Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Ethical Hacking > Module 9 > Flashcards

Module 9 Flashcards

1
Q

SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following?

A

air gap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is a common Linux rootkit?

A

Linux Rootkit 5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS?

A

Windows CE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have. (True or False)

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users?

A

Mandatory Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What type of malicious code could be installed in a system’s flash memory to allow an attacker to access the system at a later date?

A

BIOS-based rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs. (True or Flase)

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What programming languages are vulnerable to buffer overflow attacks?

A

C and C++

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is often found within an embedded OS that can cause a potential vulnerability to an attack?

A

Web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the most serious shortcoming of Microsoft’s original File Allocation Table (FAT) file system?

A

no ACL support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is considered to be the most critical SQL vulnerability?

A

null SA password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?

A

Share-level security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Ubuntu and Debian Linux use what command to update and manage their RPM packages?

A

apt-get

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?

A

firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?

A

router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following systems should be used when equipment monitoring and automation is critical?

A

SCADA

17
Q

When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource?

A

User-level security

18
Q

What is the current file system that Windows utilizes that has strong security features?

A

NTFS

19
Q

What type of viruses and code has been created by security researchers and attackers that could infect phones running Google’s Android, Windows Mobile, and the Apple iPhone OS?

A

Java-based

20
Q

Which of the following is an advantage of Windows CE over other Windows embedded OSs?

A

Its source code is available to the public.

21
Q

Which of the following describes an RTOS?

A

An embedded OS capable of multitasking and responding predictably

22
Q

Which of the following is a major challenge of securing embedded OSs?

A

Patching

23
Q

The lack of a familiar interface, such as CD/DVD-ROM drives, contributes to the difficulty of updating embedded OSs. True or False?

A

True

24
Q

SCADA systems are used for which of the following?

A

Monitoring equipment in large-scale industries

25
Q

Multifunction devices (MFDs) are rarely which of the following?

A

Scanned for vulnerabilities

26
Q

A common vulnerability of routers and other network devices with built-in Web management interfaces is which of the following?

A

authentication vulnerability

27
Q

Which of the following can modify part of the OS or install themselves as kernel modules, drivers, libraries, and even applications?

A

rootkit

28
Q

Which of the following doesn’t use an embedded OS?

A

A workstation running Windows Vista Business

29
Q

If the time and money required to compromise an embedded system exceeds the value of the system’s information, a security tester might recommend not fixing the vulnerability. True or False?

A

True

30
Q

One reason that some vendors of embedded OSs are using open-source software more is that the cost of developing and patching an OS is shared by the entire open-source community. True or False?

A

True

31
Q

Which of the following is considered a good defense against low-level rootkits?

A

Trusted Platform Module (TPM)

32
Q

An embedded OS must be developed specifically for use with embedded systems. True or False?

A

False

33
Q

*nix embedded OSs are most likely to be found on which of the following devices?

A

Cisco switches and routers

34
Q

Most printers now have only TCP/IP enabled and don’t allow default administrator passwords, so they’re inherently more secure. True or False?

A

False

35
Q

VxWorks is which of the following?

A

A proprietary embedded OS

Ethical Hacking (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions