CEH Notes 03 Flashcards by Naser aljufairah

Quiz: Which of the following is a type of Trojan that allows a hacker to remotely control a victim’s computer?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

Answer: B. RAT

How well did you know this?

Not at all

Perfectly

Quiz: Which of the following is a type of Trojan that takes over a machine and allows it to be remote-controlled as part of a botnet?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

Answer: C. Botnet Trojan

How well did you know this?

Not at all

Perfectly

Quiz: Which of the following is a type of malware that attaches to other programs and files and requires a host application to replicate?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

Answer: D. Virus

How well did you know this?

Not at all

Perfectly

Quiz: Which of the following self-replicates by attaching to another program, boot sector of the HDD, or document?
A. Wrapper/Binder Program
B. RAT
C. Botnet Trojan
D. Virus

Answer: D. Virus

How well did you know this?

Not at all

Perfectly

Quiz: Which type of virus inserts itself into the “white-space” of programs to avoid detection?
A. Multipartite virus
B. Macro virus
C. Encryption virus
D. Cavity virus

Answer: D. Cavity virus

How well did you know this?

Not at all

Perfectly

Quiz: Which type of virus actively alters and corrupts service call interrupts to disguise itself from the OS and from signature-based detection?
A. Boot Sector Virus
B. Stealth/Tunneling virus
C. Polymorphic/Metamorphic virus
D. Macro virus

Answer: B. Stealth/Tunneling virus

How well did you know this?

Not at all

Perfectly

Quiz: Which type of virus uses two or more methods to spread, such as infecting both files and the boot sector?
A. Multipartite virus
B. Encryption virus
C. Cavity virus
D. Polymorphic/Metamorphic virus

Answer: A. Multipartite virus

How well did you know this?

Not at all

Perfectly

Quiz: Which type of virus attaches to Microsoft Office documents and other programs in the form of macros?
A. Multipartite virus
B. Macro virus
C. Boot Sector Virus
D. Encryption virus

Answer: B. Macro virus

How well did you know this?

Not at all

Perfectly

Quiz: Which type of virus can change its own code and cipher itself many times as it replicates, using a different key for encryption for each infected file?
A. Boot Sector Virus
B. Encryption virus
C. Cavity virus
D. Polymorphic/Metamorphic virus

Answer: B. Encryption virus

How well did you know this?

Not at all

Perfectly

Quiz: What is a worm?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

Answer: C. Automated malware that can spread through your network by taking advantage of network vulnerabilities

How well did you know this?

Not at all

Perfectly

Quiz: What is Ransomware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

Answer: A. Malware that encrypts your files and holds them for ransom

How well did you know this?

Not at all

Perfectly

Quiz: What is Scareware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

Answer: B. Malware that scares the victim into installing software or performing some action

How well did you know this?

Not at all

Perfectly

Quiz: What is File-less malware?
A. Malware that encrypts your files and holds them for ransom
B. Malware that scares the victim into installing software or performing some action
C. Automated malware that can spread through your network by taking advantage of network vulnerabilities
D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

Answer: D. An attack technique that uses existing, built-in OS tools and utilities to launch attacks

How well did you know this?

Not at all

Perfectly

Quiz: What is VirusTotal?
A. A cloud-based malware detection service
B. A behavior-based malware detection technique
C. A signature-based malware detection technique
D. An on-premises malware detection service

Answer: A. A cloud-based malware detection service

How well did you know this?

Not at all

Perfectly

Quiz: What is a Signature-based malware detection technique?
A. A malware detection technique that sends the files to be scanned up to a cloud-based scanning service
B. A malware detection technique that analyzes the behavior of a program to determine if it is malicious
C. A malware detection technique that looks for known patterns of code or data within a file to identify it as malicious
D. A malware detection technique that relies on the user to report suspicious files or activities

Answer: C. A malware detection technique that looks for known patterns of code or data within a file to identify it as malicious

How well did you know this?

Not at all

Perfectly

Quiz: What is Packet sniffing?
A. A technique to capture and analyze network traffic
B. A way to hide network traffic from attackers
C. A way to filter network traffic based on its source or destination
D. A way to block network traffic from specific IP addresses

Answer: A. A technique to capture and analyze network traffic

How well did you know this?

Not at all

Perfectly

Quiz: What is the difference between active and passive sniffing?
A. Passive sniffing requires you to actively do something to get copies of other people’s packets, while active sniffing does not require any action.
B. Active sniffing requires you to actively do something to get copies of other people’s packets, while passive sniffing does not require any action.
C. Passive sniffing is only possible on switches, while active sniffing is only possible on hubs.
D. Active sniffing is more reliable than passive sniffing.

Answer: B. Active sniffing requires you to actively do something to get copies of other people’s packets, while passive sniffing does not require any action.

How well did you know this?

Not at all

Perfectly

Quiz: What is Promiscuous mode?
A. A mode that blocks network traffic from specific IP addresses
B. A mode that filters network traffic based on its source or destination
C. A mode that ignores other people’s traffic unless you put your NIC into it
D. A mode that hides your network traffic from attackers

Answer: C. A mode that ignores other people’s traffic unless you put your NIC into it

How well did you know this?

Not at all

Perfectly

Quiz 1: What is the difference between a hub and a switch when it comes to sniffing traffic?
A. A hub requires active sniffing, while a switch requires passive sniffing.
B. A switch requires active sniffing, while a hub requires passive sniffing.
C. Both a hub and a switch require active sniffing to capture traffic.
D. Both a hub and a switch require passive sniffing to capture traffic.

Answer: B. A switch requires active sniffing, while a hub requires passive sniffing.

How well did you know this?

Not at all

Perfectly

Quiz 2: What is a SPAN/Mirrored port?
A. A device that is used to connect multiple hubs together in a network.
B. A port on a switch that is used to monitor all network traffic.
C. A tool that is used to detect and prevent MAC flooding attacks.
D. A method for spoofing your IP address to appear like another device.

Answer: B. A port on a switch that is used to monitor all network traffic.

How well did you know this?

Not at all

Perfectly

Quiz 3: What is MAC flooding?
A. A method for spoofing your IP address to appear like another device.
B. A tool that is used to detect and prevent ARP poisoning attacks.
C. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.
D. A method for monitoring all network traffic using a mirrored port.

Answer: C. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.

How well did you know this?

Not at all

Perfectly

Quiz 4: What is ARP poisoning?
A. A technique for filling up a switch’s CAM (MAC address) table with fake MAC addresses.
B. A tool that is used to detect and prevent MAC flooding attacks.
C. A method for spoofing your IP address to appear like another device.
D. A method for monitoring all network traffic using a mirrored port.

Answer: C. A method for spoofing your IP address to appear like another device.

How well did you know this?

Not at all

Perfectly

Quiz 1: What is the Rogue router attack?
A. A technique for configuring the “priority” value on a switch to become the “Root Bridge”
B. A technique for forging many DHCP requests to use up all the valid IP’s
C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

Answer: C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

How well did you know this?

Not at all

Perfectly

Quiz 2: What is the DHCP Starvation attack?
A. A technique for configuring the “priority” value on a switch to become the “Root Bridge”
B. A technique for forging many DHCP requests to use up all the valid IP’s
C. A technique for placing a rogue router on the network and convincing other routers to send traffic through

Answer: B. A technique for forging many DHCP requests to use up all the valid IP’s

How well did you know this?

Not at all

Perfectly

Quiz 3: What is the defense mechanism against Rogue DHCP servers? A. Port Security B. DHCP Snooping C. Firewall

Answer: B. DHCP Snooping

Quiz 1: What is Port Security? A. A tool for filtering MAC addresses to prevent MAC spoofing B. A tool for filtering IP addresses to prevent IP spoofing C. A tool for filtering DNS requests to prevent DNS spoofing D. A tool for filtering HTTP traffic to prevent HTTP spoofing

Answer: A. A tool for filtering MAC addresses to prevent MAC spoofing

Quiz 2: What is the difference between Sniffers and Protocol Analyzers? A. Sniffers obtain network packets while Protocol Analyzers examine packets B. Sniffers examine packets while Protocol Analyzers obtain network packets C. Sniffers work at the Transport layer while Protocol Analyzers work at the Network layer D. Sniffers work at the Data Link layer while Protocol Analyzers work at the Physical layer

Answer: A. Sniffers obtain network packets while Protocol Analyzers examine packets

Quiz 3: What is Tcpdump? A. A wireless packet analyzer that runs on Linux B. A packet analyzer that runs on Windows C. A Linux command-line sniffer and protocol analyzer D. A popular protocol analyzer for dissecting packets

Answer: C. A Linux command-line sniffer and protocol analyzer

Quiz 4: What is Wireshark? A. A tool for filtering MAC addresses to prevent MAC spoofing B. A tool for filtering IP addresses to prevent IP spoofing C. A popular protocol analyzer for dissecting packets D. A wireless packet analyzer that runs on Linux

Answer: C. A popular protocol analyzer for dissecting packets

Quiz 5: What is Kismet? A. A tool for filtering MAC addresses to prevent MAC spoofing B. A tool for filtering IP addresses to prevent IP spoofing C. A packet analyzer that runs on Windows D. A wireless packet analyzer that runs on Linux

Answer: D. A wireless packet analyzer that runs on Linux

Quiz 6: What is Netstumbler? A. A tool for filtering MAC addresses to prevent MAC spoofing B. A tool for filtering IP addresses to prevent IP spoofing C. A packet analyzer that runs on Windows D. A Linux command-line sniffer and protocol analyzer

Answer: C. A packet analyzer that runs on Windows

Quiz 7: What is TCPTrace? A. A wireless packet analyzer that runs on Linux B. A packet analyzer that can open packet capture files produced with other tools C. A tool for filtering MAC addresses to prevent MAC spoofing D. A popular protocol analyzer for dissecting packets

Answer: B. A packet analyzer that can open packet capture files produced with other tools

Quiz: What is phishing? A. A social engineering technique that involves sending fraudulent emails to obtain sensitive information B. A type of malware that spreads through human interaction C. A technique used to sniff network traffic D. A method to encrypt files and demand ransom

Answer: A. A social engineering technique that involves sending fraudulent emails to obtain sensitive information

Quiz: What is Tailgating in social engineering? A. A technique to hack wireless networks B. A method to crack passwords by guessing them C. A social engineering technique where an attacker follows someone into a restricted area D. A type of malware that spreads through the internet

Answer: C. A social engineering technique where an attacker follows someone into a restricted area

Quiz: What is E-mail masquerading? A. A technique to hide your IP address when sending emails B. A type of malware that spreads through email attachments C. A social engineering technique to send emails that appear to be from someone else D. A method to encrypt emails to ensure security

Answer: C. A social engineering technique to send emails that appear to be from someone else

Quiz: What is Evilginx? A. A type of virus that spreads through email B. A social engineering framework used to set up phishing and pharming pages C. A network sniffer used to capture and analyze packets D. A tool to prevent tailgating in a physical environment

Answer: B. A social engineering framework used to set up phishing and pharming pages

Quiz 1: What is phishing? A. A technique for stealing physical documents from someone's desk B. A type of social engineering attack that uses fake emails or websites to trick victims into sharing sensitive information C. A way of making money through the sale of fake goods or services D. A technique for gaining unauthorized access to computer systems

Answer: B. A type of social engineering attack that uses fake emails or websites to trick victims into sharing sensitive information.

Quiz 2: What is spear-phishing? A. A type of phishing attack that targets a specific individual or group B. A type of social engineering attack that targets random individuals C. A technique for manipulating search engine rankings D. A type of denial-of-service attack

Answer: A. A type of phishing attack that targets a specific individual or group.

Quiz 3: What is whaling? A. A type of spear-phishing attack that targets high-level executives or other high-value targets B. A technique for exploiting weaknesses in wireless networks C. A type of malware that uses encryption to hide its code D. A type of social engineering attack that involves manipulating emotions to gain information

Answer: A. A type of spear-phishing attack that targets high-level executives or other high-value targets.

Quiz 4: What is vishing? A. A type of social engineering attack that uses voice calls to trick victims into sharing sensitive information B. A technique for exploiting vulnerabilities in web browsers C. A type of phishing attack that targets users of virtual reality systems D. A type of malware that spreads through USB drives

Answer: A. A type of social engineering attack that uses voice calls to trick victims into sharing sensitive information.

Quiz 5: What is pharming? A. A type of social engineering attack that involves manipulating emotions to gain information B. A technique for exploiting weaknesses in wireless networks C. A type of phishing attack that uses fake websites to trick victims into sharing sensitive information D. A type of malware that replicates itself over a network

Answer: C. A type of phishing attack that uses fake websites to trick victims into sharing sensitive information.

Quiz 6: What is impersonation? A. A type of social engineering attack that involves pretending to be someone else in order to gain information B. A technique for exploiting vulnerabilities in web browsers C. A type of malware that modifies system settings D. A type of phishing attack that uses phone calls to trick victims into sharing sensitive information

Answer: A. A type of social engineering attack that involves pretending to be someone else in order to gain information.

Quiz 7: What is piggybacking/tailgating? A. A type of social engineering attack that involves following someone into a restricted area without proper authorization B. A technique for bypassing security controls by using authorized access credentials C. A type of phishing attack that uses phone calls to trick victims into sharing sensitive information D. A type of malware that modifies system settings

Answer: A. A type of social engineering attack that involves following someone into a restricted area without proper authorization.

Quiz: What is a Slowloris attack? A. A DOS attack against a web server by sending many partial HTTP requests B. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target C. Sending malformed or oversized ICMP ping packets in an attempt to crash the target D. A technique of scanning machines to find those that might potentially be vulnerable to attack

Answer: A. A DOS attack against a web server by sending many partial HTTP requests

Quiz: What is a Zero-Day vulnerability? A. A known vulnerability for which there is a defense in place B. A new or unknown vulnerability for which there is no defense in place yet C. A technique of scanning machines to find those that might potentially be vulnerable to attack D. A device that can automatically move communications to an unused channel to avoid wireless jamming

Answer: B. A new or unknown vulnerability for which there is no defense in place yet

Quiz: What are Cognitive Radios? A. A device that can automatically move communications to an unused channel to avoid wireless jamming B. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target C. A technique of scanning machines to find those that might potentially be vulnerable to attack D. A new or unknown vulnerability for which there is no defense in place yet

Answer: A. A device that can automatically move communications to an unused channel to avoid wireless jamming

Quiz 1: What is a Slowloris attack? A. An attack on a web server using malicious JavaScript code B. A DOS attack against a web server by sending many partial HTTP requests C. A type of phishing attack that targets high-level executives D. A form of malware that encrypts a victim's files and demands payment for their release

Answer: B. A DOS attack against a web server by sending many partial HTTP requests.

Quiz 2: What is a botnet? A. A type of malware that steals sensitive information from a victim's computer B. A group of computers controlled by a hacker and used for malicious purposes C. A type of virus that infects a computer's boot sector D. A technique for detecting vulnerabilities in network devices

Answer: B. A group of computers controlled by a hacker and used for malicious purposes.

Quiz 3: What is hit-list scanning? A. A technique for detecting vulnerabilities in network devices B. A type of social engineering attack that involves impersonating a trusted source C. A method for identifying machines that might be vulnerable to attack D. A technique for hiding malware inside legitimate-looking software

Answer: C. A method for identifying machines that might be vulnerable to attack.

Quiz 4: What is a Ping Of Death attack? A. A type of denial-of-service attack that exploits vulnerabilities in web servers B. A form of social engineering that involves tricking a victim into performing an action C. An attack that sends many connection requests to overwhelm a target D. An attack that sends malformed or oversized ICMP ping packets to crash a target

Answer: D. An attack that sends malformed or oversized ICMP ping packets to crash a target.

Quiz 5: What is a SYN Flood/TCP SYN attack? A. An attack on a web server using malicious JavaScript code B. A type of virus that infects a computer's boot sector C. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target D. A technique for detecting vulnerabilities in network devices

Answer: C. An attack that abuses the TCP 3-way handshake and sends many SYN packets to overwhelm the target.

Quiz 6: What is a zero-day vulnerability? A. A vulnerability that is well-known and for which there is a defense in place B. A new or unknown vulnerability for which there is no defense in place yet C. A type of malware that spreads through a network by exploiting vulnerabilities D. A technique for detecting vulnerabilities in network devices

Answer: B. A new or unknown vulnerability for which there is no defense in place yet.

Quiz 7: What are cognitive radios? A. A type of social engineering attack that involves impersonating a trusted source B. A type of wireless jamming device used for malicious purposes C. Devices that can automatically move communications to an unused channel to avoid attacks D. A technique for hiding malware inside legitimate-looking software

Answer: C. Devices that can automatically move communications to an unused channel to avoid attacks.

Quiz 8: What is the Slowloris attack used for? A. To steal sensitive information from a victim's computer B. To encrypt a victim's files and demand payment for their release C. To overwhelm a web server with partial HTTP requests D. To impersonate a trusted source and trick a victim into performing an action

Answer: C. To overwhelm a web server with partial HTTP requests.

Quiz: What is session hijacking? A. A technique for capturing packets passing through a network B. A method of obtaining sensitive information by disguising a fake website as a legitimate one C. A way to take over a user's established session on a website D. A technique for flooding a server with connection requests to overwhelm it

Answer: C. A way to take over a user's established session on a website

Quiz: What is the difference between session fixation and session donation attacks? A. Session fixation involves stealing a victim's established session, while session donation involves establishing a session under the attacker's own credentials. B. Session fixation involves tricking a victim to log in using a pre-generated session ID, while session donation involves deleting sensitive information from the attacker's account. C. Session fixation involves deleting sensitive information from the victim's account, while session donation involves taking over a victim's established session. D. Session fixation and session donation are the same thing.

Answer: A. Session fixation involves stealing a victim's established session, while session donation involves establishing a session under the attacker's own credentials.

Quiz: What is the session-ID in a web server? A. The user's password B. The user's email address C. The user's username D. The user's session cookie

Answer: D. The user's session cookie

Quiz: What is slowloris attack? A. A type of DNS attack B. A type of DoS attack against a web server C. A type of social engineering attack D. A type of network sniffing attack

Answer: B. A type of DoS attack against a web server

Quiz 1: What is one way to prevent session hijacking when using cookies? A. Allow user-supplied cookies B. Use predictable session cookies C. Use non-predictable session cookies D. Use the same session cookie for every user

Answer: C. Use non-predictable session cookies.

Quiz 2: What is FTPS? A. An unencrypted file transfer protocol B. A file transfer protocol that uses encryption and digital signatures C. A protocol used to encrypt email messages D. A type of secure shell protocol

Answer: B. A file transfer protocol that uses encryption and digital signatures.

Quiz 3: What is the recommended protocol to use instead of SSL for securing web traffic? A. TLS v1.0 B. TLS v1.1 C. TLS v1.2 D. SSLv3

Answer: C. TLS v1.2.

Quiz 4: What is STARTTLS used for? A. To encrypt email messages between mail servers B. To encrypt file transfers using FTPS C. To encrypt web traffic using TLS D. To encrypt SSH traffic

Answer: A. To encrypt email messages between mail servers.

Quiz 5: What is the advantage of using SSH instead of Telnet? A. SSH is faster than Telnet B. SSH is easier to configure than Telnet C. SSH can be used to encrypt other types of traffic D. SSH is not susceptible to session hijacking

Answer: C. SSH can be used to encrypt other types of traffic.

Quiz 1: What is Burp Suite used for? A. Network sniffing B. Session hijacking in web applications C. Firewall management D. Intrusion prevention

Answer: B. Session hijacking in web applications

Quiz 2: What kind of traffic can Burp Suite intercept, inspect, and modify? A. FTP traffic B. Email traffic C. HTTP traffic D. DNS traffic

Answer: C. HTTP traffic

Quiz 3: What is the main benefit of using Burp Suite for session hijacking? A. It allows you to modify network traffic on the way to the server B. It encrypts web traffic to prevent session hijacking C. It provides non-predictable TCP sequence numbers D. It uses server-generated cookies to prevent session hijacking

Answer: A. It allows you to modify network traffic on the way to the server

Quiz 4: What is the difference between Burp Suite and other proxy tools? A. Burp Suite only works with encrypted traffic B. Burp Suite is designed specifically for session hijacking C. Burp Suite can intercept, inspect, and modify traffic on the way to the server D. Burp Suite can only intercept traffic on the client side

Answer: C. Burp Suite can intercept, inspect, and modify traffic on the way to the server.

Quiz: What is IPSEC? A. A layer-3 security protocol used to create VPN tunnels B. A layer-2 security protocol used to encrypt data on a LAN C. A layer-4 security protocol used to authenticate data D. A layer-7 security protocol used to encrypt web traffic

Answer: A. A layer-3 security protocol used to create VPN tunnels

Quiz: What is the difference between AH and ESP in IPSEC? A. AH does only authentication and integrity, while ESP does authentication, integrity, and encryption B. AH does only authentication, while ESP does authentication and encryption C. AH does only integrity, while ESP does authentication, integrity, and encryption D. AH does only encryption, while ESP does authentication and integrity

Answer: A. AH does only authentication and integrity, while ESP does authentication, integrity, and encryption

Quiz: When should you choose ESP over AH in IPSEC? A. When you need only authentication and integrity B. When you need only authentication C. When you need only integrity D. When you need confidentiality in addition to authentication and integrity

Answer: D. When you need confidentiality in addition to authentication and integrity

Quiz: When should you use IPSEC Transport Mode vs. Tunnel Mode? A. Use Transport Mode for going across the internet, and Tunnel Mode for your LAN B. Use Transport Mode for your LAN, and Tunnel Mode for going across the internet C. Use Transport Mode when you need only authentication and integrity, and Tunnel Mode when you need encryption D. Use Tunnel Mode when you need only authentication and integrity, and Transport Mode when you need encryption

Answer: B. Use Transport Mode for your LAN, and Tunnel Mode for going across the internet

Quiz: What are some examples of biometric authentication? A. Passwords and PINs B. Retina and iris scanners, fingerprint scanners, voice recognition C. Social security numbers and driver's licenses D. MAC addresses and IP addresses

Answer: B. Retina and iris scanners, fingerprint scanners, voice recognition.

Quiz: What is counter-based authentication? A. Authentication that uses physical tokens, such as a keycard or smart card. B. Authentication that verifies the user's behavior patterns, such as typing style or walking gait. C. Authentication that creates one-time passwords encrypted with secret keys. D. Authentication that verifies the user's physical characteristics, such as facial recognition or DNA.

Answer: C. Authentication that creates one-time passwords encrypted with secret keys.

Quiz: What is Bettercap? A. A tool for wireless ARP poisoning and sniffing. B. A tool for brute-forcing passwords. C. A tool for phishing attacks. D. A tool for creating malware.

Answer: A. A tool for wireless ARP poisoning and sniffing.

Quiz 1: What is biometrics in authentication? A. Something you have, like a key or a card B. Something you know, like a password or a PIN C. Something you are, like a fingerprint or a retina scan D. Something you do, like typing or walking

Answer: C. Something you are, like a fingerprint or a retina scan

Quiz 2: What is the difference between biometrics and behavioral biometrics? A. Biometrics uses physical characteristics, while behavioral biometrics measures actions B. Biometrics uses passwords, while behavioral biometrics uses biometric data C. Biometrics measures typing speed, while behavioral biometrics measures walking speed D. Biometrics measures fingerprints, while behavioral biometrics measures iris scans

Answer: A. Biometrics uses physical characteristics, while behavioral biometrics measures actions

Quiz 3: What is counter-based authentication? A. A system that creates one-time passwords that are encrypted with secret keys B. A system that uses biometrics for authentication C. A system that uses passwords for authentication D. A system that uses behavioral biometrics for authentication

Answer: A. A system that creates one-time passwords that are encrypted with secret keys

Quiz 4: What is Bettercap used for? A. Wireless encryption B. Wireless networking C. Wireless ARP poisoning and sniffing D. Wireless signal boosting

Answer: C. Wireless ARP poisoning and sniffing

Quiz 5: What is a disadvantage of using biometrics for authentication? A. It is very cheap and easy to implement B. It requires a lot of processing power and RAM C. It can be easily shared or stolen D. It is not accurate

Answer: B. It requires a lot of processing power and RAM

Quiz: Which layer of the OSI Model deals with cables, connectors, and NICs? A. Layer 1: Physical B. Layer 2: Data Link C. Layer 3: Network D. Layer 4: Transport

Answer: A. Layer 1: Physical

Quiz: Which layer of the OSI Model is responsible for MAC addresses and switches? A. Layer 1: Physical B. Layer 2: Data Link C. Layer 3: Network D. Layer 4: Transport

Answer: B. Layer 2: Data Link

Quiz: Which layer of the OSI Model is responsible for IP addresses and routers? A. Layer 1: Physical B. Layer 2: Data Link C. Layer 3: Network D. Layer 4: Transport

Answer: C. Layer 3: Network

Quiz: Which layer of the OSI Model is responsible for TCP and UDP ports? A. Layer 3: Network B. Layer 4: Transport C. Layer 5: Session D. Layer 6: Presentation

Answer: B. Layer 4: Transport

Quiz: Which layer of the OSI Model is responsible for establishing, managing, and terminating sessions? A. Layer 3: Network B. Layer 4: Transport C. Layer 5: Session D. Layer 6: Presentation

Answer: C. Layer 5: Session

Quiz: Which layer of the OSI Model is responsible for file and email encryption? A. Layer 4: Transport B. Layer 5: Session C. Layer 6: Presentation D. Layer 7: Application

Answer: C. Layer 6: Presentation

Quiz: Which layer of the OSI Model is responsible for programs that use the network? A. Layer 5: Session B. Layer 6: Presentation C. Layer 7: Application D. Layer 4: Transport

Answer: C. Layer 7: Application

Quiz: Which layer of the OSI Model is responsible for logical addressing? A. Layer 1: Physical B. Layer 2: Data Link C. Layer 3: Network D. Layer 4: Transport

Answer: C. Layer 3: Network

Quiz 1: What is the difference between public and private IP addresses? A. Public IP addresses are assigned to devices within a private network, while private IP addresses are assigned to devices on the public internet. B. Public IP addresses are assigned to devices on the public internet, while private IP addresses are assigned to devices within a private network. C. Public IP addresses are always dynamic, while private IP addresses are always static. D. Public IP addresses are always static, while private IP addresses are always dynamic.

Answer: B. Public IP addresses are assigned to devices on the public internet, while private IP addresses are assigned to devices within a private network.

Quiz 2: What is the range of IP addresses for Class A private networks? A. 10.X.X.X B. 172.16.X.X - 172.31.X.X C. 192.168.X.X D. None of the above

Answer: A. 10.X.X.X

Quiz 3: What is the range of IP addresses for Class B private networks? A. 10.X.X.X B. 172.16.X.X - 172.31.X.X C. 192.168.X.X D. None of the above

Answer: B. 172.16.X.X - 172.31.X.X

Quiz 4: What is the range of IP addresses for Class C private networks? A. 10.X.X.X B. 172.16.X.X - 172.31.X.X C. 192.168.X.X D. None of the above

Answer: C. 192.168.X.X

Quiz 5: Which of the following statements about private IP addresses is true? A. Private IP addresses can be used on the public internet. B. Private IP addresses can be assigned to any device on the public internet. C. Private IP addresses are only valid within a private network. D. Private IP addresses are always static.

Answer: C. Private IP addresses are only valid within a private network.

Quiz 6: What is the purpose of RFC 1918? A. To define the standard for public IP addresses. B. To define the standard for private IP addresses. C. To define the standard for IP address subnetting. D. To define the standard for network routing.

Answer: B. To define the standard for private IP addresses.

Quiz 1: Which type of IDS can detect new or unknown attacks? A. Signature-based IDS B. Behavior-based IDS C. Network-based IDS D. Host-based IDS

Answer: B. Behavior-based IDS

Quiz 2: Which type of IDS looks for deviations from normal activity or behavior? A. Signature-based IDS B. Behavior-based IDS C. Network-based IDS D. Host-based IDS

Answer: B. Behavior-based IDS

Quiz 3: Which type of IDS is most effective at detecting attacks that have not been previously identified? A. Signature-based IDS B. Behavior-based IDS C. Network-based IDS D. Host-based IDS

Answer: B. Behavior-based IDS

Quiz 4: What is the primary difference between Network-based IDS and Host-based IDS? A. NIDS looks at network traffic, while HIDS looks at activity on a specific host or endpoint. B. NIDS operates at the network layer, while HIDS operates at the application layer. C. NIDS can detect new or unknown attacks, while HIDS can only detect known attacks. D. NIDS is more effective than HIDS at detecting insider threats.

Answer: A. NIDS looks at network traffic, while HIDS looks at activity on a specific host or endpoint.

Quiz 5: Which type of IDS can generate a large number of alerts? A. Signature-based IDS B. Behavior-based IDS C. Network-based IDS D. Host-based IDS

Answer: A. Signature-based IDS

Quiz 6: What is the difference between a true positive and a false negative alert? A. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system mistakenly detects an attack that did not occur. B. A true positive alert is generated when the system fails to detect an attack that did occur, while a false negative alert is generated when the system correctly determines that no attack occurred. C. A true positive alert is generated when the system correctly determines that no attack occurred, while a false negative alert is generated when the system mistakenly detects an attack that did not occur. D. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system fails to detect an attack that did occur.

Answer: D. A true positive alert is generated when the system correctly detects an attack, while a false negative alert is generated when the system fails to detect an attack that did occur.

Quiz 1: What is Snort primarily used for? A. A video editing tool B. A command-line based tool for sniffing, packet-logging, and as a Network IDS C. A graphic design software D. A web browser

Answer: Option B.