Kahoot Flashcards
In a packet, this is used to identify a set of noes that must be traversed by the packet along its path to a destination.
Padding
Routing header
flags
Type of service
Routing Header
No Operation instructions that slide the program execution to the next memory address are known as _______
Trespassing
Reverse Shells
Buffer Overflows
NOP sleds
NOP Sleds
______ Prevents senders from denying they sent the encrypted message.
confidentiality
Authentication
Integrity
Nonrepudiation
Nonrepudiation
A Man in the Middle, machine in the middle, monkey in the middle (MITM) attack is when a/n ____________
perpetrator sets up a listener
attacker sits between two parties who think they are directly communicating
shell session is established on a connection initiated from a remote machine
adversary attempts to masquerade as a legitimate entity
attacker sits between two parties who think they are directly communicating
A hacker takes a device and hides malware within it hoping someone finds the device. This is best known as _____
Road Apples
Phishing
Trojan Horse
Rootkit
Road Apple
______ proves the contents of a message have not been changed since it was sent
Confidentiality
Nonrepudiation
Authentication
Integrity
Integrity
________ will show you the number of lines from the bottom of a file.
End
Word Count
Head
Tail
Tail
What is it when any access to information is granted to someone who shouldnt have access to it, such as redentials.
Sensitive data exposure
Broken access control
Privilege escalation
Security misconfiguration
Sensitive data exposure
This vulnerability has been around since iOS 7. Those in Bluetooth range could reprogram your iPhone.
Pegasus
iMessage
Heartbleed
AirDrop
AirDrop
_____ happens when invalid data is sent to the application, intending to make it do something that it shouldn’t
Broken Authentication
SQL injection
Multi-byte NOP-sled
Buffer overflow
SQL Injection
ARP is a protocol that enables network communications and translates IPv4 to IPv6 (T/F)
False
The OG PING Utility created in 1983, was used by DARPA to test performance and was called the Packet Internet Groper (T/F)
True
Comparable to a classic firewall; has a choke point router filtering in bound traffic before the web server & firewall.
Retina 3.0
Retina
Network Based security
Nessus
Retina
______ may make forecasting the address to where a program jumps undo able.
Address space layout randomization
Stack randomization
Obfuscation
NOP sleds
Stack Randomization
Netcat functions as a back-end tool that alows data across a client and server once the connection is established (T/F)
True
Which rootkit infects your hard drive or system BIOS and may even be used to intercept disk-written data?
Bootloader Rootkit
Memory Rootkit
Kernel mode rootkit
Hardware or firmware rootkits
Hardware or Firmware rootkits
NDP supplements several IPv4 protocols, ie ARP and ICMP redirect. However it has not improved ________.
Parameter discovery
Inverse neighbor Discovery
Prefix Discovery
Host Discovery
Host Discovery
There are four categories of IDS. What are they?
VMIDS, NIDS, HIDS, PIDS
NIDS, VMIS, TIDS, PIDS
VMIDS, NIDS, HIPS, TIPS
NIDS, WMIDS, HIDS, PINS
NIDS, VMIS, TIDS, PIDS
_____ is a device that monitors activity to identify questionable or even hostile events
Router
Switch
IDS
IPS
IDS
NMAP, short for network mapper, can do all but which of the following?
Detect security risks
transfer files
provide a hardware and software inventory
find open ports
transfer files
_______ will show you the first 3 lines of a file.
Top
Tail
Word Count
Head
Head
Snort advantages include all of the following except:
It comes configured for every zero-day attack out there.
its free and you can change and build signatures
it keeps records of data packet
it can trap anomalies or unwanted data packets in traffic
It comes configured for every zero-day attack out there
The integrated circuit chip (ICC) contains information about the owner, including the PIN and PKI digital certificates. (T/F)
True
A worm strained up to 50 million computers in 2007. What was its name?
Slammer
Storm
ILOVEYOU
Code Red
Storm
Every Snort rule must have a SID. (T/F)
True
In this mode it reads packets off the network and displays them in a stream on your interface
Network intrustion detection mode
Sniffer mode
Host base intrustion prevention system
packet logger
Sniffer mode
The algorithm a node uses to map an IPv6 destination address to a neighbor IPv6 address.
Next Hop determination
Address resolution
Parameter Discovery
Neighbor Discovery Protocol (NDP)
Next Hop determination
Which of the following is a PING command?
- t PINGs the specified host until stopped
- s Strict source route along host-list
- a denotes alphaneumeric field values
-t
A shell script used to scan system binaries for rootkit alteration.
chkrootkit
zacinlo
haxorcito
backdoor
chkrootkit
Logs all the packets to a disk, and can be useful for network traffic debugging
sniffer mode
network intrustion detection mode
Packet logger
host base intrustion prevention system
Packet logger
Performs detection and analysis on network traffic. it is considered the most complex mode. Useful in traffic debugging.
Packet logger
Network intrustion detection mode
Host based intrustion prevention system
sniffer mode
Network (?)
Pings are mostly used wen two hosts have no problem communicating with one another. (T/F)
False
An attack used for almost six yearsbefore it was found to be a common rootkit attack on windows 10
Backdoor
Zacinlo
chkrootkit
Haxorcito
Zacinlo
Stateless firewalls uses dynamic filtering (T/F)
True
The two types of DNS queries are iterative and recursive (T/F)
True
Which is not NOP-sled?
Jump sled
Multi-byte Nop Equivalent sled
Trampoline sled
one byte equivalent sled
Jump sled
An attacker compromises a legitimate website knowng a victim will browse and allow them to breach their target device.
Spyware
Drive-by download
water hole
vishing
Driveby download (somehow)
Much like multi byte sleds, its opcode can go straight to the shell code.
jump instructions
reverse shells
trampoline sleds
jump sleds
jump instructions
PKI certificates verifies all but which of the following?
The owner of the private key
Authenticity of the relationship going forward to maintain security
Message decryption
website visitors are sending information to the intended recipient
message decryption
ports _ to _ are well known port numbers, designed for internet use.
1 -1024
0-1023
0-65536
1-65535
0-1023
Netcat is a ______ utility which reads and writes data across network connections using TCP or UDP protocol.
Windows
Linux
Unix
Macintosh
Unix
IPv6 Vulnerabilities include all but which of the following?
Bind TCP
Dual Stacking
Multicast
Auto-Configuration
Bind TCP
A common technique to get through a locked door; simply follow someone opening a door and enter before it closes.
Drive-by Download
piggy backing
stalking
tailgating
Piggy backing
Encryption provides the following: confidentiality, authentication, integrity, and Nonrepudiation. (T/F)
True
Retina can scan____ ie user account & mail server security holes, DoS Vulnerabilities, and even firewall issues.
an IP address or URL of a server
550 vulnerabilities
over 1200 checks on a given computer
new vulnerabilities
550 vulnerabilities
____ is the amount of time it takes from release of a new patch to its full adoption among a fleet of mobile devices.
AOSP implementation
The TrustZone
The vulnerability window
the POODLE vulnerablity
Vulnerability window
All of the following are the modes of snort except:
Host base Intrustion prevention system
sniffer
packet logger
Network intrustion detection mode
network inrustion detection mode
Who creates digital certificates and owns the policies for verifyiing recipients and issuing the cerifiicates?
PKI certiicates
SSL cerificates
INternet assigned numbers Authority IANA
certification authorities
Certification Authorities
