First Flashcards

1
Q

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just
performed?

A

Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is the best countermeasure to encrypting ransomwares?

A

Keep some generation of off-line backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

If an attacker uses the command SELECT * FROM USER WHERE name=’x’ AND userid IS NULL; –’; which type of SQL injection attack is the attacker performing?

A

End of line comment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?

A

Full disk encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to “www.MyPersonalBank.com”, that the user is directed to a phishing site. Which file does the attacker need to modify?

A

Hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following options represents a conceptual characteristic of an anomaly-based IDS over signature-IDS?

A

Can identify unknown attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?

A

c:\compmgmt.msc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following act requires employer’s standard national numbers to identify them on standard transactions?

A

HIPAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In wireshark, the packet bytes panes show the data of the current packet in which format?

A

Hexadecimal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

_______is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

A

DNSSEC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PGP, SSL and IKE are all examples of which type of cryptography?

A

Public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is considered as one of the most reliable forms of TCP scanning?

A

TCP Connect/Full Open Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following scanning method splits the TCPheader into several packets and makes it difficult for packet filters to detect the purpose of the packet?

A

SYN/FIN scanning using IP fragments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is the BEST way to defend against network sniffing?

A

Using encryption protocols to secure network communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You have successfully gained access to Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS). What is the BEST way to evade the NIDS?

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly