quiz

Question 1

Subnet Spoofing

Answer 1

Generate random addresses within a given address space

Question 2

Random Spoofing

Answer 2

Generate 32-bit numbers and stamp packets with them

Question 3

Fixed Spoofing

Answer 3

The spoofed address is the address of the target

Question 4

Server Application DOS attack

Answer 4

The attack is targeted to a specific application on a server

Question 5

Network Access DOS attack

Answer 5

The attack is used to overload or crash the communication mechanism of a network

Question 6

Infrastructure DOS attack

Answer 6

The motivation of this attack is a crucial service of a global internet operation, for example core router

Question 7

Random Scanning

Answer 7

Each compromised computer probes random addresses

Question 8

Permutation Scanning

Answer 8

All compromised computers share a common pseudo-random permutation of the IP address space

Question 9

Signpost Scanning

Answer 9

Uses the communication patterns of the compromised computer to find new target

Question 10

Hitlist Scanning

Answer 10

A portion of a list of targets is supplied to a compromised computer

Question 11

Which of these are the reasons why the UDP-based NTP protocol is particularly vulnerable to amplification attacks?

Answer 11

A small command can generate a large response.
Vulnerable to source IP spoofing.
It is difficult to ensure computers communicate only with legitimateNTP servers

Question 12

The server must reject all TCP options because the server discards the SYN queue entry. T or F?

Answer 12

True

Question 13

With regards to a UDP flood attack, which of the following statements are true

Answer 13

Attackers can spoof the IP address of their UDP packets. Firewalls cannot stop a flood because the firewall is susceptible to flooding

Question 14

Client puzzles should be stateless. T/F

Answer 14

True

Question 15

Puzzle complexity should increase as the strength of the attack increases. TF

Answer 15

True

Question 16

Which of the folloiwing are assumptions that can be made about Traceback?

Answer 16

Attackers may work alone or in groups

Question 17

Select all the statements that are true for the edge sampling:

Answer 17

Multiple attackers can be identified since edge identifies splits in reverse path.
Requires space in IP packet header

Question 18

Self defense against reflector attacks should incorporate:

Answer 18

Server redundancy- servers should be located in multiple networks and locations.
Traffic limiting - traffic from a name server should be limited to reasonable tresholds

Question 19

Deep web

Answer 19

It is not indexed by standard search engines

Question 20

Dark web

Answer 20

Web content that exists on darknets

Question 21

Surface web

Answer 21

Readily available to the public, and searchable with standard search engines

Question 22

Doorway pages

Answer 22

A webpage that lists many keywords, in hopes of increasing search engine ranking. Scripts on the page redirect to the attackers page.

Question 23

Crypters

Answer 23

A program that hides malicious code from anti virus software

Question 24

Blackhat search engine optimizer

Answer 24

It increases traffic to the attacker’s site by manipulating search engine

Question 25

Trojan download manager

Answer 25

Software that allows an attacker to update or install malware on a victim’s computer

Question 26

What are the two defining characteristics of the internet spam?

Answer 26

Inappropriate or irrelevant

Large number of recipients

Question 27

Name the top three countries where spam directed visitors added items to their shopping cart

Answer 27

US
Canada
Philippines

Question 28

Which events should trigger a penetration test

Answer 28

Apps are addred or modified
End user policies are changed
Security patches are installed
Infrastructure is added or modified

Question 29

List the steps attackers use to access RSA adobe flash software

Answer 29

Identify employees are vulneralbe
Craft an email subject line that entices an employee to open it
Hide an executable file in the email that will install onto the victim’s computer when email is opened

Question 30

Flash or CD autoplay attack

Answer 30

A flash is created that has a program that creates a connection to the exploit server

Question 31

Reverse shell applet attack

Answer 31

A signed JAVA applet is sent to the user, if they accept it, a shell is sent back to the exploit server

Question 32

Click logger attack

Answer 32

Used to determine which users click on links in emails

Question 33

Download connection attack

Answer 33

An email contains an attachment, when the attackment is downloaded an connection is made to the exploit server

Question 34

ON the pie chart, what are the top 3 industries that were targets in 2016?

Answer 34

Defense contractor
restaurant
software

Question 35

Tier one

Answer 35

A network can reach every other network through peering

Question 36

Tier 2

Answer 36

A network that peers some of its network access and purchases some of it

Question 37

Tier 3

Answer 37

A netowkr that purchases all transit from other networks

Question 38

ip PROVIDES ONLY BEST EFFORT DELIVERY, ITS NOT GUARANTEED

Answer 38

True

Question 39

Due the connectionless nature of IP, data corruption, packet loss, dupelication, and out of order delivery can occur

Answer 39

True

Question 40

Network layer controls can protect data within the packets as well as the IP info for each packet

Answer 40

True

Question 41

IP information cannot be protected by transport layer controls

Answer 41

True

Question 42

Address resolution protocol (ARP)

Answer 42

Protocol designed to map IP network addresses to the hardware address used by a data link protocol

Question 43

Open shortest path first (OSPF)

Answer 43

protocol uses a link state routing algorithm and falls into the group of interior routing protocols

Question 44

Border gateway protocol (BGP)

Answer 44

protocol designed to exchange routing and reachability information among autonomous system(AS)

Question 45

Denial of service

Answer 45

Create a false route or kill a legitimate one

Question 46

Sniffing

Answer 46

The attacker must control a device along the victim’s commuinication path

Question 47

Routing to endpoints in malicious networks

Answer 47

The first step is to hijack traffic from a legitimate host

Question 48

Creating route instabilities

Answer 48

Not yet used by hackers because damage cannot be contained. it can blockback to the attacker

Question 49

Revelation of network topologies

Answer 49

Unmasking the AS relationships by hacking the routing table

Question 50

Domain name

Answer 50

A name in the DNS format

Question 51

DNS zone

Answer 51

A set of names under the same authority (ie “.com”)

Question 52

Delegation

Answer 52

Transfer of authority for/to a subdomain

Question 53

changing a domain name into an IP address involves a large number of steps. To save time, the records are <> on a local server for reuse later

Answer 53

Cached

Question 54

Each record hs a <> that states how long a record can be kept for future use

Answer 54

TTL

Question 55

All domain names and IP addresses are stored at the central registry

Answer 55

True

Question 56

It can take several days for information to propagete to all DNS servers

Answer 56

TRUE

Question 57

The attacker’s server responds with a short TTL record, the attacker needs to register a domain and delegate it to a server under his control. The attacker exploits the smae origin policy

Answer 57

True

Question 58

Using components with known vulnerabilities

Answer 58

Uses unpatched third party components

Question 59

Missing function level access control

Answer 59

Privileage functionality is hidden rather than enforced through access controls

Question 60

Sensitive data exposure

Answer 60

Abuses lack of data encryption

Question 61

Insecure direct object references

Answer 61

Attacker modify file names

Question 62

Security misconfiguration

Answer 62

exploits misconfigured servers

Question 63

cross site scripting

Answer 63

insert javascript into trusted sites

Question 64

Broken authentication and session

Answer 64

program flaws allow bypass of authentication methods

Question 65

Injection

Answer 65

modifies back end statement through user input

Question 66

Given the list of attributes, which 2 should not be combined? put a check next to the 2 attributes that should not be combined in sandbox

Answer 66

allow same origin

allow scripts

Question 67

CSP will allow third party widgets( eg Google +1 button) to be embedded on your site

Answer 67

True

Question 68

If you have thrid party forum software that has inline script, CSP cannot be used

Answer 68

False

Question 69

CORS allows cross-domain communication from the brwoser

CORS requires coordination between server and client

Answer 69

True

Question 70

CORS is not widely supported by browsers

The cors header can be used to secure resources on a website

Answer 70

false

Question 71

The token must be stored somewhere

Tokens expire, but there should be mechanisms to revoke them if necessary

Answer 71

true

Question 72

Active session hijacking involves disconnecting the user from the server once that user is logged on. Social engineering is required to perform this type of hijacking

Answer 72

true

Question 73

Select all the items that can be encrypted by HTTPS

Answer 73

Request URL
Query paramaters
Headers
Cookies

Question 74

Which of the following are real disadvantages to useing HTTPS

Answer 74

You need to buy an SSL cert
Mixed modes issue-loading insecure content on a secure site
proxy cahcing problems - prublic caching cannot occur

Question 75

According to Wikipedia, which of these devices is a mobile device

Answer 75

Smart phone held by person
Self driving car
robot

Question 76

list 4 areas of the C based toolchain where ahrdening can occur

Answer 76

Configuration
Preprocessor
Compiler
Linker

Question 77

Which of these behaviors are indiciative of botnets

Answer 77

Linking to an extablished C&C server
Generating Internet relay chat (IRC) traffic using specific range of ports
Generating SMTP emails /traffic
Reducing/ Generating simultaneous identical DNS requests is suspicious

Question 78

what can botnets to evade C-plane clustering

Answer 78

Manipulate communication patterns.
Introduce noise (in the form of random packets) to reduce similarity between C&C flows

Question 79

What can botnets do to evade A plane monitoring

Answer 79

Perform slow spamming

Use undetectable activities (spam sent with Gmail, download exe from https server)

Question 80

Which of the information should be considered in order to identify the source (perp) of an APT attack?

Answer 80

Source IP address of TCP-based attack packets
Coding syle of malware
Inclusion of special libraries with known authors
motives of the attack
language encoding

Question 81

Footprinting (FP)

Answer 81

The attacker gathers information about a target.

The kind of information gathered is DNS, email, servers, and the IP address range

Question 82

Scanning (S)

Answer 82

The attacker uses the internet ot obtain information on specific IP addresses. The kind of information gathered is OS, Services, and architecture of the target system

Question 83

Enumeration (E)

Answer 83

The attacker gathers information on the network user and group names, routing tables, and simple network management protocol.

Question 84

Which protocl is used to break data into packets? which protocol reassembles the data packets?

Answer 84

TCP

Question 85

Which protocol is used to mobve packets from router to router

Answer 85

IP

Question 86

why does ZMap find more hosts than nmap

Answer 86

Statelessness leads to both higher performance and increased coverage

Question 87

With regard to computing, what is entropy?

Answer 87

Randomness for use in cryptgraphy or other applications that require random data

Question 88

what are the two sources of entropy?

Answer 88

Hardware sources and randomness generators.

Question 89

A lack of entropy will have a negative impact on performance and security

Answer 89

True

Question 90

NoBL DNSBL level

Answer 90

This IP address does not send spam, and should not be blacklisted. But it is not fully trustworty

Question 91

GREY DNSBL level

Answer 91

This ip address is not directly involved in spamming but is associated with spam like behaviours

Question 92

Yellow DNSBL level

Answer 92

THis ip address is known to produce spam and non spam email

Question 93

Botnets

Answer 93

Short lived domains

Question 94

Spyware

Answer 94

Anonymously registered domains

Question 95

Adware

Answer 95

Disposable domains

Question 96

List the types of characters a malicuious domain name detection program should look in for a domain name

Answer 96

Number of characters, hyphens, digits

Question 97

Network based features

Answer 97

Quantities such as the total nubmer of IPs historically assicoated with the diversity of their geographical locations, the number of distinct autonomous systems