CH 0 - Intro Assessment Flashcards
Which header field is used to reassemble fragmented IP packets?
A. Destination address
B. IP identification
C. Don’t fragment bit
D. ToS field
B.
IP identification
If you were to see the following in a packet capture, what would you expect was happening?
’ or 1=1;
A. cross-site scripting
B. command injection
C. SQL injection
D. XML external entity injectiion
C.
SQL injection
What method might you use to successfully get malware onto a mobile device?
A. Through the Apple Store or Google Play Store
B. external storage on an Android
C. Third-party app store
D. Jailbreaking
C.
Third-party app store
What protocol is used to take a destination IP address and get a packet to a destination on the local network?
A. DHCP
B. ARP
C. DNS
D. RARP
B.
ARP
What would be the result of sending the string AAAAAAAAAAAAAAAAA into a variable that has been allocated space for 8 bytes?
A. Heap spraying
B. SQL injection
C. Buffer overflow
D. Slowloris attack
C.
Buffer overflow
If you were to see the subnet mask 255.255.248.0, what CIDR notation (prefix) would you use to indicate the same thing?
A. /23
B. /22
C. /21
D. /20
B.
/22
What is the primary difference between a worm and a virus?
A. a worm uses polymorphic code
B. a virus uses polymorphic code
C. a worm can self-propagate
D. a virus can self-propagate
C.
A worm can self-propagate
How does an evil twin attack work?
A. phishing users for credentials
B. spoofing an SSID
C. changing an SSID
D. injecting 4-way handshakes
B.
Spoofing an SSID
What has been done to the following string?
%3Cscript%3Ealert(‘wubble’);%3C/script%3E
A. Base64 encoding
B. URL encoding
C. Encryption
D. Cryptographic hashing
B.
URL encoding
What would you get from running the command
dig ns domain.com ?
A. mail exchanger records for domain.com
B. name server records for domain.com
C. caching name server for domain.com
D. IP address for the hostname ns
B.
Name server records for domain.com
What technique would you ideally use to get all of the hostnames associated with a domain?
A. DNS query
B. Zone copy
C. Zone transfer
D. Recursive request
C.
Zone Transfer
If you were to notice operating system commands inside a DNS request while looking at a packet capture, what might you be looking at?
A. Tunneling attack
B. DNS amplification
C. DNS recursion
D. XML entity injection
A.
Tunneling Attack
What would be the purpose of running a ping sweep?
A. You want to identify responsive hosts without a port scan
B. You want to use something that is light on network traffic
C. You want to use a protocol that may be allowed through the firewall
D. All of the above
D.
All of the above
How many functions are specified by NIST’s cybersecurity framework?
A. 0
B. 3
C. 5
D. 4
C.
5
What would be one reason not to write malware in Python?
A. The Python interpreter is slow
B. The Python interpreter may not be available
C. There is inadequate library support
D. Python is a hard language to learn
B.
The Python interpreter may not be available