Kahoot -EH-06-P1: Infrastructure Attacks Flashcards
What is a synonym for vulnerability
a. ) integrity
b. ) payload
c. ) risk
d. ) weakness
d.) weakness
Exploit DB can be assessed by Kali by ____.
a. ) msfvenom
b. ) ExploitSQL
c. ) SearchSploit
d. ) MetaSploit
c.) SearchSploit
All common vulnerabilities and exposures have known exploits T or F
False
Metasploit has all the following modules EXCEPT _____
a. ) Search
b. ) Auxilliaries
c. ) Nops
d. ) Encoders
a.) Search
Using a reverse shells help mitigate network firewalls T or F
True
Which shell payload allows you to take screenshots and migrate process
a. ) shell
b. ) zsh
c. ) meterpreter
d. ) bash
c.) meterpreter
Before the victim clicks a reverse shell malware, you must ______
a. ) use Shikata ga ni coder
b. ) set up a listener
c. ) send them an encoded email
d. ) mask the malware extension
b.) set up a listener
Eternal Blue was developed by which government agency
a. ) MIB
b. ) NSA
c. ) FBI
d. ) CISA
b.) NSA
Once an initial foothold is established, which is program is used to aid in lateral movement
a. ) SSL strip
b. ) Bloodhound
c. ) John the Ripper
d. ) Burp Suite
b.) bloodhound
What tool is commonly natively installed on Linux and used by hackers to move files around
a. ) nmap
b. ) wireshark
c. ) netcat
d. ) metasploit
d.) metasploit
Which is the first step after the BIOS in the Linux boot order
a. ) MBR
b. ) GRUB
c. ) Init/SystemD
d. ) Kernel
a.) MBR
John the Ripper only works with a custom word list T or F
False
What tools do you use to combine /etc/passwd and /etc/shadow so that John the ripper can crack the passwords
a. ) Shadow combine
b. ) unshadow
c. ) cmake
d. ) rm john.pot
b.) unshadow
What website do you download the actual exploit code
a. ) ExploitDB
b. ) nvd
c. ) MITRE
d. ) CVE
a.) ExploitDB
Which exploit did we use to elevate privileges on kernel 2.6 to 3.9
a. ) LinuxElevate
b. ) DirtyCow
c. ) EternalBlue
d. ) CowBoy
b.) DirtyCow
