IS3440 CHAP 13 TESTING AND REPORTING Flashcards
COMMAND ___ is a command on Ubuntu and Debian systems that uses the MD5 checksums to see if changes have been made to files relative to their original status as part of installed packages.
debsums
COMMAND ___ is a command to list open files; it lists open files related to networking, in numeric format.
lsof
COMMAND ___ is the implementation of the nectar command, which can test and communicate over TCP and UDP connections.
nc
COMMAND ___ is a command used to verify network connections by port, routing tables by Internet Protocol (IP) address, and more.
netstat
COMMAND ___ is a flexible command that can be used to scan Transmission control Protocol/Internet Protocol (TCP/IP) network communication by protocol and port.
nmap
___ is a Linux distribution currently based on Ubuntu with penetration testing tools, released in live CD and live USB format.
BackTrack
___ is a protocol of the TCP/IP suite associated with automatic assignment of IP addresses; may also be used for the automatic acquisition of IP addresses from a Dynamic Host Configuration Protocol (DHCP) server on a remote network. Associated with UDP port 68.
(BOOTP) Bootstrap Protocol
___ is a password tool designed to identify passwords that are too simple for a secure system.
Hydra
___ is a password tool designed to identify passwords that are too simple for a secure system.
John the Ripper
___ is a Linux distribution most well known for its live CDs and DVDs.
Knoppix STD
___ is a prominent white-hat hacker. The developer of the map command. Known in the open source security community by the single name ___.
Lyon, Gordon
“Fyodor”
___ is a vulnerability scanning program with a Web-based interface, based on code that was previously released under open source licenses.
Nessus
___ is a utility that can read TCP and UDDP packets, normally associated with the nc command.
netcat
___ is a Linux distribution currently based on Fedora with a variety of security testing tools, including many of those listed at http://sectools.org/ .
Network Security Toolkit
___ is a password tool designed to identify passwords that are too simple for a secure system.
RainbowCrack
___ is an older open source network analyzer. Later versions were released under proprietary licenses as part of SAINT.
(SATAN) Security Administrator Tool for Analyzing Networks
___ is a vulnerability scanning program with a Web-based interface, based on code that was previously released as SATAN under open source licenses.
(SAINT) System Administrators Integrated Network Tool
___ is an intrusion detection system (IDS) with modes associated with IPTABLES firewall rules; associated rules are updated on a regular basis.
Snort
___ is a family of virtual machine software that works with everything from software-based virtualization with programs like VMware Player to bare-metal virtualization with programs like vSphere.
VMware
- Which of the following commands, when used inside and outside of a firewall, can best test the effectiveness of that firewall?
- iptables
- telnet
- nmap
- lsof
nmap
- Which of the following is NOT a password-cracking tool?
- nmap
- John the Ripper
- Hydra
- RainbowCrack
nmap
- What is the TELNET command that would connect to an open port 25 and active server on a system with an IP address of 10.12.14.16?
telnet 10.12.14.16 25
- Which of the following commands includes port information for TCP and UDP communication in numeric format?
- .netstat -aunp
- .netstat -atnp
- .netstat -aund
- .netstat -atunp
.netstat -atunp
- Which of the following commands can help you discover the active hosts on the 192.168.0.0/24?
- nmap -sP 192.168.0.0/24
- nmap -sH 192.168.0.0/24
- nmap -sh 192.168.0.0/24
- nmap -sPO 192.168.0.0/24
nmap -sP 192.168.0.0/24
- Which of the following commands verifies installed files for all of the Debian-style packages installed on a system?
- rpm -Va
- dpjg Va
- debsums
- dpkg -qa
.
debsums
- You can install AIDE from supported repositories for both Red Hat Enterprise Linux and Ubuntu.
TRUE OR FALSE
TRUE
- Which of the following commands sets a last password change date of April, 2010, for user michael?
- chage -c 2010-04-01
- chage -d 2010-04-01
- chage -e 2010-04-01
- chage -i 2010-04-01
chage -d 2010-04-01
- What is the full path to the PAM configuration file that regulates logins on a Linux system?
/etc/pam.d/login
- Which of the following virtual machine options is the default open source solution for the latest Red Hat and Ubuntu distributions?
- KVM
- Xen
- Virtualbox, open source edition
- Hyper-V
KVM
- Which of the following COMMANDS opens a graphical tool that depicts the current CPU and memory load for virtual machines on the target host system?
- virt -viewer
- virsh
- virt-manager
- virt -top
virt-manager
- Nessus is still released under an open source license.
TRUE OR FALSE
FALSE
- Which of the following modes does not apply to Snort as an intrusion detection system?
- Sniffer mode
- Inline mode
- Password mode
- Network mode
Password mode
- What is the COMMAND nc that would connect to and get verbose information on an open port 25 and active server on a system with an IP address of 10.12.14.16?
nc -v 10.12.14.16. 25
- Which of the following is NOT an option for bootable Linux systems with security testing tools?
- BackTrack
- Knoppix STD
- Netcat
- Network Security Toolkit
Netcat
