Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Meu CEH > Module 13 - Hacking Web Servers > Flashcards

Module 13 - Hacking Web Servers Flashcards

1
Q

___ ______ is a computer system that stores, processes and delivers web pages to clients via HTTP.

a. DNS Server
b. Web Server
c. Exchange Server
d. SCCM Server

A

b. Web Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Web Server Concepts:

Internet Information Services (IIS) is used on which system?

a. Linux
b. Unix
c. Solaris
d. Microsoft

A

d. Microsoft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Web Server Concepts:

Apache web services are used on which system?

a. Linux
b. Unix
c. Solaris
d. Microsoft

A

a. Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Web Server Attacks:

  • Attacker uses compromised PCs with spoofed IP address to amplify the DDoS attacks on victims’ DNS server by exploiting DNS recursive method.
  • 2 or more computers attack a DNS server
    a. DNS Attack
    b. Directory Traversal Attack
    c. DNS Amplification Attack
    d. Man-in-the-Middle Attack (MITM)
A

c. DNS Amplification Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Web Server Attacks:

Attackers gain access to restricted directories outside of the web server root directory.

a. DNS Attack
b. Directory Traversal Attack
c. DNS Amplification Attack
d. Man-in-the-Middle Attack (MITM)

A

b. Directory Traversal Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Web Server Attacks:

  • Allows an attacker to access sensitive information by intercepting and altering communications between an end-user and server.
  • Can lead to a Replay Attack.
    a. DNS Attack
    b. Directory Traversal Attack
    c. DNS Amplification Attack
    d. Man-in-the-Middle Attack (MITM)
A

d. Man-in-the-Middle Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Web Server Attack Methodology:

Implement _____________ ____ scan to identify weaknesses in a network and determine if the system can be exploited.

a. Banner Grab
b. Exploit Scan
c. Service Scan
d. Vulnerability Scan

A

d. Vulnerability Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Web Server Attack Tools:

________ is an exploit tool which supports fully automated exploitation of web servers, by abusing known vulnerabilities and leveraging weak passwords via Telnet, SSH, HTTP, and SNMP.

a. Metasploit
b. Nessus
c. IntelLink
d. Lexus Nexus

A

a. Metasploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Patch Management:

A ________ adds functionality to a system.

a. Service Pack
b. Patch
c. Exploit
d. Hotfix

A

b. Patch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Patch Management:

A _________ is a combination of 100+ hotfixes and patches for a system.

a. Service Pack
b. Patch
c. Exploit
d. Hotfix

A

a. Service Pack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Patch Management:

A ________ fixes things or something on a system.

a. Service Pack
b. Patch
c. Exploit
d. Hotfix

A

d. Hotfix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Method that compare binary signatures of know attacks to dettect misuse and a intrusion.

A

Signature Recognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Dettect a intrusion when an event occurs outside the baseline off normal traffic. Based on bahavioral.

A

Anormaly detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Meu CEH (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions