CYBR 4330 - Week 7 Flashcards
What tool can be used to read and write data to ports over a network?
Netcat
What type of IDS/IPS is used to protect a critical network server or database server by installing the IDS or IPS software on the system you’re attempting to protect?
Host-based
What type of IDSs/IPSs monitors activity on network segments by sniffing traffic as it flows over the network and alerting a security administrator when something suspicious occurs?
Network-based
What type of Windows Server is the most likely server to be targeted by a computer hacker?
Domain Controller
What type of an IDS is being used when it does not take any action to stop or prevent an activity occurring?
passive system
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?
vulnerability
What type of attack causes the victim’s computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes?
Ping of Death
What type of attack is being attempted when an attacker uses a password-cracking program to guess passwords by attempting every possible combination of letters?
brute force
What type of attack is being conducted when the attacker has messages in both encrypted form and decrypted forms?
known plaintext
What type of attack is being performed when an attacker intercepts the initial communications between a Web server and a Web browser while forcing a vulnerable server to insecurely renegotiate the encryption being used down to a weaker cipher?
SSL/TLS downgrade attack
What type of attack is being performed when the attacker has access to plaintext and ciphertext, and can choose which messages to encrypt?
chosen-plaintext
What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth?
Man-in-the-Middle
What type of cryptography is demonstrated by reversing the alphabet so A becomes Z, B becomes Y, and so on?
substitution cipher
What type of encryption is currently used to secure WPA2?
AES
What type of firewall inspects network traffic at a higher level in the OSI model than a traditional stateful packet inspection firewall does?
application-aware firewall
What type of function is being performed when a router screens packets based on information in the packet header?
router screening
router screening
HTTP
What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system?
Keyloggers
What type of laws should a penetration tester or student learning hacking techniques be aware of?
local, state, and federal
What type of malicious code could be installed in a system’s flash memory to allow an attacker to access the system at a later date?
BIOS-based rootkit
What type of malicious computer programs present themselves as useful computer programs or applications?
Trojan programs
What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?
eavesdropping
What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail?
virus
What type of modulation spreads data across a large-frequency bandwidth instead of traveling across just one frequency band?
Spread spectrum
