Test Questions Flashcards

1
Q

What is an attack surface?

A

A area that can be hacked on a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A hacker that uses premade tools to conduct attacks is known as which type of hacker?

A

Script kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When you want to remain anonymous on the Internet, what manages the traffic flow?

A

TOR browsers (or onion network)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A hacker motived by personal beliefs is practicing what type of hacking?

A

Hacktivism

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the team called that is hired or used to access the security of company?

A

Red Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the name of the software that controls the communication between the VM and the physical host?

A

Hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A native or bare metal hypervisor does not communicate with which element(s) of the physical host?

A

operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the name of Microsoft’s software implementation of a hypervisor?

A

Hyper-V

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Briefly describe VM sprawl.

A

When a business create virtual machines and forgets or ignores them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

To create an image of a VM in its current state, what would you do?

A

create a snapshot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

skills that are necessary for communication are called ___.

A

soft skills

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which organization provides certifications such as Security+ and CySA+?

A

CompTIA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Microsoft offers MTA certification, which is an entry-level certification in a security fundamentals. What does MTA stand for?

A

Microsoft Technology Associate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which certification is used by penetration testers as evidence of their knowledge of preventative hacking?

A

Certified Ethical Hacker (CEH)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which security principle relates to protecting data against unauthorized chanes?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the practice of having multiple layers of security to protect against intruders?

A

Defense in Depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Briefly describe frameworks

A

Guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Nontraditional computing devices with Internet access describes ___.

A

Internet of things (LOT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the weakest link in an an organization’s policy and plan?

A

Users

20
Q

What is a Trojan or Trojan horse?

A

Malware that hides inside a legitimate program.

21
Q

Software that is preinstalled or embedded in hardware is known as ___.

A

firmware

22
Q

Which type of cookie remains on the computer after the browser is closed until it reaches its expiration date?

A

persistent cookie

23
Q

What is the social engineering technique in which the hacker lies to get information?

A

pretexting

24
Q

If you are digging through a trash can for information, what is this hacking technique called?

A

dumpster diving

25
Q

What is meant by compliance?

A

Following rules and regulations by which an origination must abide

26
Q

Which law covers unauthorized access to computers?

A

Electronic Communication Privacy Act (ECPA)

27
Q

What is the basic purpose of the Gramm-Leach-Bliley Act (GLBA)?

A

It ensures financial businesses, such as banks, protect personal data

28
Q

What governmental agency monitors issues related to the SOX rules?

A

Securities and exchange commission (SEC)

29
Q

What is the minimun number of credit card transactions for the PCI DSS regulations to apply?

A

no minimum, applies to all organizations

30
Q

what is the vulnerability that allows a person to see that a user is entering such as a password?

A

Shoulder surfing

31
Q

Directories should be based on which protocol to allow use with multiple systems?

A

Lightweight directory access protocol (LDAP)

32
Q

A security technique that requires that user not to be using the computer system is known as what strategy?

A

Mandatory vacation

33
Q

What allows you to log in one time and access multiple services without having to reenter credentials?

A

Single sign-on (SSO)

34
Q

What system configuration should you set to require administrative credentials for installing software?

A

User account control (UAC)

35
Q

What are the permission options for shared folders?

A

Read, Change, and full control

36
Q

Which NTFS permission allows the ability to rename a file?

A

Modify

37
Q

how can a shared folder be set to hidden?

A

put a ($) at the end of the share name

38
Q

Permissions received from a higher folder are called what type of permissions?

A

Inherited

39
Q

The net result of all permissions results in what a user can do. This is called what type of permission?

A

Effective

40
Q

Which command would you enter at the command prompt to stop a task running?

A

TASKKILL

41
Q

What is the command entry to show all batch files that start with the letter S?

A

dir S*.bat

42
Q

Which marker indicates the current directory?

A

Single period (.)

43
Q

Which command is placed in a batch file to display text on the screen?

A

ECHO

44
Q

what is the command entry to output the task list to a file called processes.txt?

A

tasklist

45
Q

how is the syntax of a PowerShell cmdlet constructed?

A

Verb-noun

46
Q

When a command line or Linux command is run in PowerShell, what type of command is it?

A

Alias

47
Q

How would you get additional help fir the get-process cmdlet?

A

Enter get-help get-process