Midterm Flashcards
What penetration model should be used when a company’s management team does not wish to disclose that penetration testing is being conducted?
Black box
What security certification did the “The International Council of Electronic Commerce Consultants” (EC-Council) develop?
Certified Ethical Hacker (CEH
As a security tester, you can make a network impenetrable (True or False)
False
What type of testing procedure involves the tester(s) analyzing the company’s security policy and procedures, and reporting any vulnerabilities to management?
Security Test
Penetration testers and security testers need technical skills to perform their duties effectively. (True or False)
True
What organization disseminates research documents on computer and network security worldwide at no cost?
ISECOM
Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law. (True or False)
False
Penetration testing can create ethical, technical, and privacy concerns for a company’s management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?
create a contractual agreement
If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?
red team
What penetration model should a company use if they only want to allow the penetration tester(s) partial or incomplete information regarding their network system?
gray box
What professional level security certification requires five years of experience and is designed to focus on an applicant’s security-related managerial skills?
Certified Information Systems Security Professional
What name is given to people who break into computer systems with the sole purpose to steal or destroy data?
crackers
An ethical hacker is a person who performs most of the same activities a hacker does, but with the owner or company’s permission.
true
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?
Vulnerability
What subject area is not one of the 22 domains tested during the CEH exam?
Trojan hijacking
What term best describes a person who hacks computer systems for political or social reasons?
Hacktivists
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?
scripts
Even though the Certified Information Systems Security Professional (CISSP) certification is not geared toward the technical IT professional, it has become one of the standards for many security professionals.
True
What derogatory title do experienced hackers, who are skilled computer operators, give to inexperienced hackers?
script kiddies
What acronym represents the U.S. Department of Justice new branch that addresses computer crime?
CHIP
What professional level security certification did the “International Information Systems Security Certification Consortium” (ISC2) develop?
Certified Information Systems Security Professional (CISSP)
What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network?
Acceptable Use Policy
What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted?
Electronic Communication Privacy Ac
What specific term does the U.S. Department of Justice use to label all illegal access to computer or network systems?
Hacking
What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM) as its standardized methodology?
OPST
What port does the Trivial File Transfer Protocol, or TFTP service use?
69
What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity?
Port
What port does the Domain Name System, or DNS service use?
53
What port does the Simple Mail Transfer Protocol, or SMTP service use?
25
What port does the Hypertext Transfer Protocol, or HTTP service use?
80
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?
ICMP
What port is typically reserved and utilized by the Secure Hypertext Transfer Protocol to create a secure connection to a Web server?
443
What layer, in the TCP/IP stack, is responsible for routing a packet to a destination address?
Internet
What does the acronym TCP represent?
Transmission Control Protocol
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?
UDP
In the TCP/IP stack, the Transport layer includes network services and client software. (True or False)
False
What IPv4 address class has the IP address 221.1.2.3?
Class C
What layer protocols operate as the front end to the lower-layer protocols in the TCP/IP stack?
Application
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?
127 address
What type of network attack relies on guessing a TCP header’s initial sequence number, or ISN?
Session Hijacking
What TCP flag is responsible for synchronizing the beginning of a session?
SYN Flag
What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets?
ISN
An octal digit can be represented with only three bits because the largest digit in octal is seven. (True or False)
True
A hex number is written with two characters, each representing a byte. (True or False)
False
No matter what medium connects computers on network-copper wires, fiber-optic cables, or a wireless setup; the same protocol must be running on all computers if communication is going to function correctly. (True or False)
True
What connection-oriented protocol is utilized by the Transport layer?
TCP
To retrieve e-mail from a mail server, you most likely access port 119. (True or False)
False
What TCP flag is responsible for delivering data directly and immediately to an application?
PSH Flag
A DDoS attack is launched against a host from a single server or workstation.
(True or False)
False
In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn’t check for a defined amount of memory space use.
True
What type of attack causes the victim’s computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes?
Ping of Death
Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network. (True or False)
True
The acronym IDS stands for which of the following?
Intrusion Detection System
Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect?
rootkit
Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing?
backdoor
If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use?
Spyware
Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?
Signatures
Which type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file?
Macro
Whitelisting allows only approved programs to run on a computer. (True or False)
True
The virus signature file is maintained by what type of software?
Antivirus
What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack?
eavesdropping
Which of the following physical security methods provides the ability to secure a company’s assets and document any individuals physical time of entry?
card access
Which type of security is specifically concerned with computers or devices that are part of a network infrastructure?
Network security
A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker?
social engineering
Which type of attack cripples the network and prevents legitimate users from accessing network resources?
Denial of Service
A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following?
Worm
Which term best describes malicious programmatic behaviors that antivirus software companies use to compare known viruses to every file on a computer?
heuristics
Malware programs cannot be detected by antivirus programs. (True or False)
False
What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system?
Keyloggers
When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following?
Zombies
Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party?
Session Hijacking
When a programmer exploits written code that doesn’t check for a defined amount of memory space they are executing which of the following attacks?
Buffer Overflow
What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail?
Virus
Which technique can be used to read PINs entered at ATMs or at other areas when a pin code is entered?
Shoulder surfing
When an attacker chooses to combine social engineering with exploiting vulnerabilities carried out by e-mail, what type of attack is being performed?
Spear phishing
Walking is an automated way to discover pages of a Web site by following links. (True or False)
False
What tactic is being used when an attacker trailing closely behind an employee enters a restricted area without any security credentials by utilizing their proximity to another employee with security clearance?
Piggybacking
Which of the following is a text file generated by a Web server and stored on a user’s browser?
Cookie
What HTTP method is the same as the GET method, but retrieves only the header information of an HTML document, not the document body?
HEAD
What is the HTTP method that retrieves data by URI?
GET
Which tool can be used to gather competitive intelligence from Web sites?
Metis
What social engineering tactic can be utilized to acquire old notes that may contain written passwords or other items that document important information?
dumpster diving
Which type of social engineering attack attempts to discover personal information through the use of email?
Correct!
Phishing
What utility can be used to intercept detailed information from a company’s Web site?
Correct!
Zed Attack Proxy
Which HTTP method requests that the entity is stored under the Request-URI?
PUT
What 1-pixel x 1-pixel image file is referenced in an tag, and usually works with a cookie to collect information
about the person visiting the Website?
Web bug
Which process utilizes the knowledge of human nature to get information from people to use for executing an attack on a computer network?
Social engineering
The HTTP CONNECT method starts a remote application-layer loopback of the request message. (True or False)
False
Which HTTP method is used with a proxy that can dynamically switch to a tunnel connection, such as Secure Socket Layer (SSL)?
CONNECT
Which process enables you to see all the host computers on a network and basically give you a diagram of an organization’s network?
Zone transfers
What area of a network is a major area of potential vulnerability because of the use of URLs?
DNS
What type of general commands allow a security tester to pull information from a Web server using a web browser?
HTTP
What tool can be used to read and write data to ports over a network?
Netcat
Which utility can extract meta-data and documents on a Website to reveal the document creator’s network login, e-mail
address, IP address, and other important information?
FOCA
When an individual attempts to discover as much information legally possible about their competition, what information gathering technique are they performing?
competitive intelligence
Wget is a *nix system command that can be used to retrieve HTTP, HTTPS, and FTP files over the Internet. (True or False)
True
Network attacks can often begin by gathering information from a company’s Web site. (True or False)
True
To see additional parameters that can be used with the Netcat command, what should you type at the command prompt?
nc -h
Namedroppers is a tool that can be used to capture Web server information and vulnerabilities in a Web site’s pages that could allow exploits such as SQL injection and buffer overflows. (True or False)
False
If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?
Red team
What subject area is not one of the 22 domains tested during the CEH exam?
Trojan Hijacking
What type of testing procedure involves the tester(s) analyzing the company’s security policy and procedures, and reporting any vulnerabilities to management?
Security test
What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth?
Man in the middle
Many experienced penetration testers will write a set of instructions that runs in sequence to perform tasks on a computer system. What type of resource are these penetration testers utilizing?
Scripts
As a security tester, you can make a network impenetrable. (True or False)
False
What layer, in the TCP/IP protocol stack, is responsible for encapsulating data into segments?
Transport Layer
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?
ICMP
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
The virus signature file is maintained by what type of software?
Antivirus
A DDoS attack is launched against a host from a single server or workstation. (True or False)
False
Which HTTP method requests that the entity is stored under the Request-URI?
PUT
What policy, provide by a typical ISP, should be read and understood before performing any port scanning outside of your private network?
Acceptable Use Policy
What security certification uses the Open Source Security Testing Methodology Manual (OSSTMM) as its standardized methodology?
OPST
What type of assessment performed by a penetration tester attempts to identify all the weaknesses found in an application or on a system?
Vulnerability
In the TCP/IP stack, the Transport layer includes network services and client software. (True or False)
False
What layer, in the TCP/IP stack, do applications and protocols, such as HTTP and Telnet, operate?
Application
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
Walking is an automated way to discover pages of a Web site by following links. (True or False)
False
What HTTP method is the same as the GET method, but retrieves only the header information of an HTML document, not the document body?
HEAD
What penetration model should be used when a company’s management team does not wish to disclose that penetration testing is being conducted?
Black Box
An ethical hacker is a person who performs most of the same activities a hacker does, but with the owner or company’s permission.
True or False
True
What layer, in the TCP/IP stack, do applications and protocols, such as HTTP and Telnet, operate?
Application
What is the HTTP method that retrieves data by URI?
GET
Which HTTP method starts a remote Application-layer loopback of the request message?
TRACE
When an attacker chooses to combine social engineering with exploiting vulnerabilities carried out by e-mail, what type of attack is being performed?
Spear phishing
What professional level security certification did the “International Information Systems Security Certification Consortium” (ISC2) develop?
Certified Information Systems Security Professional (CISSP)
What type of virus is used to lock a user’s system, or cloud accounts until the system’s owner complies by paying the attacker a monetary fee?
Ransomware
What type of virus is used to lock a user’s system, or cloud accounts until the system’s owner complies by paying the attacker a monetary fee?
ransomware
What type of general commands allow a security tester to pull information from a Web server using a web browser?
HTTP
What penetration model would likely provide a network diagram showing all the company’s routers, switches, firewalls, and intrusion detection systems, or give the tester a floor plan detailing the location of computer systems and the OSs running on these systems?
White
Even though the Certified Information Systems Security Professional (CISSP) certification is not geared toward the technical IT professional, it has become one of the standards for many security professionals.
True
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
What port does the Hypertext Transfer Protocol, or HTTP service use?
80
What layer, in the TCP/IP stack, do applications and protocols, such as HTTP and Telnet, operate?
Correct Answer
Application
What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity?
Port
What type of malicious computer programs present themselves as useful computer programs or applications?
Trojan Programs
Which type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file?
Macro
What tool can be used to read and write data to ports over a network?
Netcat
What federal law makes it illegal to intercept any type of communication, regardless of how it was transmitted?
Electronic Communication Privacy Act
What IPv4 address class has the IP address 221.1.2.3?
Class C
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer?
Signatures
The HTTP CONNECT method starts a remote application-layer loopback of the request message.
False
What is the HTTP method that retrieves data by URI?
GET
What connection-oriented protocol is utilized by the Transport layer?
TCP
In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?
Network
Which utility is used to gather IP and domain information?
Whois
What professional level security certification requires five years of experience and is designed to focus on an applicant’s security-related managerial skills?
Certified Information Systems Security Professional
When a security professional is presented with a contract drawn up by a company’s legal department, which allows them to “hack” the company’s network, they should proceed by performing what precautionary step?
Consult their lawyer
An octal digit can be represented with only three bits because the largest digit in octal is seven.
True
What layer, in the TCP/IP stack, is responsible for routing a packet to a destination address?
Internet
Which HTTP method starts a remote Application-layer loopback of the request message?
TRACE