CYBR 4330 - Week 8 Flashcards
standard that describes the creating of a certificate
X.509
technique that uses a phishing e-mail to lure a user into following a malicious link
social engineering
A device that performs more than one function, such as printing and faxing is called what
MFD
A large organization that is responsible for sensitive or critical data may elect to create which of the following to do damage assessment, risk remediation, and legal consultation?
Security Operations Center
A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following?
worm
What Windows operating system was the first to disable null sessions by default?
Windows Server 2003
Adobe System’s ColdFusion uses its proprietary tags, which are written in which of the following languages?
CFML
Carelessly reviewing your program’s code might result in having which of the following in your program code?
bug
Closed ports respond to a NULL scan with what type of packet?
RST
Connecting to an MS SQL Server database with Microsoft’s Object Linking and Embedding Database (OLE DB) requires using what provider?
SQLOLEDB
Cryptography is the process of converting plaintext, which is readable text, into unreadable or encrypted text called which if the following?
ciphertext
Cryptosystems that have a single key that encrypts and decrypts data are using what type of algorithm?
symmetric
Early Windows OSs used which of the following programs loaded into memory to interact with a network resource or device?
NetBIOS
For a Windows computer to be able to access a *nix resource, which of the following must be enabled on both systems?
CIFS
How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix?
254
If a Cisco administrator needs to configure a serial or Fast Ethernet port, which configuration mode should they use?
Interface configuration mode
If a security expert decides to study the process of breaking encryption algorithms, they are performing what?
cryptanalysis
If an attacker decides to implement a less obvious port-scan, or stealth attack, which of the following techniques would be appropriate to make their activities more difficult to detect?
limit their scan speeds
If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use?
Spyware
If an organization does not want to rely on a wireless device to authenticate users, which of the following is a secure alternative?
RADIUS server
If you do not have access to Nessus, what NMap procedure can be used to help you to gain information about remote *nix hosts?
script scanning
If you want to know what the Perl print command does, you can use what command?
perldoc -f print
What is the standard name for a team made up of security professionals?
red team
In 802.11, what is an addressable unit?
station (STA)
In 802.1X, what component refers specifically to the wireless user attempting access to a WLAN?
supplicant
In a Linux script, which of the lines is important because it identifies the file as a script?
!/bin/sh
In a Perl program, to go from one function to another, you simply call the function by entering which of the following in your source code?
name
In a normal TCP session, the sender sends a packet to another computer with which of the following flags set?
SYN flag
In an ACK scan, if the attacked port returns an RST packet the attacked port is considered to be operating in what state?
unfiltered
In any *NIX system, after saving a script named “script_name,” you need to make it executable so that you can run it. Which command will accomplish this task from the command line?
chmod +x script_name
In object-oriented programming, a function contained in a class is called which of the following?
member function
In the C programming language, which of the following show where a block of code begins and ends?
braces
n the C programming language, which statement tells the compiler to keep doing what is in the brackets over and over and over?
for(;;)
In the C programming language, which variable type holds the value of a single letter?
Char
In the Perl programming language, comment lines begin with the which of the following character(s)?
#
In the Perl programming language, variables begin with which of the following characters?
$
In the Perl programming language, which of the following keywords is used in front of function names?
sub
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
In what type of attack does the attacker have the ciphertext of several messages that were encrypted with the same encryption algorithm, but has no access to the plaintext so he or she must try to calculate the key used to encrypt the data?
ciphertext-only
In what type of attack does the attacker need access to the cryptosystem, and the ciphertext to be decrypted to yield the desired plaintext results?
chosen-ciphertext
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?
scripts
Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?
HFNetChk
NetBIOS over TCP/IP is called what in Windows Server 2003?
NetBT
NetBios should be understood by a security professional because it is used for which of the following?
backward compatibility
One of the limitations when using “ping sweeps” is that many network administrators configure nodes not to respond to ICMP Echo Requests. What type of ICMP Echo message is being disabled by these administrators?
reply
What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?
create a contractual agreement
Red Hat and Fedora Linux use what command to update and manage their RPM packages?
yum
Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?
firmware
SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following?
air gap
SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?
TCP/IP
SNMPWalk is a tool useful in enumerating hosts running SNMP with what type of configuration?
default
Some attackers want to be hidden from network devices or IDSs that recognize an inordinate amount of pings or packets being sent to their networks. Which of the following attacks are more difficult to detect?
stealth
The 802.11 standard applies to the Physical layer of the OSI model, which deals with wireless connectivity issues of fixed, portable, and moving stations in a local area, and the Media Access Control (MAC) sublayer of which OSI model layer?
Data Link layer
The acronym IDS stands for which of the following?
Intrusion Detection System
The computer names you assign to Windows systems are called which of the following?
NetBIOS
The open-source descendant of Nessus is called which of the following?
OpenVAS
The print command for Perl is almost identical to the print command used in which of the following programming languages?
C
The virus signature file is maintained by what type of software?
antivirus
What directions do you save the a program to on your Web server before you check the URL in your Web browser?
cgi-bin
To determine what resources or shares are on a network, security testers must use port scanning and what other procedure first to determine what OS is being used?
footprinting
To determine whether a system could be vulnerable to an RPC-related issue, what tool can be used?
MBSA
To examine the router’s routing table, a Cisco administrator would enter which command?
show ip route
To see additional parameters that can be used with the Netcat command, what should you type at the command prompt?
nc -h
To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to perform what procedure on a range of IP addresses?
ping
Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing?
backdoor
UNIX was first written in assembly language. However, it was soon rewritten in what programming language?
Python
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
apt-get
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
apt-get
Visual Basic Script (VBScript) is a scripting language developed by what companies?
Microsoft
What 1-pixel x 1-pixel image file is referenced in an tag, and usually works with a cookie to collect information
Web bug
What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets?
ISN
What HTTP method is the same as the GET method, but retrieves only the header information of an HTML document, not the document body?
HEAD
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?
127 address
What IPv4 address class has the IP address 221.1.2.3?
Class C
What TCP flag is responsible for delivering data directly and immediately to an application?
PSH flag
What TCP flag is responsible for synchronizing the beginning of a session?
SYN flag
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?
UDP
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?
ICMP
What acronym represents the U.S. Department of Justice new branch that addresses computer crime?
CHIP
