -class win32_useraccount
get-WmiObject -class win32_group
get-ChildItem HKLM:\software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

host based security products

3 of them

A

McAfee
Symantec
Kaspersky

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Processes associated with McAfee

5 of them

A 
McScript.exe
UpdaterUI.exe/UdateUI.exe
FrameworkService.exe
CmdAgent.exe
McShield.exe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

McAfee directory structure

A

c:\program files\McAfee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

McAfee listening ports

A 
Port 6646 (McAfee Network Agent)
Port 8081 (open if sending logs to ePO server)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Symantec processes

6 of them

A 
Semsvc.exe 
ccSvcHst.exe
ccApp.exe
SMC.exe
SMCgui.exe
Rtvscan.exe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Kaspersky processes

just one

A

avp.exe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Symantec directory structure

A

c:\program files\Symantec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Symantec registry key

A

HKLM\SOFTWARE\Symantec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Kaspersky registry key

A

HKLM\SOFTWARE\Kasperskylab

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Kaspersky directory structure

A

C:\program files\kaspersky lab

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Kaspersky ports

A

port 1110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

windows logging policy commands

just one

A

auditpol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

meterpreter log cleaning command

2 of them

A

run event_manager

clearev

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

meterpreter timestamp manipulation

just one

A

syntax: timestomp file_to_modify -f file_to_match

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

manual execution in meterpreter

2 of them

A

execute -c -f

channel -r

26
Q

meterpreter collection commands

3 of them

A

search -d ‘path_to_search’ -f search_term
cat (path_to_file)
download (path_to_file)

27
Q

cisco ios router exploit

A

http://(target_ip)/level/16/exec/sh conf

show conf file for cisco routers using ios 11.3 through 12.2

28
Q

cisco router recon

4 commands

A

sh users
sh ver
sh process cpu
sh arp

29
Q

Remote logging tools

2 of them

A

Splunk

ELSA

30
Q

Net View Error codes

2 of them

A

System Error 5, Access is Denied

System Error 53, Network Path Not Found

31
Q

nbtstat function and options

3 options

A

nbtstat: Displays Hostname, MAC, Domain, and user info for remote hosts
Options: -a Lists remote host’s hostname
-A lists remote host’s IP Address
-n Lists local NetBIOS names

32
Q

nbtstat entry types

5 of them

A 
Hostname: 00, 03, 20 UNIQUE
Domain\Workbook: 00 GROUP
Username: 03 UNIQUE
Server Service: 20 UNIQUE
Domain Controllers: 1c GROUP
33
Q

arp cache poisoning tool

A

Brian aka Brian.c

34
Q

Brian 2 modes of operation

A

List

Preach

35
Q

Three phases of Brian Preach mode

A

Identify Congregation
Start Preaching
Relay Packets

36
Q

Cisco SNMP strings

2 of them

A

public - default string, read only

private - default string, read/write priv

37
Q

What is SNMPWalk and how does it work

A

SNMPWalk sends GETNEXT requests to get a tree of information. this is displayed through Abstract Syntax Notation numbers to describe a Management Information Base.

38
Q

Which digit in an ASN is important/displays the group?

A

The 7th digit, .iso counts as the first digit

39
Q

What is ASN 1?

A

System

40
Q

what is ASN 2?

A

Interfaces

41
Q

What is ASN 3?

A

AT (Address Translation)

42
Q

What is ASN 4?

A

IP (IP Packet Statistics)

43
Q

What is ASN 5?

A

ICMP (ICMP Messages recieved)

44
Q

What is ASN 6?

A

TCP

45
Q

What is ASN 7?

A

UDP

46
Q

What is ASN 8?

A

EGP (Exterior Gateway Protocol)

47
Q

What is ASN 10?

A

Transmission (reserves for media specific MIB’s)

48
Q

What is ASN 11?

A

SNMP

49
Q

What port does SNMP/SNMPWalk use?

A

port 161

50
Q

What versions of cisco IOS are vulnerable to hhtp exploit?

A

IOS 11.3-12.2

51
Q

Router Recon Commands

5 of them

A 
sh users
sh ver 
sh conf 
sh arp 
sh process cpu
52
Q

Intrusion Detection System (IDS) Evasion Attacks

5 of them

A 
Fragmentation
Established
Pattern Change
Out-of-Order Sequencing
Obfuscation
53
Q

Intrusion Detection System (IDS) Insertion Attacks

4 OF THEM

A

Bad Tcp Checksum
Desynchronizing TCP sessions
False Positive
Invalid RST

54
Q

Basic SQL command

5 of them

A 
SELECT
INSERT
UPDATE
DELETE
UNION
55
Q

What OS goes with Each SQL Database type?
MySQL
MSSQL
Oracle Net Listener

A

1,) Linux
2,)Windows
3,)UNIX

56
Q

2 SQL injection methods

A

In-Band

Blind

57
Q

In-Band SQL Injection Modes

2 of them

A

Union

Error-Based

58
Q

Blind SQL injection Mode

1 of them

A

Boolean-Based

59
Q

What is an iFrame?

A

HTML tag enbedded in other html docs

60
Q

What is Cross site scripting (XSS)

A

Malicious code embedded into a web application

61
Q

What are the 2 kinds of Cross Site Scripting (XSS)?

A

Reflected XSS

Stored XSS

JCAC Mod 14 (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions