Day 1 76-114 Flashcards
1.76 Which THREE of these are used for password cracking?
A. BTCrack B. John the Ripper C. KerbCrack D. Nikto E. Cain and Abel F. Havij
Answer: B,C,E
1.77 On a Windows machine, what is the RID/SID of the administrator account?
A. 100
B. 412
C. 500
D. 999
Answer: C
1.78 Hacker Joe attacks a web page by entering unexpected data on the logon page. He then gains access to the database and displays the contents of the table that has usernames and passwords of other users. What is the problem here?
A. Insufficient security management
B. Insufficient exception handling
C. Insufficient database hardening
D. Insufficient input validation
Answer: D
1.79 Which of these is a set of rules for people who handle electronic medical data?
A. FISMA
B. COBIT
C. HIPAA
D. ISO/IEC 27002
Answer: C
1.80 You boot your computer up to find a pop-up message saying that illegal activity was detected, and your computer is now locked. The message also states that you must pay a fine to have your computer unlocked. You find that you cannot bypass this message and you are unable to use your computer at all. Which of these threats is this describing?
A. Riskware
B. Spyware
C. Adware
D. Ransomware
Answer: D
1.81 While you are logged in to your bank using your web browser, you get an e-mail with a link to another website. You click the link and go to the second site where you see some funny videos. The next day, your bank sends you an e-mail saying your account has been accessed from China, and funds have been transferred there. Which of these web vulnerabilities was exploited to steal your funds?
A. Web form input validation
B. Clickjacking
C. Cross-Site Scripting
D. Cross Site Request Forgery
Answer: D
1.82 The chance of a hard drive failure is once every four years. The cost to buy a new hard drive is $400. It will require 5 hours to restore the OS and software to the new hard disk. It will require another 5 hours to restore the user data from the last backup to the new hard disk. The recovery tech earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%).
What is the closest approximate cost of this replacement and recovery operation per year?
A. $100
B. $125
C. $500
D. $1500
Answer: B
1.83 An attacker wants to target your company with malware, so he compromises a web site your employees frequently visit. He hopes your users’ machines will become infected with the malware. Which type of attack is this?
A. Spear Phishing attack
B. Watering Hole attack
C. Heartbleed attack
D. Shellshock attack
Answer: B
1.84 What is the process called that can record, log, and resolve events that happen in your company?
A. Metrics
B. Incident management process
C. Internal procedure
D. Security policy
Answer: B
1.85 While doing a pen-test, you send the boss’s secretary an e-mail, changing the source to look like it came from the boss. You ask her for some links to relevant websites. She sends you the links via e-mail. You change them to links containing malware and send them back, telling her the links didn’t work. She tries the links herself and her machine gets infected, giving you access to it. Which testing method was used?
A. Piggybacking
B. Social engineering
C. Tailgating
D. Eavesdropping
Answer: B
1.86 Which of the following describes a LM Hash:I - The maximum password length is 14 characters.II - There are no distinctions between uppercase and lowercase.III - It’s a simple algorithm, so 10,000,000 hashes can be generated per second.
A. I
B. II
C. I and II
D. I, II, and III
Answer: D
1.87 In which phase of incident-handling do you define processes/procedures/rules, and create and test back-up and response plans?
A. Preparation phase
B. Identification phase
C. Containment phase
D. Recovery phase
Answer: A
1.88 Which technique provides ‘security through obscurity‘ by hiding secret messages within ordinary messages?
A. Encryption
B. RSA algorithm
C. Steganography
D. Public-Key cryptography
Answer: C
1.89 While doing a pen-test, you find a hidden folder with the admin’s bank account username and password information. What should you do?
A. Do not report it and continue the penetration test
B. Report immediately to the administrator
C. Transfer money from the administrator’s account to another account
D. Do not transfer the money but steal the bitcoins
Answer: B
1.90 Risks = threats x vulnerabilities x impact is referred to as the:
A. Risk equation
B. Threat assessment
C. Disaster recovery formula
D. BIA equation
Answer: A
1.91 Which password cracking technique takes the longest time and most effort?
A. Dictionary attack
B. Shoulder surfing
C. Brute force
D. Rainbow tables
Answer: C
1.92 You find out your web site has some flaws, so to fix them you prevent users from entering HTML as input into the web site.
Which type of web flaw were you trying to fix?
A. Cross-site scripting vulnerability
B. Web site defacement vulnerability
C. SQL-injection vulnerability
D. Cross-site Request Forgery vulnerability
Answer: A
1.93 Which is a typical method for exploiting the ShellShock vulnerability?
A. SYN Flood
B. Manipulate format strings in text fields
C. Through web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable web server
D. SSH
Answer: C
Bash is the name of a popular shell (command prompt) in may Unix-based systems. Bash can also be used to run commands passed to it by applications and it is this feature that the vulnerability affects. One type of command that can be sent to Bash allows environment variables to be set. Environment variables are dynamic, named values that affect the way processes are run on a computer. The vulnerability lies in the fact that an attacker can tack-on malicious code to the environment variable, which will run once the variable is received.
1.94 Hacker Joe stands outside the facility while talking on his phone. When an authorized employee walks by, swipes her badge, and enters the building, Joe grabs the door before it closes. What just happened?
A. Phishing
B. Whaling
C. Piggybacking
D. Masquerading
Answer: C
1.95 Which of these is NOT one of the basic responses to risk?
A. Avoid
B. Delegate
C. Mitigate
D. Accept
Answer: B
1.96 In 2014 a well-publicized vulnerability was found in the GNU Bash shell that would let an attacker run remote commands on a vulnerable system. What was this called?
A. Shellshock
B. Shellbash
C. Rootshock
D. Rootshell
Answer: A
1.97 The CEO hired you to mitigate threats and vulnerabilities to the point that you have totally eliminated risk. What is one of the first things you should do?
A. Start the Wireshark application to start sniffing network traffic
B. Interview all employees in the company to rule out possible insider threats
C. Establish attribution to suspected attackers
D. Explain to the CEO that you cannot eliminate all risk, but you will be able to reduce risk to an acceptable level
Answer: D
1.98 In Risk Management, how is the term “likelihood” related to the concept of “threat?”
A. Likelihood is a possible threat-source that may exploit a vulnerability
B. Likelihood is the probability that a vulnerability is a threat-source
C. Likelihood is a the probability that a threat-source will exploit a vulnerability
D. Likelihood is the likely source of a threat that could exploit a vulnerability
Answer: C
1.99 The Open Web Application Security Project (OWASP) is a community-driven effort to improve the security of web applications. What is the top item on their Top Ten most critical web security risks?
A. Injection
B. Cross Site Request Forgery
C. Cross Site Scripting
D. Path disclosure
Answer: A
Check out OWASP’s top-10 list at https://www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013
You’ll see that Injection is at the top of their list
