CPSA

Question 1

What is the default password for user ADAMS on Oracle 7/8/9?

Answer 1

WOOD

Question 2

What is the default password for user BLAKE on Oracle 7/8?

Answer 2

PAPER

Question 3

What is the default password for user DBSNMP on Oracle 7/8?

Answer 3

DBSNMP

Question 4

What is the default password for user internal on Oracle 7/8/9?

Answer 4

oracle

Question 5

What is the default password for user JONES on Oracle 7/8/9?

Answer 5

STEEL

Question 6

What is the default password for user MODTEST on Oracle 7/8/9?

Answer 6

YES

Question 7

What is the default password for user Scott on Oracle 7/8/9?

Answer 7

Tiger

Question 8

What is the default password for user SYS on Oracle 7/8/9?

Answer 8

CHANGE_ON_INSTALL

Question 9

What is the default password for user SYSADM on Oracle 7/8/9?

Answer 9

SYSADM

Question 10

What is the default password for user SYSTEM on Oracle 7/8/9?

Answer 10

MANAGER

Question 11

What is the default password for user TRACESRV on Oracle 7/8/9?

Answer 11

TRACE

Question 12

What does DNS stand for?

Answer 12

Domain Name System

Question 13

What does HTTP stand for?

Answer 13

Hypertext Transfer Protocol

Question 14

What does HTTPS stand for?

Answer 14

Hypertext Transfer Protocol Secure

Question 15

What does ICMP stand for?

Answer 15

Internet Control Message Protocol

Question 16

What does IIS stand for?

Answer 16

Internet Information Services

Question 17

What does IP stand for?

Answer 17

Internet Protocol

Question 18

What does RIP stand for?

Answer 18

Routing Information Protocol

Question 19

What does SIP (VoIP) stand for?

Answer 19

Session Initiation Protocol

Question 20

What does SMTP stand for?

Answer 20

Simple Mail Transfer Protocol

Question 21

What does SOAP stand for?

Answer 21

Simple Object Access Protocol

Question 22

What does TCP stand for?

Answer 22

Transmission Control Protocol

Question 23

What does UDP stand for?

Answer 23

User Datagram Protocol

Question 24

What does SNMP stand for?

Answer 24

Simple Network Management Protocol

Question 25

What does TFTP stand for?

Answer 25

Trivial File Transfer Protocol

Question 26

What does SSH stand for?

Answer 26

Secure Shell

Question 27

What does FTP stand for?

Answer 27

File Transfer Protocol

Question 28

What does SMB stand for?

Answer 28

Server Message Block

Question 29

What does LDAP stand for?

Answer 29

Lightweight Directory Access Protocol

Question 30

What does FTPS stand for?

Answer 30

File Transfer Protocol Secure

Question 31

What does SFTP stand for?

Answer 31

Simple File Transfer Protocol (TCP/115), SSH File Transfer Protocol

Question 32

What does NFS stand for?

Answer 32

Network File System

Question 33

What does IMAP stand for?

Answer 33

Internet Message Access Protocol

Question 34

What does HTTPS stand for?

Answer 34

Hypertext Transfer Protocol Secure (over TLS/SSL)

Question 35

What does Rlogin stand for?

Answer 35

Remote Login

Question 36

What does Rexec stand for?

Answer 36

Remote Process Execution

Question 37

What port does SNMP operate on?

Answer 37

UDP 161

Question 38

What port does TFTP operate on?

Answer 38

UDP 69;

Question 39

What port does SMTP operate on?

Answer 39

TCP 25

Question 40

What port does SSH operate on?

Answer 40

port 22

Question 41

What port does HTTP operate on?

Answer 41

TCP 80

Question 42

What port does SIP (VoIP) operate on?

Answer 42

port 5060

Question 43

What port does FTP data transfer operate on?

Answer 43

port 20

Question 44

What port does FTP control operate on?

Answer 44

port 21

Question 45

What port does SMB operate on?

Answer 45

139/tcp (NETBIOS over TCP/IP), 445/tcp (raw SMB transport)

Question 46

What port does LDAP operate on?

Answer 46

port 389

Question 47

What port does HTTPS operate on?

Answer 47

TCP 443

Question 48

What port does rlogin operate on?

Answer 48

TCP 513

Question 49

What port does RIP operate on?

Answer 49

UDP 520

Question 50

What port does FTPS data transfer operate on?

Answer 50

port 989

Question 51

What port does FTPS control operate on?

Answer 51

port 990

Question 52

What port does rexec operate on?

Answer 52

TCP 512

Question 53

What port does Telnet operate on?

Answer 53

port 23

Question 54

What port does WHOIS operate on?

Answer 54

port 43

Question 55

What port does DNS operate on?

Answer 55

port 53

Question 56

What port does Finger operate on?

Answer 56

TCP 79

Question 57

What port does Kerberos operate on?

Answer 57

port 88

Question 58

What port does SFTP (Simple FTP) operate on?

Answer 58

TCP 115

Question 59

What port does NFS operate on?

Answer 59

port 2049

Question 60

What port does MSSQL Server operate on?

Answer 60

TCP 1433

Question 61

What port does MSSQL Monitor operate on?

Answer 61

port 1434

Question 62

What port does MySQL database system operate on?

Answer 62

port 3306

Question 63

What port does PostgreSQL database system operate on?

Answer 63

port 5432

Question 64

What port does IMAP operate on?

Answer 64

TCP 143

Question 65

What does OSPF stand for?

Answer 65

Open Shortest Path First

Question 66

What does IGRP stand for?

Answer 66

Interior Gateway Routing Protocol

Question 67

What does EIGRP stand for?

Answer 67

Enhanced Interior Gateway Routing Protocol

Question 68

What does DES stand for?

Answer 68

Data Encryption Standard

Question 69

What does 3DES stand for?

Answer 69

Triple Data Encryption Standard

Question 70

What does AES stand for?

Answer 70

Advanced Encryption Standard

Question 71

What does RSA stand for?

Answer 71

Rivest Shamir Adleman

Question 72

What does RC4 stand for?

Answer 72

Rivest Cipher 4

Question 73

What does SHA1 stand for?

Answer 73

Secure Hash Algorithm 1

Question 74

What does MD5 stand for?

Answer 74

Message Digest (Algorithm) 5

Question 75

What does HMAC stand for?

Answer 75

Hash-based Message Authentication Code

Question 76

What does SSL stand for?

Answer 76

Secure Sockets Layer

Question 77

What does IPsec stand for?

Answer 77

Internet Protocol Security

Question 78

What does PGP stand for?

Answer 78

Pretty Good Privacy

Question 79

What does WEP stand for?

Answer 79

Wired Equivalent Privacy

Question 80

What does WPA stand for?

Answer 80

Wi-Fi Protected Access

Question 81

What does TKIP stand for?

Answer 81

Temporal Key Integrity Protocol

Question 82

What does NTP stand for?

Answer 82

Network Time Protocol

Question 83

What does PCAP stand for?

Answer 83

Packet Capture

Question 84

What does ARP stand for?

Answer 84

Address Resolution Protocol

Question 85

What does DHCP stand for?

Answer 85

Dynamic Host Configuration Protocol

Question 86

What does CDP stand for?

Answer 86

Cisco Discovery Protocol

Question 87

What does HSRP stand for?

Answer 87

Hot Standby Router Protocol

Question 88

What does VRRP stand for?

Answer 88

Virtual Router Redundancy Protocol

Question 89

What does VTP stand for?

Answer 89

VLAN Trunking Protocol

Question 90

What does STP stand for?

Answer 90

Spanning Tree Protocol

Question 91

What does TACACS+ stand for?

Answer 91

Terminal Access Controller Access-Control System Plus

Question 92

DNS Records: What does SOA stand for?

Answer 92

Start of Authority Record

Question 93

DNS Records: What does MX stand for?

Answer 93

Mail Exchange Record

Question 94

DNS Records: What does TXT stand for?

Answer 94

Text Record

Question 95

DNS Records: What does A stand for?

Answer 95

Address Record

Question 96

DNS Records: What does NS stand for?

Answer 96

Name Server Record

Question 97

DNS Records: What does HINFO stand for?

Answer 97

Host Information Record

Question 98

DNS Records: What does CNAME stand for?

Answer 98

Canonical Name Record

Question 99

What does EAP stand for?

Answer 99

Extensible Authentication Protocol

Question 100

What does LEAP stand for?

Answer 100

Lightweight Extensible Authentication Protocol

Question 101

What does PEAP stand for?

Answer 101

Protected Extensible Authentication Protocol

Question 102

What port does POP3S operate on?

Answer 102

TCP 995

Question 103

What port does Echo operate on?

Answer 103

port 7

Question 104

What port does CHARGEN operate on?

Answer 104

port 19

Question 105

What port does Daytime operate on?

Answer 105

port 13

Question 106

What port does Quote of the Day operate on?

Answer 106

port 17

Question 107

What port does Telnet operate on?

Answer 107

port 23

Question 108

What port does POP2 operate on?

Answer 108

TCP 109

Question 109

What port does POP3 operate on?

Answer 109

TCP 110

Question 110

What port does NNTP operate on?

Answer 110

TCP 119

Question 111

What port does Syslog operate on?

Answer 111

UDP 514

Question 112

What port does LDAPS operate on?

Answer 112

port 636

Question 113

What port does IMAPS operate on?

Answer 113

TCP 993

Question 114

What port does Oracle operate on by default for older releases?

Answer 114

TCP 1521

Question 115

What port does Oracle database officially run on, for newer releases?

Answer 115

port 2483

Question 116

What port does Oracle database officially run on over SSL, for newer releases?

Answer 116

port 2484

Question 117

What is the common alternative port for Oracle database to run on?

Answer 117

TCP 1528

Question 118

What port does OpenVPN operate on?

Answer 118

port 1194

Question 119

What port does NetBIOS Name Service operate on?

Answer 119

port 137

Question 120

What port does NetBIOS Datagram Service operate on?

Answer 120

port 138

Question 121

What port does NetBIOS Session Service operate on?

Answer 121

port 139

Question 122

What port does RDP operate on?

Answer 122

port 3389

Question 123

Which two ports does X11 operate on?

Answer 123

TCP 6000, UDP 6001

Question 124

What port does Virtual Network Computing (VNC)/Remote Frame Buffer (RFB) operate on?

Answer 124

port 5900

Question 125

What port does RPC operate on in Linux?

Answer 125

port 111

Question 126

What port does ISAKMP operate on?

Answer 126

port 500

Question 127

What port does Telnet over SSL operate on?

Answer 127

port 992

Question 128

What port does IDENT operate on?

Answer 128

TCP 113

Question 129

What port does Authentication Service (auth) operate on?

Answer 129

UDP 113

Question 130

What port does IMAP version 3 operate on?

Answer 130

port 220

Question 131

What port does SMTPS operate on?

Answer 131

TCP 465

Question 132

What does CVE stand for?

Answer 132

Common Vulnerabilities & Exposures

Question 133

What frequency does 802.11a operate on?

Answer 133

5 Ghz

Question 134

5 Ghz

Answer 134

What frequency does 802.11a operate on?

Question 135

What frequency does 802.11b operate on?

Answer 135

2.4 GHz

Question 136

2.4 GHz

Answer 136

What frequency does 802.11b operate on?

Question 137

What frequency does 802.11g operate on?

Answer 137

2.4 GHz

Question 138

2.4 GHz

Answer 138

What frequency does 802.11g operate on?

Question 139

What frequency does 802.11n operate on?

Answer 139

Both 2.4 GHz and 5 GHz

Question 140

Both 2.4 GHz and 5 GHz

Answer 140

What frequency does 802.11n operate on?

Question 141

What is IP protocol number 1?

Answer 141

ICMP

Question 142

What is IP protocol number 2?

Answer 142

IGMP

Question 143

What is IP protocol number 6?

Answer 143

TCP

Question 144

What is IP protocol number 16?

Answer 144

CHAOS

Question 145

What is IP protocol number 17?

Answer 145

UDP

Question 146

What is IP protocol number 47?

Answer 146

GRE (Generic Routing Encapsulation)

Question 147

What message is ICMP type 0?

Answer 147

Echo Reply

Question 148

What message is ICMP type 3 code 0?

Answer 148

Destination network unreachable

Question 149

What message is ICMP type 4?

Answer 149

Source Quench

Question 150

What message is ICMP type 8?

Answer 150

Echo

Question 151

What message is ICMP type 13?

Answer 151

Timestamp

Question 152

What message is ICMP type 14?

Answer 152

Timestamp Reply

Question 153

What message is ICMP type 15?

Answer 153

Information Request

Question 154

What message is ICMP type 16?

Answer 154

Information Reply

Question 155

What message is ICMP type 30?

Answer 155

Traceroute

Question 156

What message is ICMP type 37?

Answer 156

Domain Name Request

Question 157

What message is ICMP type 38?

Answer 157

Domain Name Reply

Question 158

What port does Sysstat operate on?

Answer 158

port 11

Question 159

What port does Tcpmux operate on?

Answer 159

port 1

Question 160

What port does Netstat operate on?

Answer 160

port 15

Question 161

What does QOTD stands for?

Answer 161

Quote Of The Day

Question 162

What port does Message Send Protocol operate on?

Answer 162

port 18

Question 163

Identify the OS version from this banner: “220 hostname FTP server ready”

Answer 163

Solaris 9 and later, SGI IRIX 6.x

Question 164

Identify the OS version from the banner: “220 Microsoft FTP Service”

Answer 164

Windows 2003

Question 165

Identify the OS version from the banner: “220 hostname FTP server (Version 6.00LS) ready”

Answer 165

FreeBSD 4.x and later

Question 166

Identify the OS version from the banner: “220 hostname FTP server (Version 6.00) ready”

Answer 166

FreeBSD 3.x, MacOS

Question 167

Identify the OS version from the banner: “220 hostname Microsoft FTP Service (Version 5.0)”

Answer 167

Windows 2000

Question 168

Identify the OS version from the banner: “220 hostname FTP server (Digital Unix Version 5.60) ready”

Answer 168

Compaq Tru64

Question 169

Identify the OS version from the banner: “220 hostname Microsoft FTP Service (Version 4.0)”

Answer 169

Windows NT 4.0

Question 170

Identify the OS version from the banner: “220 hostname FTP server (Version 4.1 Tue Sep 8 17:35:59 CDT 1998) ready

Answer 170

IBM AIX 4.x

Question 171

Identify the OS version from the banner: “220 hostname FTP server (NetBSD-ftpd 20020615) ready”

Answer 171

NetBSD 1.6.x

Question 172

Identify the OS version from the banner: “220 hostname FTP server (SunOS 5.7) ready”

Answer 172

Solaris 7

Question 173

Identify the OS version from the banner: “220 hostname FTP server (Version 1.1.214.6 Wed Feb 9 08:03:34 GMT 2000) ready”<br></br>

Answer 173

HP-UX 11.x

Question 174

Identify the FTP implementation from the banner:”220 hostname FTP server (Version 6.5/OpenBSD) ready”

Answer 174

WU-FTPD 2.6.2

Question 175

Which service is related to glob() vulnerability?

Answer 175

FTP

Question 176

How many different versions of SSH servers exist?

Answer 176

4

Question 177

Which service uses the PAM option?

Answer 177

SSH

Question 178

Which SSH version was deprecated?

Answer 178

SSH Version 1.0

Question 179

Identify the OS version from the banner: “Unix(r) System V Release 4.0 (hostname)”

Answer 179

Solaris 2.6

Question 180

What is the Exim?

Answer 180

Mail Transport Agent

Question 181

Where is PGP used?

Answer 181

It is used for SMTP encryption

Question 182

What port does TIME protocol operate on?

Answer 182

port 37

Question 183

What port does WINS service operate on?

Answer 183

port 42

Question 184

What is the POSTFIX?

Answer 184

Mail Transport Agent

Question 185

What does RIR stand for?

Answer 185

Regional Internet Registries

Question 186

What port does TACACS+ operate on?

Answer 186

port 49

Question 187

What does the BIND refers to?

Answer 187

Default Linux DNS server

Question 188

What does BIND stand for?

Answer 188

Berkley Internet Name Domain

Question 189

DNS Records: What does RP stand for?

Answer 189

Responsible Person record

Question 190

What does DIG stand for?

Answer 190

Domain Information Groper

Question 191

What protocol and ports are associated with DHCP networking protocol?

Answer 191

BOOTP, UDP 67(server), UDP 68(client)

Question 192

Why do you need to tell a client to inform their employees about a pentest either before the test commences or via the computer usage policy (Answer the Law)?

Answer 192

Human Rights Act

Question 193

Why do you need to get permission from the owner of a system before commencing a pentest (Answer the Law)?

Answer 193

Breach of Computer Misuse Act

Question 194

Each DNS ____ represents a boundary of authority subject to management by certain entities

Answer 194

Zone

Question 195

How many IP addresses could be used in an IP range with mask bit /25?

Answer 195

126

Question 196

What port can be queried to request a zone transfer?

Answer 196

TCP 53

Question 197

How many bits, bytes and octets are there in an IPv4 address?

Answer 197

32 bits, 4 bytes, 4 octets

Question 198

You have connected to an SSH service and its banner states it is running SSH v1.99. Which versions of the SSH protocol does this SSH support?

Answer 198

v1 and v2

Question 199

Which of the following is not a reserved IP range? a) 10.0.0.0/8b) 75.0.0.0/16c) 192.168.0.0/16d) 172.16.0.0/12

Answer 199

75.0.0.0/16

Question 200

How many possible IP addresses are there in a class A??

Answer 200

16777216

Question 201

On an assessment, if you are told that the network is a /28 subnet on an IPv4 network with 14 active hosts how many IPs are free?

Answer 201

0

Question 202

If ICMP is filtered, how you can view your possible traffic route to a secure web server from a Windows machine? a) tcptraceroute server.comb) traceroute -p 80 server.com c) ping -r server.comd) ping -R server.com:443 e) tcptraceroute server.com 443

Answer 202

tcptraceroute server.com 443

Question 203

How many mask bits are there for a subnet mask of 255.255.248.0?

Answer 203

/21

Question 204

Which IP addresses are used for automatic addressing (APIPA)?

Answer 204

169.254.0.0 - 169.254.255.255

Question 205

What does IANA stands for?

Answer 205

Internet Assigned Numbers Authority

Question 206

What does IGMP stands for?

Answer 206

Internet Group Message Protocol

Question 207

What does CAT5 stand for?

Answer 207

Category 5

Question 208

What does IEEE stand for?

Answer 208

Institute of Electrical and Electronic Engineers

Question 209

What does SING stand for?

Answer 209

Send ICMP Nasty Garbage

Question 210

What does SSRR stand for?

Answer 210

Strict Source and Route Record

Question 211

What does LSRR stand for?

Answer 211

Loose Source and Route Record

Question 212

What does WINS stand for?

Answer 212

Windows Internet Name Service

Question 213

DNS Records: What does PTR stand for?

Answer 213

Pointer Record

Question 214

What does HTML stand for?

Answer 214

HyperText Markup Language

Question 215

What is IP protocol number 4?

Answer 215

IP-in-IP

Question 216

What is IP protocol number 9?

Answer 216

IGP Interior Gateway Protocol, used by CISCO for their IGRP

Question 217

What is IP protocol number 41?

Answer 217

IPv6

Question 218

What is IP protocol number 88?

Answer 218

EIGRP

Question 219

What is IP protocol number 89?

Answer 219

OSPF

Question 220

What does CHARGEN stand for?

Answer 220

Character Generator Protocol

Question 221

How many bits is the IPv6 address?

Answer 221

128 bits

Question 222

What message is ICMP type 3 code 1?

Answer 222

Destination host unreachable

Question 223

What message is ICMP type 3 code 2?

Answer 223

Destination Protocol unreachable

Question 224

What message is ICMP type 3 code 3?

Answer 224

Destination port unreachable

Question 225

What message is ICMP type 3 code 6?

Answer 225

Destination network unknown

Question 226

What message is ICMP type 3 code 7?

Answer 226

Destination host unknown

Question 227

What message is ICMP type 11 code 1?

Answer 227

Fragment reassembly time exceeded

Question 228

What message is ICMP type 11 code 0?

Answer 228

TTL Time Exceeded

Question 229

What message is ICMP type 17?

Answer 229

Address mask request

Question 230

What message is ICMP type 18?

Answer 230

Address mask reply

Question 231

What message is ICMP type 37?

Answer 231

Domain name request

Question 232

What message is ICMP type 38?

Answer 232

Domain name reply

Question 233

What message is ICMP type 3 code 13?

Answer 233

Communication administratively prohibited

Question 234

What message is ICMP type 5?

Answer 234

Redirect message

Question 235

What is the meaning of 802.3?

Answer 235

Ethernet

Question 236

What is the meaning of 802.5

Answer 236

Token Ring

Question 237

What frequency does 802.3 operate on?

Answer 237

100Mb/s or Gigabit Ethernet (1Gb/s)

Question 238

What kind of connectors does the 802.3 uses?

Answer 238

RJ-45

Question 239

Name a specific property of 802.5 regarding bandwidth

Answer 239

It is shared fairly

Question 240

Which is the OSes that the nmap Inverse TCP Flag Scanning is deemed unsuccessful?

Answer 240

Microsoft Windows, many Cisco devices, IBM OS/400

Question 241

How can you perform a UDP scan using netcat?

Answer 241

nc -v -w 4 -u -z <> <>

Question 242

You perform a UDP scan and the target port returns no response. What is the state of the port?

Answer 242

open | filtered

Question 243

You perform an ACK scan and the target port returns TCP RST response. What is the conclusion regarding the firewall?

Answer 243

Stateless, blocks simply SYN packets

Question 244

You perform an nmap Maimon Scan and the target port returns no response. What is the state of the port?

Answer 244

open | filtered

Question 245

You perform an nmap Protocol scan and the target port returns a garbage response. What is the state of the port?

Answer 245

open

Question 246

What kind of packets does xprobe2 uses to fingerprint OS version?

Answer 246

ICMP

Question 247

ICMP Default system response: 8 and 13. Which is the OS?

Answer 247

Linux, BSD, Windows 2000

Question 248

ICMP Default system response: 8, 13 and 15. Which is the OS?

Answer 248

HP-UX, AIX, CISCO IOS, Ultrix

Question 249

ICMP Default system response: 8, 13, 17. Which is the OS?

Answer 249

Solaris, Windows 95, 98, ME

Question 250

ICMP Default system response: 8. Which is the OS?

Answer 250

Windows NT 4.0

Question 251

Which file should be changed in order to avoid disclosing WU-FTPD banner?

Answer 251

/etc/ftpaccess

Question 252

Which file should be changed in order to avoid disclosing ProFTPD banner?

Answer 252

/etc/proftpd.conf

Question 253

Which file should be changed in order to avoid disclosing host information after a user connects using telnet?

Answer 253

/etc/issue

Question 254

Which file should be changed in order to avoid disclosing sendmail banner?

Answer 254

sendmail.cf

Question 255

Which file should be changed in order to avoid disclosing qmail banner?

Answer 255

qmail-smtpd

Question 256

Which file should be changed in order to avoid disclosing Postfix banner?

Answer 256

main.cf

Question 257

Which file should be changed in order to avoid disclosing Exim banner?

Answer 257

exim.conf

Question 258

Identify the OS version from the banner: “SunOS 5.9”<br></br>

Answer 258

Solaris 9

Question 259

Identify the OS version from the banner: “Unix (hostname)”

Answer 259

SunOS 4.1.x SunOS

Question 260

Identify the OS version from the banner: “IRIX (hostname)”

Answer 260

SGI IRIX 6.x

Question 261

Identify the OS version from the banner: “AIX Version 5 (C) Copyrights by IBM and by others 1982, 2000”

Answer 261

IBM AIX 5.2.x

Question 262

Identify the OS version from the banner: “AIX Version 4 (C) Copyrights by IBM and by others 1982, 1996”

Answer 262

IBM AIX 4.2.x or 4.3.x

Question 263

Identify the OS version from the banner: “AIX Version 4 (C) Copyrights by IBM and by others 1982, 1994”

Answer 263

IBM AIX 4.1.x

Question 264

Identify the OS version from the banner: “IPSO (hostname) (ttyp0)”

Answer 264

Nokia IPSO

Question 265

Identify the OS version from the banner: “User Access Verification”

Answer 265

Cisco IOS

Question 266

Which part of cryptography is used to describe the feature: same input produces same output?

Answer 266

Hash

Question 267

Which part of cryptography is used to describe the feature: it is not possible to go from the output to the input?

Answer 267

Hash

Question 268

Which part of cryptography is used to describe the feature: Integrity

Answer 268

Hash

Question 269

Which part of cryptography is used to describe the feature:Confidentiality

Answer 269

Encryption

Question 270

Which part of cryptography is used to describe the feature: Usability

Answer 270

Encoding

Question 271

Which cipher starts from a random seed that is XORed with the clear text to generate the cipher text?

Answer 271

Stream Cipher

Question 272

What is the length of the DES key?

Answer 272

56 bits

Question 273

What is the block size of DES?

Answer 273

64 bits

Question 274

How many secret bits are there in a standard 3DES key?

Answer 274

168 bits if 3 keys DES is used (standard 3DES), 112 bits if 2 keys DES is used

Question 275

What is the size of AES block?

Answer 275

128, 192 or 256 bits

Question 276

What is the key length of AES?

Answer 276

128, 192 or 256 bits

Question 277

How many bytes output does the SHA1 cryptographic algorithm produce?

Answer 277

20 bytes hex value or 160 bits

Question 278

How many bytes output does the MD5 cryptographic hash function produce?

Answer 278

16 bytes or 128 bits

Question 279

Which protocols use HMAC?

Answer 279

TLS, IPsec

Question 280

What key is used to sign a website valid public key certificate?

Answer 280

The private key of a CA

Question 281

Which mode of operation for block ciphers discloses structure of clear-text?

Answer 281

ECB

Question 282

What does CVE stand for?

Answer 282

Common Vulnerabilities and Exposures

Question 283

Which of the following statements is not true about hashing?a) It is a deterministic procedureb) It does not take an arbitrary block of datac) It returns a fixed-size bit string referred to as cryptographic hash valued) Accidental or intentional change to the data will change the hash valuee) It is an one-way function

Answer 283

b)

Question 284

TCP wrappers use which configuration files?

Answer 284

/etc/hosts.allow and /etc/hosts.deny

Question 285

What is the following type of port scan being used?nmap -sX -n 192.168.1.100

Answer 285

XMAS Scan

Question 286

What operating system has a TTL of 64?

Answer 286

Solaris 8

Question 287

What does AH stand for?

Answer 287

Authentication Header

Question 288

Which encryption modes are used in IPSec?

Answer 288

Tunnel and Transport

Question 289

Which IPSec security component is used to ensure integrity?

Answer 289

Authentication Header (AH)

Question 290

Which IPSec security component is used to ensure confidentiality?

Answer 290

Encapsulating Security Payload (ESP)

Question 291

What does ESP stand for?

Answer 291

Encapsulating Security Payload

Question 292

What does IKE stand for?

Answer 292

Internet Key Exchange

Question 293

What is the purpose of IKE in IPSec?

Answer 293

To securely exchange the secret key

Question 294

Which shared key exchange are used in IPSec?

Answer 294

Main mode, Aggressive mode (possible to capture Pre Shared Key using a sniffer and crack it offline)

Question 295

What does ISAKMP stand for?

Answer 295

Internet Security Association and Key Management Protocol

Question 296

Which command is used to add a user to a group?

Answer 296

usermod -G group user

Question 297

What are the group permissions of the following file?drwxr-xr-x file

Answer 297

Read and Execute

Question 298

How can you set the sticky bit to a directory?

Answer 298

chmod +t

Question 299

What does the -i UNIX file attribute mean?

Answer 299

That the file cannot be modified or deleted

Question 300

Which command is used in UNIX to find files with suid enabled?

Answer 300

find / ( -perm -4000 -o -perm -2000 ) -ls 2>/dev/null

Question 301

What does ARIN stand for?

Answer 301

American Registry for Internet Numbers

Question 302

What does RIPE stand for?

Answer 302

Reseaux IP Europeens

Question 303

What does APNIC stand for?

Answer 303

Asia Pacific Network Information Centre

Question 304

What does LACNIC stand for?

Answer 304

Latin American and Caribbean Network Information Centre

Question 305

What does AfrNIC stand for?

Answer 305

African Network Information Centre

Question 306

DNS Records: Where can you find domain administrator’s email?

Answer 306

SOA not MX!

Question 307

What does NNTP stand for?

Answer 307

Network News Transfer Protocol

Question 308

What does DTP stand for?

Answer 308

Dynamic Trunking Protocol

Question 309

What does CRLF stand for?

Answer 309

Carriage Return Line Feed

Question 310

What port does Cisco HSRP operate on?

Answer 310

UDP 1985

Question 311

Name two DHCP vulnerabilities

Answer 311

DHCP Server SpoofDHCP Table Exhaustion - Snoop

Question 312

Name CDP vulnerabilities

Answer 312

Information disclosureSend a CDP packet and setup virtual deviceFlood CDP neighbors table

Question 313

Name HSRP vulnerabilities

Answer 313

DoS or MITMClear-text authentication

Question 314

Name VRRP vulnerabilities

Answer 314

Take over VRRP master role

Question 315

Name VTP vulnerabilities

Answer 315

Network topology information disclosureDelete all/one VLAN (DoS)Add a VLANCatalyst crash (DoS)

Question 316

Name TACACS vulnerabilities

Answer 316

Clear-text data transmission in RADIUS

Question 317

Which NET-SNMP versions were vulnerable?

Answer 317

All prior to 4.2.2

Question 318

Which SNMP version uses MD5 and encryption?

Answer 318

SNMPv2

Question 319

What does MIB stand for?

Answer 319

Management Information Base

Question 320

What does OID stand for?

Answer 320

Object Identifier

Question 321

Which SNMP version uses clear text data transfer?

Answer 321

SNMPv1

Question 322

OID: .1.3.6.1.2.1.1.5. What is the information retrieved?

Answer 322

Hostname

Question 323

OID: .1.3.6.1.4.1.77.1.4.2. What is the information retrieved?

Answer 323

Domain Name

Question 324

OID: .1.3.6.1.4.1.77.1.2.25. What is the information retrieved?

Answer 324

Usernames

Question 325

OID:.1.3.6.1.4.1.77.1.2.3.1.1. What is the information retrieved?

Answer 325

Running Services

Question 326

OID:.1.3.6.1.4.1.77.1.2.27. What is the information retrieved?

Answer 326

Share Information

Question 327

What does PPTP stand for?

Answer 327

Point-to-Point Tunelling Protocol

Question 328

What kind of encryption is IPSec based?

Answer 328

Based on symmetric-key encryption

Question 329

What does SA stand for?

Answer 329

Security Association

Question 330

Which module is used to define the IPSec protocol to be used, as well as crypttographic algorithms, keys and their lifetime?

Answer 330

Security Association (SA)

Question 331

What port does PPTP operate on?

Answer 331

TCP 1723

Question 332

What does MGCP stand for?

Answer 332

Media Gateway Control Protocol

Question 333

What does RTP stand for?

Answer 333

Real-Time Transport Protocol

Question 334

What does RTCP stand for?

Answer 334

Real-time Transport Control Protocol

Question 335

What does SRTP stand for?

Answer 335

Secure Real-time Transport Protocol

Question 336

What does SDP stand for?

Answer 336

Session Description Protocol

Question 337

What does IAX stand for?

Answer 337

Inter-Asterisk eXchange (IAX)

Question 338

What does BSS stand for?

Answer 338

Basic Service Set

Question 339

What does BSSID stand for?

Answer 339

Basic Service Set Identifier

Question 340

What does ESSID stand for?

Answer 340

Enhanced Service Set Identifier

Question 341

What does SSID stand for?

Answer 341

Service Set Identifier

Question 342

What does CCMP stand for?

Answer 342

Counter Cipher Mode with block chaining MAC Protocol

Question 343

What is the length of the WEP secret key?

Answer 343

40 bits

Question 344

What is the length of the WEP IV?

Answer 344

24 bits

Question 345

What does WEP use for integrity?

Answer 345

32-bit CRC

Question 346

What does MAIC stand for?

Answer 346

Message Authentication and Integrity Code

Question 347

What does WPS stand for?

Answer 347

Wi-Fi Protected Setup

Question 348

What protocol uses TKIP?

Answer 348

WPA

Question 349

What is the purpose of TKIP?

Answer 349

Encryption. 128-bit per packet

Question 350

What is the difference between WPA and WPA2?

Answer 350

Different encryption algorithm (WPA2 uses CCMP)

Question 351

What ports are available for Cisco web servers?

Answer 351

1003, 1004, 1005

Question 352

What does enable password and enable secret commands mean for a Cisco device?

Answer 352

enable password (clear-text), enable secret (MD5 or SHA)

Question 353

What kind of authentication is used in authNoPriv for SNMPv3 in Cisco?

Answer 353

MD5 or SHA, no encryption

Question 354

Which command is used to disable CDP from a CISCO device?

Answer 354

no cdp run

Question 355

What does authPriv means in a Cisco device?

Answer 355

MD5 or SHA 1 authentication and DES encryption

Question 356

In 64-bit WEP key, how many bits is the IV?

Answer 356

24

Question 357

How can you distinguish a root domain controller from a child domain controller?

Answer 357

Root DC has the NETBIOS name entry of <1B> (Domain Master Browser)

Question 358

What is the maximum which is defined by Microsoft for a new device to appear in the browse list of all other machines in the domain?

Answer 358

48 minutes, anywhere from 24 minutes on a well specified network

Question 359

What does CIFS stand for?

Answer 359

Common Internet File System

Question 360

What port does RPC operate on in Windows?

Answer 360

port 135

Question 361

What does NBT stand for?

Answer 361

NetBIOS Name Table

Question 362

What port does CIFS operate on?

Answer 362

port 445

Question 363

What port does Kerberos version IV operate on?

Answer 363

UDP 750

Question 364

What port does Kerberos change/set password - authentication mechanism operate on?

Answer 364

port 464

Question 365

What does RDP stand for?

Answer 365

Remote Desktop Protocol

Question 366

What does IFID stand for?

Answer 366

Interface ID

Question 367

What does SID stand for?

Answer 367

Security Identifier

Question 368

What is the command to perform a NULL session connection from Linux?

Answer 368

rpcclient -U “”%”” <>

Question 369

What is the command to perform a NULL session connection from smbclient?

Answer 369

smbclient //<>/ipc$

Question 370

What does LSA stand for?

Answer 370

Local Security Authority

Question 371

What does SAM stand for?

Answer 371

LSA Security Account Manager

Question 372

What does SCM stand for?

Answer 372

Service Control Manager

Question 373

RID Values: Administrator?

Answer 373

500

Question 374

RID Values: Guest user?

Answer 374

501

Question 375

RID Values:Domain Admins Group?

Answer 375

512

Question 376

RID Values:Domain User?

Answer 376

513

Question 377

RID Values:Domain Guest?

Answer 377

514

Question 378

What port does LDAP Global Catalogue server operate on?

Answer 378

port 3268

Question 379

What port does LDAP Global Catalogue server over SSL operate on?

Answer 379

port 3269

Question 380

What does FSMO stand for?

Answer 380

Flexible Single Master Operation

Question 381

On a Windows OS how are domain cached credentials stored?

Answer 381

Salted Hash

Question 382

What does DSE stand for?

Answer 382

Domain Specific Entry

Question 383

Which Windows password technique does not use salt?

Answer 383

LM / NT

Question 384

What does SMS stand for?

Answer 384

Systems Management Server

Question 385

What does SCCM stand for?

Answer 385

System Centre Configuration Manager

Question 386

What does SUS stand for?

Answer 386

Software Update Services

Question 387

What does WSUS stand for?

Answer 387

Windows Server Update Services

Question 388

What port does rwho operate on?

Answer 388

UDP 513

Question 389

Which OS is vulnerable to this kind of user enumeration: finger ‘1 2 3 4 5 6 7 8 9 0’@host?

Answer 389

Solaris, Returns all users

Question 390

What does this command means in Solaris: finger 0@host

Answer 390

Returns users with blank GCOS field in /etc/passwd

Question 391

What kind of password hash uses $1 in UNIX password?

Answer 391

MD5

Question 392

What kind of password hash uses $2 in UNIX password?

Answer 392

Blowfish

Question 393

What kind of password hash uses $2a in UNIX password?

Answer 393

EKS Blowfish

Question 394

What kind of password hash uses $3 in UNIX password?

Answer 394

NTLM, no salt

Question 395

What kind of password hash uses $5 in UNIX password?

Answer 395

SHA-256

Question 396

What kind of password hash uses $6 in UNIX password?

Answer 396

SHA-512

Question 397

What does NIS stand for?

Answer 397

Network Information Service

Question 398

How many clear-text characters is each LM hash?

Answer 398

14

Question 399

Which command would you use to list NFS shares on the system 10.10.10.10?

Answer 399

showmount -e 10.10.10.10

Question 400

Which of these is not a network service that can be used to obtaining usernames? a) rusers b) rwhoc) SMTP d) finger e) rpcinfo

Answer 400

e) RPCInfo

Question 401

What does the following .rhosts file signify in bob’s home directory?+ exchange

Answer 401

The user exchange can log in as bob from any server

Question 402

What is the default password for the SYS account on Oracle 10?

Answer 402

CHANGE_ON_INSTALL

Question 403

How many bits, bytes and octets are there in an IPv6 address? a) 128 bits, 16 bytes, 16 octets b) 32 bits, 4 bytes, 4 octets c) 64 bits, 8 bytes, 8 octets d) 32 bits, 8 bytes, 8 octets e) 64 bits, 4 bytes, 4 octets

Answer 403

a) 128 bits, 16 bytes, 16 octets

Question 404

What does POP stand for?

Answer 404

Post Office Protocol

Question 405

What port does videoconf (H.323) service operate on?

Answer 405

TCP 1720

Question 406

Which file defines host level authorization in NFS?

Answer 406

/etc/exports

Question 407

Which command is used to query NFS server?

Answer 407

showmount

Question 408

What action does an HTTP GET request perform?

Answer 408

It retrieves a resource from the web server.

Question 409

What action does an HTTP HEAD request perform?

Answer 409

It returns the same headers as a GET request but with no message body.

Question 410

What action does an HTTP POST request perform?

Answer 410

It performs actions sent in both URL query strings and in the message body.

Question 411

What action does an HTTP PUT request perform?

Answer 411

It attempts to upload the specified resource to the server, contained in the body of the request.

Question 412

What action does an HTTP DELETE request perform?

Answer 412

It attempts to remove the specified resource, contained in the body of the request.

Question 413

What action does an HTTP TRACE request perform?

Answer 413

It asks the server to return in the response body the exact contents of the request message it recieved. It is used to detect the effect of any proxy servers between the client and server.

Question 414

What action does an HTTP OPTIONS request perform?

Answer 414

It asks the server to report the HTTP methods that are available for a particular resource.

Question 415

What action does an HTTP CONNECT request perform?

Answer 415

It converts the request connection to a transparent TCP/IP tunnel, usually to facilitate HTTPS communication through an unencrypted HTTP proxy.

Question 416

What action does an HTTP PATCH request perform?

Answer 416

It attempts to apply partial modifications to a resource, contained in the body of the request.

Question 417

What is the HTTP status code for “OK”?

Answer 417

200

Question 418

What is the HTTP status code for “Created”?

Answer 418

201

Question 419

What is the HTTP status code for “Found”?

Answer 419

302

Question 420

What is the HTTP status code for “Not Modified”?

Answer 420

304

Question 421

What is the HTTP status code for “Bad Request”?

Answer 421

400

Question 422

What is the HTTP status code for “Unauthorized”?

Answer 422

401

Question 423

What is the HTTP status code for “Forbidden”?

Answer 423

403

Question 424

What is the HTTP status code for “Not Found”?

Answer 424

404

Question 425

What is the HTTP status code for “Method Not Allowed”?

Answer 425

405

Question 426

What is the HTTP status code for “Request Entity Too Large”?

Answer 426

413

Question 427

What is the HTTP status code for “Request URI Too Long”?

Answer 427

414

Question 428

What is the HTTP status code for “Internal Server Error”?

Answer 428

500

Question 429

What is the HTTP status code for “Service Unavailable”?

Answer 429

503

Question 430

What is the reason for using root_squash in NFS?

Answer 430

Prevent root on the NFS client from taking a superuser privilege on the NFS server

Question 431

What is the reason for using nosuid in NFS?

Answer 431

To disallow suids and guids to take effect on an NFS export mounted on the client

Question 432

What is the reason for using noexec in NFS?

Answer 432

To disable execution of executable files

Question 433

Which files list hosts and users that are trusted when a connection is made using R* services?

Answer 433

/etc/hosts.equiv, .rhosts

Question 434

What port does XDMC display protocol operate on?

Answer 434

UDP 177

Question 435

What port does Citrix operate on?

Answer 435

port 1494

Question 436

What does ICA stand for?

Answer 436

Independent Computing Architecture

Question 437

What does VNC stand for?

Answer 437

Virtual Network Computing

Question 438

Where does the VNC password string is stored in registry?

Answer 438

\HKEY_CURRENT_USER\Software\ORL\WinVNC3\HKEY_USERS.DEFAULT\Software\ORL\WinVNC3

Question 439

How can nmap be used to query RPC services?

Answer 439

nmap -sS -sR <>

Question 440

What does ISAPI stand for?

Answer 440

Internet Server Application Programming Interface

Question 441

/_vti_inf.html. Which kind of web server is this?

Answer 441

Microsoft IIS. Contains Microsoft Frontpage extensions

Question 442

What does SSP stand for?

Answer 442

Security Support Provider

Question 443

What port does BGP operate on?

Answer 443

TCP 179

Question 444

What does the Daytime service return?

Answer 444

Current date and current time in human readable form

Question 445

What does WSDL stand for?

Answer 445

Web Services Description Language

Question 446

IP Address: 192.168.1.29/24. How many hosts exist in total without the Network ID and the Broadcast Address?

Answer 446

254

Question 447

IP Address: 10.25.253.2/23Which is the broadcast address?

Answer 447

10.25.253.255

Question 448

IP Address: 10.145.25.1/9. Which is the Network ID?

Answer 448

10.128.0.0

Question 449

The maximum size of IP header is:a) 40b) 64c) 48d) 60

Answer 449

d)

Question 450

What does LSASS stand for?

Answer 450

Local Security Authority Subsystem Service

Question 451

How many possible IP addresses are there in a class B?

Answer 451

65536

Question 452

What informational message indicates web redirection? a) 1xx b) 2xx c) 3xx d) 4xx e) 5xx

Answer 452

c) 3xx

Question 453

Which act protects Privacy?

Answer 453

Human Rights Act

Question 454

IIS Banner: Microsoft-IIS/8.0. What is the OS?

Answer 454

Windows Server 2012, Windows 8

Question 455

IIS Banner: Microsoft-IIS/7.5. What is the OS?

Answer 455

Windows Server 2008 R2, Windows 7

Question 456

IIS Banner: Microsoft-IIS/7.0. What is the OS?

Answer 456

Windows Vista, Windows Server 2008

Question 457

IIS Banner: Microsoft-IIS/6.0. What is the OS?

Answer 457

Windows Server 2003, Windows XP Professional x64

Question 458

IIS Banner: Microsoft-IIS/5.0. What is the OS?

Answer 458

Windows 2000

Question 459

IIS Banner: Microsoft-IIS/4.0. What is the OS?

Answer 459

Windows NT 4 Option Pack

Question 460

IIS Banner: Microsoft-IIS/3.0. What is the OS?

Answer 460

Windows NT 4 SP2

Question 461

IIS Banner: Microsoft-IIS/2.0. What is the OS?

Answer 461

Windows NT 4

Question 462

Windows Versions: Windows 4.00?

Answer 462

Windows 95

Question 463

Windows Versions: Windows NT 4.1?

Answer 463

Windows 98

Question 464

Windows Versions: Windows NT 5.0?

Answer 464

Windows 2000

Question 465

Windows Versions: Windows NT 5.1?

Answer 465

Windows XP, Windows 2003

Question 466

Windows Versions: Windows NT 6.0?

Answer 466

Windows Vista, Windows 2008

Question 467

Windows Versions: Windows NT 6.1?

Answer 467

Windows 7, Windows 2008 R2

Question 468

Windows Versions: Windows NT 6.2?

Answer 468

Windows 8, Windows 2012

Question 469

Windows Versions: Windows NT 6.3?

Answer 469

Windows 8.1, Windows 2012 R2

Question 470

Which layer implements the application’s interface in a 3-tier architecture?

Answer 470

Presentation Layer

Question 471

Which layer implements the core application’s logic in a 3-tier architecture?

Answer 471

Application Layer

Question 472

What does XML stand for?

Answer 472

Extensible Markup Language

Question 473

Which are the files used from Apache for authentication?

Answer 473

.htaccess, httpd.conf

Question 474

Name the three different kinds of HTTP authentication

Answer 474

BasicNTLMDigest

Question 475

What does the If-None-Match header means and who is able to send it?

Answer 475

The client sends it to specify and submit an entity tag that the server issued earlier

Question 476

Which two headers does the server use to cache data?

Answer 476

Cache-Control, Pragma

Question 477

What does the 201 response code mean?

Answer 477

It is a response to a PUT request indicating a successful request

Question 478

What does the 301 response code mean?

Answer 478

Moved Permanently. Permanently redirects the browser to a different URL as specified to Location header

Question 479

What does the 302 response code mean?

Answer 479

Found. Temporarily redirects the browser to a different URL as specified in the Location header

Question 480

What does the 304 response code mean?

Answer 480

Not Modified. Instructs the browser to use its cached copy of the requested resource

Question 481

What does the 403 response code mean?

Answer 481

Forbidden. No one is allowed to access the resource regardless authentication

Question 482

What does the 401 response code mean?

Answer 482

Unauthorized. The server requires HTTP authentication

Question 483

What does the 405 response code mean?

Answer 483

Method Not Allowed. The method used in the request is not supported for the specified URL

Question 484

What does the 413 response code mean?

Answer 484

Request Entity Too Large

Question 485

What does the 414 response code mean?

Answer 485

Request URI Too Long

Question 486

The web server itself is functioning but the application accessed via the server is not responding. Which response code is likely to be returned?

Answer 486

503 Service Unavailable

Question 487

What does 404 response code mean?

Answer 487

Not Found. Requested resouce does not exist

Question 488

What does 500 response mean?

Answer 488

Internal Server Error. The server encountered a problem fullfilling the request

Question 489

Which header enforces secure connections to the server?

Answer 489

HTTP Strict-Transport-Security

Question 490

Which header prevents Clickjacking attacks?

Answer 490

X-Frame-Options

Question 491

Which header reduces exposure to drive-by download attacks?

Answer 491

X-Content-Type-Options

Question 492

How many possible IP addresses are there in a class C?

Answer 492

256

Question 493

What kind of password uses no dollar sign in Unix password?

Answer 493

DES

Question 494

What message is ICMP type 3 code 4?

Answer 494

Fragmentation required

Question 495

What message is ICMP type 3 code 5?

Answer 495

Source route failed

Question 496

What message is ICMP type 3 code 8?

Answer 496

Source host isolated

Question 497

What operating system has a TTL of 128?

Answer 497

Windows 98, 2000, Server 2003, XP

Question 498

What operating system has a TTL of 254?

Answer 498

Cisco IOS

Question 499

What Linux kernel version has a TTL of 255?

Answer 499

2.2.14, 2.4

Question 500

What does IMS stand for?

Answer 500

IP Multimedia Subsystem