Q&A FedVTE Flashcards
Bluejacking does all of the following except:
A. Occurs during the pairing process
B. Exploits a user definable field in the transmission packet
C. Attacker sends unwanted and anonymous messages to the vulnerable device
D. Exploits a firmware flaw in older devices
D. Exploits a firmware flaw in older devices
An IDS, Intrusion Detection System, that examines critical files and determines if they have changed, is what type of IDS?
A. Network based
B. Log File Monitoring
C. Host-based
D. File Integrity Checking
D. File Integrity Checking
Which of the following describes the wholeness and completeness of the information without any alteration except by authorized sources?
A. Functionality
B. Integrity
C. Confidentiality
D. Availability
B. Integrity
Which two operating systems uses the CFS-Cryptographic File System?
A. Windows
B. Linux
C. Solaris
D. MacOS
B. Linux
C. Solaris
The system of algorithm, parameters, keys, and/or passwords used for encrypting and decrypting data is called what?
A. Cryptosystem
B. Cryptography
C. Cryptanalysis
D. Cipher
A. Cryptosystem
A worm or virus that infects office documents is known as a ____ virus.
A. File
B. Macro
C. Hoax
D. Source Code
Not “File”
Drawing of symbols in public places to publicize an open Wi-Fi wireless network is called what?
A. WarChalking
B. WarDriving
C. WarFlying
D. WarWalking
B. WarDriving?
The Risk Management process includes the following steps EXCEPT:
A. Risk Mitigation
B. Identification and Evaluation
C. Risk Vulnerability
D. Risk Assessment
C. Risk Vulnerability *
SHA takes a message of arbitrary length as input and produces a 160-bit fingerprint or message digest.
A. True
B. False
True
An email which claims to be from a legitimate source, attempting to solicit information, or convince a senior executive to take some sort of action, is known as:
A. Phishing
B. Whaling
C. Vishing
D. Smishing
Whaling
A virus that does not increase the size of the infected file by hiding in the “open space” of a file is what type of virus:
A. Stealth
B. Companion
C. Cavity
D. Armored
B. Companion -
How does a denial-of-service, DoS, attack operate?
A. A hacker prevents users from accessing a service.
B. A hacker tries to decipher a password by using a password cracking tool.
C. A hacker uses every character, word, or letter to crack the authentication.
D. A hacker attempts to impersonate an authorized user by stealing the user’s token.
A. A hacker prevents users from accessing a service.
What is an effective countermeasure to password cracking?
A. Writing down your password and storing it in a secure location that only you know about
B. Saving your password in a hidden file on your hard drive
C. Compose a strong password based on a phrase that results in a random combination of letters, numbers, and symbols
D. Use a third-party program to save your password as an encrypted file and store it on a form of removable media
C. Compose a strong password based on a phrase that results in a random combination of letters, numbers, and symbols
Specifically crafting packets such that the target host accepts the packet, but the IDS ignores it as an invalid packet, is known as:
A. Evasion
B. Denial of Service
C. Insertion
D. Matching
A. Evasion
Of the activities below, which one would not be considered passive foot-printing?
A. Scan the range of IP address found in the target’s DNS database
B. Look through the trash to find out any information that might have been discarded
C. Perform multiple searches through a search engine
D. Search on a financial site such as Yahoo Financial
A. Scan the range of IP address found in the target’s DNS database
Which of the following is NOT a “clean computing habit” for users?
A. Do not open email attachments from unknown senders.
B. Do not browse unverified or unknown websites.
C. Do not accept removable media from unknown persons.
D. None of the above.
D. None of the above.
Which of the following analyses an operating system and all the applications on the network to discover any security flaws that are present?
A. SAINTscanner
B. Nessus
C. GFI LAN Guard
D. ID Serve
A. SAINTscanner -
B. Nessus -
Which hashing function uses 160-bit digest?
A. MD5
B. SHA-1
C. SHA-512
D. HMAC
B. SHA-1
List the events of a web server and client exchange in the correct order: 1. Server Sends Page to Browser, 2. Browser Connects to Server, TCP 3. Server Acknowledges Connection, 4. Browser Displays HTML Page, 5. Browser issues Request, HTTP Get
A. 5, 2, 3, 4, 1
B. 2, 4, 3, 1, 5
C. 1, 5, 2, 4, 3
D. 2, 3, 5, 1, 4
D. 2, 3, 5, 1, 4
Which application is a robust packet analysis console that enables users to quickly analyze multi-terabyte packet recordings?
A. CACE Pilot
B. Cain and Abel
C. WinArpAttacker
D. SMAC
A. CACE Pilot
What protocol has a vulnerability of having passwords and data sent in clear text on port 80?
A. NNTP
B. POP3
C. IMAP
D. HTTP
HTTP
The act of altering configuration files and the expected operation of a service is known as what kind of attack?
A. Memory corruption
B. Fraggle Attack
C. Service Reconfiguration
D. RST Injection
C. Service Reconfiguration?
An attacker tries to access restricted directories and execute commands on the webserver by using the URL to change directories is called what type of attack?
A. Parameter Tampering
B. CRLF Injection attack
C. Unicode
D. Directory Traversal
D. Directory Traversal
To attack a wireless network, you install an access point and redirect the signal of the original access point. You are now able to capture users’ authentication data. What kind of attack is this?
A. Rogue Access Point Attack
B. WarDialing
C. Unauthorized Access Point Attack
D. WPA Attack
A. Rogue Access Point Attack *
