All Appendix 4 Flashcards

1
Q

HTTP / HTTPS OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

FTP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SMTP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

POP3 OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DNS OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DHCP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SNMP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Telnet OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SSH OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

NTP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TFTP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SIP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RDP OSI Layer

A

Application Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SSL OSI Layer

A

Presentation Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

TLS OSI Layer

A

Transport Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

NetBIOS OSI Layer

A

Session Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

RPC OSI Layer

A

Session Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

TCP OSI Layer

A

Transport Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

UDP OSI Layer

A

Transport Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

IP OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ICMP OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IPSec OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

RIP OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

OSPF OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

ARP OSI Layer

A

Network Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Ethernet OSI Layer

A

Data Link Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

MAC OSI Layer

A

Data Link Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

WiFI OSI Layer

A

Physical Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

USB OSI Layer

A

Physical Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Bluetooth OSI Layer

A

Physical Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What does SMS stand for

A

Systems Management Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What does SCCM stand for

A

System Centre Configuration Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What does SMS do

A

SMS is a system management software product by Microsoft for managing large groups of Windows-based computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What does SMS provide

A

Remote control, patch management, OS deployment, hardware/software inventory

35
Q

What does SUS stand for

A

Software Update Services

36
Q

What does SUS do

A

SUS is a tool for centralising the update of Windows systems in a network, the SUS server downloads updates for specified versions of Windows then client can download updates from the internal SUS server, superseded by WSUS

37
Q

What does WSUS stand for

A

Windows Server Update Services

38
Q

What does WSUS do

A

WSUS builds on SUS, by allowing automatic download of hotfixes, updates, service packs, device drivers and feature packs to clients from a local central server

39
Q

What does MBSA stand for

A

Microsoft Baseline Security Analyser

40
Q

What does MBSA do

A

A software tool by Microsoft to assess missing security updates and less-secure security settings

41
Q

How many IP’s in a Class A network

A

16,777,214

42
Q

How many IP’s in a Class B network

A

16536

43
Q

How many IP’s in a Class C network

A

254

44
Q

How to identify through subnet mask a Class A network

A

255.0.0.0

45
Q

How to identify through subnet mask a Class B network

A

255.255.0.0

46
Q

How to identify through subnet mask a Class C network

A

255.255.255.0

47
Q

What is CAT5/Fibre

A

It is a twisted pair high signal integrity cable commonly used in networks, it is more secure and less susceptible to obtaining traffic from emitted signals

48
Q

What is Wireless (802.11)

A

IEEE 802.11 is a set of standards carrying out wireless local area network communications

49
Q

What is a VLAN

A

A VLAN is a group of hosts with a comon set of requirements that communicate as if they were attached to the same broadcast domain

50
Q

What is the most common VLAN number

A

VLAN 1

51
Q

What is VLAN Hopping

A

Allowing to break out of a VLAN

52
Q

What does PGP use for message authentication

A

RSA or DSA

53
Q

What is the X xxx for digital certificates

A

X. 509

54
Q

What is the WEP key length

A

40 bit key

55
Q

What is the bit length of an IV

A

24 bit

56
Q

What does IV stand for (WEP)

A

Initialisation Vector

57
Q

What is the purpose of an IV

A

To prevent and repetition, however a 24-bit IV is not long enough to ensure this on a busy network

58
Q

What does GCOS stand for

A

General Comprehensive Operating System

59
Q

What does the GCOS store and where

A

User information in the /etc/passwd file such as full name, phone number, etc.

60
Q

What is a simple understanding of Cipher Blocks

A

A letter you want to send securely, it is broken up into equal chunks and those chunks are then encrypted and sent

61
Q

What does CFB stand for

A

Cipher Feedback Mode

62
Q

What does CBC stand for

A

Cipher Block Chaining

63
Q

What does CFB do

A

Each plaintext block is XORed with the previous cipher text block before encryption

64
Q

Where is the IV used

A

In the CBC cipher block

65
Q

How is the IV used

A

In the CBC cipher block it is used for the first block to ensure any identical plaintext blocks don’t produce the same output

66
Q

What is CBC vulnerable to

A

If the IV is reused or predictable it can compromise encryption, susceptible to padding Oracle attacks

67
Q

What does ECB stand for

A

Electronic Codebook Mode

68
Q

Vulnerability in ECB

A

Uses the same key for all blocks, same text will be the same output

69
Q

What is an FTP Bounce attack

A

An attacker uses and FTP server to open a communication to 3rd party systems bypassing security controls, can be used to port scan or obscure attack sources

70
Q

What is a TEARDROP attack

A

Involves sending fragmented packets to a target machine, when the target tries to reassemble the packets it crashes due to overlapping fragments, DoSing the machine

71
Q

What is a SMURF attack

A

Type of DDOS where an attacker sends ICMP ping requests to a network’s broadcast address, spoofing the source IP as the victim’s IP, the entire network resposne to the victim causign a DDOS

72
Q

Why does a SMURF attack work

A

It works as the network broadcast address is designed to send the request to all devices in the network which will all reply to the victim

73
Q

What is the length characteristics of a MAC Address

A

6 blocks separated by hypen/colon with 2 char in each block = 12 char

74
Q

How to identify a multicast MAC address

A

01 in the first octet

75
Q

Mnemonic for 512

A

5ubstitute 12 for exec

76
Q

Mnemonic for 513

A

5secure floor 13 for login, who and users

77
Q

Mnemonic for 514

A

5secure floor 14 for shell

78
Q

What are the four important laws to remember

A

Computer Misuse Act 1990, Human Rights Act 1998, Data Protection Act 1998, Police and Justice Act 2006

79
Q

What did the Computer Misuse Act 1990 do

A

It covers intended unauthorised access to computer material including data on a system, unauthorised modification of computer systems and impairing of operation of computers

80
Q

What is required under the Computer Misuse Act 1990

A

Signed permission to access systems otherwise it is a breach of the Computer Misuse Act, all parties must be aware and give permission for testing

81
Q

What did the Human Rights Act 1998 do

A

Employees have a right to privacy while in their place of work, which may be breached during pen tests, client contract should advice users that testers may gain access to private information, client should inform their employees about the testing.

82
Q

What is the Data Protection Act 1998

A

Client and testers must protect customer data, testers must delete data when no longer required (i.e: after final report has been issued)

83
Q

What is the Police and Justice Act 2006

A

Has amendments to the Computer Misuse Act, now includes; the intent of making a system insecure to allow unauthorised access, higher punishment for breaches and also making, suppling or obtaining articles for computer misuse such as viruses, worms, etc

84
Q

What level of risk does penetration testing bring to a client

A

IT can slow the network response time, systems can be damaged, increased IDS and security audit logs.