2.0

Question 1

What exploit can take place if the X-Frame-Options header is not present?

Answer 1

Clickjacking can be used against the web server’s users.

Question 2

What uses port 23?

Answer 2

Telnet (which is not considered insecure because it sends all of its data in cleartext)

Question 3

Why would a “Blind SQL injection” be difficult to confirm with an external vulnerability scan?

Answer 3

They cannot confirm that a Blind SQL Injection with (execution of code) has previously occurred.

Question 4

Which technique(s) can you use to find a older copies of webpage that may have been taking down?

Answer 4

A standard Cache search OR a website Archive.

Question 5

What does this command do: nc -v IP PORT?

Answer 5

This conducts a banner grab

Question 6

What uses port 25?

Answer 6

SMTP

Question 7

What is MOU?

Answer 7

Memorandum Of Understanding -a document that describes the broad outlines of an agreement

Question 8

What should be reviewed to determine other domains that can use the same digital certificate?

Answer 8

Subject Alternative Name (SAN) -is a field in a digital certificate that allows a host to be identified by multiple host names or domain names.

Question 9

Which of the following files would contain the Apache server’s logs (default naming convention)?

Answer 9

Logs are stored in access_log

***Full path would be /var/log/httpd/access_log

Question 10

What kind of tool is Scapy?

Answer 10

A tool used to conduct packet manipulation by crafting and sending malformed packets to a network target.

Question 11

What command could be used to list the active services from the Windows command prompt?

Answer 11

“sc query” -display information about running service

Question 12

In what ways can Percent encoding can be used?

Answer 12

Can be misused to obfuscate the nature of a URL and submit malicious input as a script or binary to perform directory traversal and other attacks.

Question 13

What is Certificate Pinning?

Answer 13

A method of trusting digital certificates that bypass the CA hierarchy and chain of trust

Question 14

What is Certificate Stapling?

Answer 14

Allows a web server to perform certificate status check and eliminates the need for additional connection at the time of the request

Question 15

Address (A) Record

Answer 15

Links a hostname to IPv4 address

Question 16

Service (SRV) Record

Answer 16

Used to provide host and port information on services (VoIP and IM)

Question 17

Mail Exchange (MX) Record

Answer 17

Directs emails messages to a mail server MX records for a particular domain.

Question 18

Nameserver (NS) Record

Answer 18

Indicates which DNS name server has the authority for a particular domain.

Question 19

Text (TXT) Record

Answer 19

Adds text into the DNS -used to provide information about a resource such as a server, network, or service in human-readable form. They often contain domain verification and domain authentications for third-party tools that can send information on behalf of a domain name.

Question 20

Start of Authority (SOA) Record

Answer 20

Stores important information about a domain or zone

Question 21

AAAA Record

Answer 21

Links a hostname to an IPv6 address

Question 22

Canonical Name (CNAME) Record

Answer 22

Points a domain to another domain or subdomain

Question 23

Pointer (PTR) Record

Answer 23

Correlates an IP address with a domain name

Question 24

What is the inanchor: modifier?

Answer 24

is used to search for any pages whose anchor text includes the specified term

Question 25

What is the link: modifier used for?

Answer 25

Used to search for pages that link to the website provided

Question 26

What is the inurl: modifier used for?

Answer 26

Used to search for any pages whose URLs include the term specified.

Question 27

What is the site: modifier used for?

Answer 27

Used to search only the specified website for results that contain the search term.