Quiz 3 Flashcards

1
Q

Which of the following is NOT considered a weak configuration?

A

Lack of vendor support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network traffic logs show a large spike in traffic. When you review the logs, you see lots of TCP connection attempts from an unknown external server. The destination port of the TCP connections seems to increment by one with each new connection attempt. This is most likely an example of what kind of activity from which tool?

A

Active reconnaissance w/ Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following Class networks is correctly matched with its equivalent CIDR notation value?

A

Class A = CIDR / 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is NOT a function of a SIEM system?

A

Spam filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why are false negatives more concerning than false positives in vulnerability scan results?

A

A false negative is a missed vulnerability, whereas a false positive is reported vulnerability that may be recognized not to be an actual vulnerability later

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is a fully configured enviornment similar to the normal operating environment that can be operational immediately or within a few hours depending on its configuration & the needs of the organization?

A

Hot site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You want to protect your organization’s network from a certain malware that you know always reaches out to attacker.tld for command & control traffic. You push an updated hosts file to all devices in your organization so that “attacker.tld” will now only resolve to a certain IP address that you designate. This is an example of what technique?

A

DNS Sinkhole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Correctly implementing TLS encryption for HTTPS using only modern trusted cipher suites is an example of which of the following?

A

Protecting data in transit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What should a legitimate penetration tester always have?

A

Written permission memo including scope & rules of engagement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Purple team

A

Establish defenses, test defenses, repeat, & collaborate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Red team

A

Specialized, highly skilled, & mimic real world threat actors by focusing on offense

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

White team

A

Impartial judges if competitive scoring is involved or simply outside coordinators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Blue team

A

Establish defenses, then monitor & handle incident response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly