Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Midterm 2 (cis 475) > Midterm 2 > Flashcards

Midterm 2 Flashcards

1
Q
  1. Which of the following password cracking methods is the fastest?
    a. Dictionary attack
    b. Brute force
    c. Birthday attack
    d. Reverse hash matching
A

a. Dictionary attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. __________means sniffing through a hub, on a hub the traffic is sent to all ports. involves only monitoring of the packets sent by others without sending any additional data packets in the network traffic.
    A. Active sniffing
    B. Passive sniffing
    C. Hardware sniffing
    D. None of the above
A

B. Passive sniffing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Which type of malware is likely the most impactful?
    A. Worm
    B. Dropper
    C. Ransomware
    D. Virus
A

C. Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What is a countermeasure for SNMP enumeration?
    A. Remove the SNMP agent from the device.
    B. Shut down ports 135 and 139 at the firewall.
    C. Shut down ports 80 and 443 at the firewall.
    D. Enable SNMP read-only security on the agent device.
A

A. Remove the SNMP agent from the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following is a tool to crack passwords?
    a. Intercepting an SSH connection
    b. Nessus
    c. NMAP
    D. John the Ripper
A

D. John the Ripper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Which of the following is used for recording key strokes at a terminal or keyboard using malicious software?
    A.Spyware
    B.Malware
    C.Key logger
    D.Recordware
A

C.Key logger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. A user reports that they have downloaded a music file from the Internet. They inform you that when they opened the file, it seemed as though it installed an application, and then the user was prompted to send a payment of $500 to a Paypal accountto get the key to decrypt their hard drive.
    The user no longer has access to their desktop. What could be the issue?
    A. The user is experiencing a hoax.
    B.The user downloaded and installed ransomware.
    C. The user installed malware.
    D.The user downloaded the wrong music file.
A

B.The user downloaded and installed ransomware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Which tool can be used to conduct layer 4 scanning and enumeration?
    a. Ping
    b. Metasploit
    c. John the Ripper
    d. Nmap
A

d. Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. An attacker is conducting the following on the target workstation: nmap -sT 192.33.10.5. The attacker is in which phase?
    a. Covering tracks
    b. Enumeration
    c. Scanning and enumeration
    d. Gaining access
A

c. Scanning and enumeration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What is the most important part of conducting a penetration test? +
    a. Receiving a formal written agreement
    b. Documenting all actions and activities
    C. Remediating serious threats immediately
    d. Maintaining proper handoff with the information assurance team
A

a. Receiving a formal written agreement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Software that creates pop-up advertisement messages while visiting websites is known as what?
    A. Adware
    B. Malware
    C. Pop-up blocker
    D. Freeware
A

A. Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. What technique would a malware author use to try to make it past an anti-malware solution?
    A.Disassembly
    B.Obfuscation
    C.Reverse engineering
    D.Dropper
A

B.Obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. As a security administrator, you want to ensure every user only has the specific permissions and rights they need for the role they have. What principle are you following?
    a. Role-based access control
    b. Least privilege
    c. Reducing availability
    d. Setting up an encryption process
A

b. Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What is a common attack type of the Kerberos protocol that can look like legitimate traffic?
    a. Kerberoasting
    b. Javaroasting
    C. Man in the Middle
    d. Ticket granting compromise
A

a. Kerberoasting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. To sniff, what mode must your network adapter be configured to in order to pull frames off an Ethernet or wireless network that aren’t addressed to you?
    A.Active
    B.Promiscuous
    C.Stealth
    D.CSMA/CD mode
A

B.Promiscuous

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Why would an attacker conduct an open TCP connection scan using Nmap?
    a. The attacker does not want to attack the system
    b. The attacker made a mistake by not selecting a SYN scan function
    c. The attacker is trying to connect to network services
    d) The attacker is trying to make the scan look like normal traffic
A

d) The attacker is trying to make the scan look like normal traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. As part of an assessment on an organization you working for, you decide to conduct a social engineering attack to gather credentials that you will use later. What type of attack would be the most efficient if you wanted to get credentials from an administrator?
    A.Man-in-the-middle
    B.Pharming
    C.Spear phishing
    D.Phishing
A

C.Spear phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. What technique might a malware author use that would be most effective to evade detection by anti-malware software?
    A. Encryption
    B. Packing
    C. Compression
    D. Polymorphism
A

D. Polymorphism

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. What tool could you use to fully automate a social engineering attack, like sending out a phishing campaign?
    A. Nmap
    B. Metasploit
    C. Setoolkit
    D. Aircrack
A

C. Setoolkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. In which phase within ethical hacking framework do you alter or delete log information?
    a. Scanning and enumeration
    b. Gaining access
    c. Reconnaissance
    d. Covering tracks
A

d. Covering tracks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. What security requirement is violated if data is corrupted by bad memory as it is being stored on a hard disk?
    a. Availability
  2. Confidentiality
    c. Integrity
    d. Possession
A

c. Integrity

22
Q
  1. What is the biggest problem with using rainbow tables for password cracking?
    a. Disk space utilization
    b. Processor utilization
    c. Low success rate
    d. Not used for password cracking
A

a. Disk space utilization

23
Q
  1. Which of these is an exploit that takes advantage of a vulnerability in the Server Message Block protocol to compromise systems remotely?
    a. WannaCry
    b. BigBlue
    c. EternalBlue
    d. Shadow Brokers
A

c. EternalBlue

24
Q
  1. How does ARP spoofing work?
    A. Sending gratuitous ARP requests
    B. Sending gratuitous ARP responses
    C. Filling up the ARP cache
    Đ. Flooding a switch
A

B. Sending gratuitous ARP responses

25
Q
  1. You have just compromised a system using Metasploit. What module would you now load to collect passwords from memory?
    a. dumphash
    b. autoroute
    C. mimikatz
    d. Siddump
A

C. mimikatz

26
Q
  1. Which of the following is an application that does not need a host or human interaction to disrupt and corrupt data?
    A.Worm
    B.Virus
    C.Trojan
    D.Malware
A

A.Worm

27
Q
  1. Which of the following is the correct way to search for a specific IP address in Wireshark using a display filter?
    A. ip.addr = 192.168.1.100
    B. ip == 192.168.1.100
    C. ip = 192.168.1.199
    D. ip.addr == 192.168.1.100
A

D. ip.addr == 192.168.1.100

28
Q
  1. What is one disadvantage of a single sign on strategy?
    a. It offers a single point of failure for authentication
    b. There is no replication for security policies
    c. Passwords are stored in plain text
    d. User accounts are easily accessible
A

a. It offers a single point of failure for authentication

29
Q
  1. What do you need to provide to Wireshark to allow it to decrypt encrypted packets?
    A. License
    B. Password
    C. Keys
    D. Hash
A

C. Keys

30
Q
  1. The password file of a Windows system is located in which of the following directories?
    a. C:\System32\Windows\config
    b. \etc\win\config
    c. C:\System \Window\config
    d. C:\Windows\System32\config
A

C:\Windows\System32\config

31
Q
  1. What utility is used to gather information about NetBIOS configuration on Windows systems?
    a. netstat
    b. Nmap
    C. nbtstat
    d. Ping
A

C. nbtstat

32
Q
  1. What protocol could you use to gather configuration information about a system over the network?
    a. SMTP
    b. SNMP
    с. НТТР
    d. FTP
A

b. SNMP

33
Q
  1. If you needed to enumerate data across multiple services and also store the data for retrieval later, what tool would you use?
    A. MegaPing
    B. Nmap
    C. Nessus
    D. Metasploit
A

D. Metasploit

34
Q
  1. Which password is more secure?
    A. keepyourpasswordsecuretoyourself
    B. pass123!!
    C. P@SSworD
    D. Keep YOur PasswordSafe!
A

D. Keep YOur PasswordSafe!

35
Q
  1. What type of social engineering attack uses SMS (text) messages to communicate with the victim?
    A. Smishing
    B. Vishing
    C.Phishing
    D.Kishing
A

A. Smishing

36
Q
  1. Which of these could you enumerate on a WordPress site using wpscan?
    A. Plug-ins
    B. Posts
    C. Administrators
    D. Versions
A

C. Administrators

37
Q
  1. An attacker is dressed as a postal worker. Holding some large boxes, he follows a group of workers to make his drop-off in the back of the facility. What is the attacker trying to conduct?
    A. Phishing
    B. Sliding
    C Piggybacking
    D. Shimming
A

C Piggybacking

38
Q
  1. Which of the following describes the collection of human physical attributes for use in performing electronic authentication?
    a. Personal identification card
    b. Hair and fingerprints
    C. Biometrics
    d. Type 3 control
A

C. Biometrics

39
Q
  1. Which operating system build provides a suite of tools for network offensive (attack your target) purposes?
    a. Kali Linux
    b. Windows Server 2012 R2
    c. FreeBSD
    d. Security Onion
A

a. Kali Linux

40
Q
  1. What is a major drawback of most antivirus software?
    A. lt can be extremely slow.
    B. lt must have the latest virus definitions.
    C. It can take up a lot of host resources.
    D. It requires a lot of effort to administer
A

B. lt must have the latest virus definitions.

41
Q
  1. Which of the following is considered a framework for penetration testing?
    A. Metasploit
    B. Cain & Abel
    C. Nessus
    D. Security Onion
A

A. Metasploit

42
Q
  1. Which of the following malware achieved a historical first by causing physical damage to a nuclear reactor facility?
    A. Stuxnet
    B. Blue’s Revenge
    C. LOVEYOU virus
    D. BackOrifice
A

A. Stuxnet

43
Q
  1. Which of the following applications is used to inspect packets?
    A. Wireshark
    B. Cain & Abel
    C. Aircrack
    D. Nmap
A

A. Wireshark

44
Q
  1. You are the senior manager in the IT department for your company. What is the most cost-effective way to prevent social engineering attacks?
    A. Install HIDS.
    B. Ensure that all patches are up-to-date.
    C. Monitor and control all email activity.
    D.Implement security awareness training.
A

D.Implement security awareness training.

45
Q
  1. What operating-system-agnostic feature of Metasploit would you use to perform tasks on a compromised system, including getting keystokes?
    a. Meterpreter
    b. Metainpreter
    c. Metasploit
    d. Mimikatz
A

a. Meterpreter

46
Q
  1. What are two advantages of using a rootkit?
    A. Installing alternate data streams and Registry keys
    B. Creating Registry keys and hidden processes
    C. Hiding processes and files
    D. Hiding files and Registry keys
A

C. Hiding processes and files

47
Q
  1. Malware installed at the kernel is very difficult to detect with products such as antivirus and anti-malware programs. What is this type of malware called?
    A. Ransomware
    B.Rootkit
    C.Vampire tap
    D. Worm
A

B.Rootkit

48
Q
  1. As a pen tester, what content might you include in addition to your general findings?
    a. List of patched systems
    b. List of disabled accounts
    C. List of identified vulnerabilities
    d. List of revoked certificates
A

C. List of identified vulnerabilities

49
Q
  1. Spammers want you to:
    A. Not open any links
    B. Think first and act later
    C. Act first and think later
    D. None of the Above
A

C. Act first and think later

50
Q
  1. An email contains a link with the subject line “Congratulations on your cruise!” and is sent to the finance person at a company. The email instructs the reader to click a hyperlink to claim the cruise. When the link is clicked, the reader is presented with a series of questions within an online form, such as name, Social Security number, and date of birth. What type of attack would this be considered?
    A. Email phishing
    B. Spear phishing
    C. Social engineering
    D. Identity theft
A

B. Spear phishing

Midterm 2 (cis 475) (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions