Third Flashcards

1
Q

Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access. A camera captures people walking and identifies the individuals using Steve’s approach. After that, people must approximate their RFID badges. Both the identifications are required to open the door.
In this case, we can say:

A

The solution implements the two authentication factors: physical object an physical characteristic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which Intrusion Detection System is the best applicable for large environments where critical assets on the network need extra scrutiny and is ideal for observing sensitive network segments?

A

Network-based intrusion detection system (NIDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library? This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.

A

Heartbleed Bug

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which protocol is used for setting up secure channels between two devices, typically in VPNs?

A

IPSEC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following Secure Hashing Algorithm (SHA) produces a 160-bit digest from a message with a maximum length of (264-1) bits and resembles the MD5 algorithm?

A

SHA-1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

A

At least once a year and after any significant upgrade or modification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

A

HPing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?

A

Userland exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is not a PCI compliance recommendation?

A

Rotate employees handling credit card transactions on a yearly basis to different departments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The “white box testing” methodology enforces what kind of restriction?

A

The internal operation of a system is completely known to the tester.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

A

Cross-Site Scripting (XSS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools. Which of the following tools is being described?

A

Aircrack-ng

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The following is part of a log file taken from the machine on the network with the IP address of 192.168.0.110:
Time: June 16 17:30:15 Port:20 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:17 Port:21 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:19 Port:22 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:21 Port:23 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:23 Port:25 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:23 Port:80 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
Time: June 16 17:30:30 Port:443 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP
What type of activity has been logged?

A

Port scan targeting 192.168.0.110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

A

nmap -sT -O -T0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Bob, your senior colleague, has sent you a mail regarding aa deal with one of the clients. You are requested to accept the offer and you oblige.
After 2 days, Bob denies that he had ever sent a mail.
What do you want to “know” to prove yourself that it was Bob who had send a mail?

A

Non-repudation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly