Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SRSI_2 > Vulnerabilities Labs > Flashcards

Vulnerabilities Labs Flashcards

1
Q

Which tool is commonly used for port scanning during reconnaissance?

A) Nessus
B) Metasploit
C) Nmap
D) Wireshark

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the primary function of OpenVAS?

A) Network traffic analysis
B) Vulnerability scanning
C) Exploit development
D) Malware analysis

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In Nmap, which option is used for a SYN scan?

A) -A
B) -sS
C) -O
D) -Pn

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which phase of penetration testing focuses on identifying weaknesses?

A) Exploitation
B) Post-exploitation
C) Reconnaissance
D) Vulnerability assessment

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does CVSS stand for?

A) Common Vulnerability System Standard
B) Critical Vulnerability Scoring System
C) Common Vulnerability Scoring System
D) Cyber Vulnerability Standard System

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which tool is widely used for exploiting vulnerabilities?

A) Nmap
B) OpenVAS
C) Nessus
D) Metasploit Framework

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a payload in the context of exploitation?

A) A script for scanning
B) A malicious code to be executed on the target
C) A protocol for secure communication
D) A software patch

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which Metasploit command lists available exploits?

A) show payloads
B) show exploits
C) list modules
D) exploit db

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does reverse shell refer to in exploitation?

A) A program that prevents exploitation
B) A type of shell that connects back to the attacker’s machine
C) A shell script for recon
D) An encrypted communication channel

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the purpose of privilege escalation?

A) To scan for vulnerabilities
B) To gain higher-level access on the target system
C) To execute a denial-of-service attack
D) To identify open ports

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of vulnerability scanning?

A) To exploit a system
B) To identify potential security weaknesses
C) To install security patches
D) To monitor network traffic

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which tool is best suited for comprehensive vulnerability management?

A) Metasploit
B) OpenVAS
C) Wireshark
D) Hydra

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which protocol is most commonly scanned for misconfigurations in servers?

A) FTP
B) SSH
C) HTTP
D) All of the above

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which option in Nmap is used for OS detection?

A) -sS
B) -Pn
C) -O
D) -A

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the output of a vulnerability scanner?

A) Exploit code
B) Encrypted files
C) A list of identified vulnerabilities
D) A list of blocked IPs

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following tools performs vulnerability scans and compliance checks?

A) Nmap
B) Nessus
C) Metasploit
D) Nikto

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Nikto primarily used for?

A) Network scanning
B) Web server vulnerability assessment
C) Exploitation
D) Port scanning

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which severity metric is included in CVSS?

A) Base score
B) Network complexity
C) Exploit availability
D) Authentication level

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which tool uses plugins for specific vulnerability checks?

A) OpenVAS
B) Wireshark
C) Nmap
D) Burp Suite

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the first step in vulnerability testing?

A) Exploitation
B) Reconnaissance
C) Scanning
D) Reporting

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the primary role of Metasploit?

A) Analyzing network traffic
B) Exploiting vulnerabilities
C) Scanning networks
D) Generating SSL certificates

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What does RCE stand for in exploitation?

A) Remote Code Execution
B) Root Compromise Exploit
C) Remote Credential Extraction
D) Recursive Code Examination

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following best describes a shellcode?

A) Encrypted user credentials
B) Malicious code used during exploitation
C) A command-line scanning tool
D) A debugger for analyzing code

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the default port for the Metasploit RPC server?

A) 443
B) 80
C) 8080
D) 55553

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which payload allows the attacker to control the target system remotely?

A) Meterpreter
B) Reverse TCP
C) Bind shell
D) All of the above

A

D

26
Q

What is privilege escalation?

A) Gaining administrative-level access
B) Removing traces of exploitation
C) Injecting malicious payloads
D) Scanning open ports

A

A

27
Q

What is a pivot in exploitation?

A) Accessing internal networks from a compromised system
B) Reverting changes made to a system
C) Extracting encrypted passwords
D) Restarting a targeted application

A

A

28
Q

What is the purpose of a buffer overflow exploit?

A) Deny access to legitimate users
B) Execute arbitrary code on the target
C) Monitor network traffic
D) Strengthen firewall rules

A

B

29
Q

Which of the following tools can automate post-exploitation tasks?

A) OpenVAS
B) Nessus
C) Metasploit
D) Nikto

A

C

30
Q

What is the purpose of the searchsploit command?

A) To search for vulnerabilities in a system
B) To search exploit databases for specific vulnerabilities
C) To scan for open ports
D) To monitor traffic

A

B

31
Q

Which protocol is often exploited through SQL injection?

A) HTTP
B) FTP
C) SMTP
D) DNS

A

A

32
Q

What does the msfconsole command provide?

A) A user-friendly interface for Nessus
B) A command-line interface for Metasploit
C) A vulnerability scoring system
D) A protocol analyzer

A

B

33
Q

What is the purpose of Burp Suite in vulnerability testing?

A) Network mapping
B) Web application penetration testing
C) Malware reverse engineering
D) Privilege escalation

A

B

34
Q

What is the role of the exploit command in Metasploit?

A) To generate payloads
B) To execute the chosen exploit
C) To scan for vulnerabilities
D) To manage listeners

A

B

35
Q

What is commonly the first step in exploiting a system?

A) Post-exploitation
B) Privilege escalation
C) Reconnaissance
D) Exploit deployment

A

C

36
Q

Which vulnerability type involves injecting malicious commands into a web application?

A) Cross-Site Scripting (XSS)
B) Buffer Overflow
C) SQL Injection
D) Privilege Escalation

A

C

37
Q

Which command in Nmap checks for service versions?

A) -sS
B) -A
C) -sV
D) -oX

A

C

38
Q

What is a common use of “Burp Suite”?

A) Network scanning
B) Web application testing
C) Password cracking
D) Forensic analysis

A

B

39
Q

What kind of attack does a buffer overflow usually lead to?

A) Denial-of-Service
B) Remote Code Execution
C) Credential Theft
D) Packet Sniffing

A

B

40
Q

Which of the following techniques is NOT part of exploitation?

A) Post-exploitation pivoting
B) Scanning for vulnerabilities
C) Delivering payloads
D) Exploit execution

A

B

41
Q

What is the primary goal of reconnaissance in penetration testing?

A) Delivering exploits
B) Gathering information about the target
C) Accessing administrative privileges
D) Erasing traces of the attack

A

B

42
Q

What type of payload is a reverse shell?

A) Active connection initiated by the attacker
B) A listener on the victim’s side connecting to the attacker
C) Malware that exfiltrates data
D) An HTTP-based exploitation script

A

B

43
Q

What is Metasploit’s post module used for?

A) Vulnerability scanning
B) Exploitation
C) Post-exploitation tasks
D) Shell creation

A

C

44
Q

Which attack targets flaws in input sanitization?

A) XSS
B) Remote Code Execution
C) SQL Injection
D) Both A and C

A

D

45
Q

In Metasploit, what does the “set LHOST” command configure?

A) The target machine’s IP address
B) The attacker’s IP address for payload connection
C) The victim’s shell type
D) The exploit file path

A

B

46
Q

What is the purpose of a false positive in vulnerability scanning?

A) To identify vulnerabilities that don’t exist
B) To evade detection by security systems
C) To test patch management
D) To check configuration files

A

A

47
Q

Which tool focuses on web server and application scanning?

A) Nmap
B) Nikto
C) Metasploit
D) Hydra

A

B

48
Q

What is the output of an effective vulnerability test?

A) A risk assessment report
B) Exploits to use in attacks
C) Complete system logs
D) Malware removal suggestions

A

A

49
Q

Which type of attack does Cross-Site Scripting (XSS) facilitate?

A) Man-in-the-Middle attacks
B) Credential theft
C) Script injection into user browsers
D) Network packet flooding

A

C

50
Q

What is OpenVAS best at identifying?

A) Web application weaknesses
B) Network vulnerabilities
C) Software patches
D) Firewall misconfigurations

A

B

51
Q

What does a successful privilege escalation exploit provide?

A) System reboot access
B) Higher access privileges than intended
C) Root directory deletion
D) Malware propagation capabilities

A

B

52
Q

What is a Trojan Horse exploit?

A) Hidden malicious code within legitimate software
B) A virus that spreads across a network
C) An automated SQL Injection tool
D) Password-stealing malware

A

A

53
Q

Which exploit type involves memory manipulation?

A) Buffer Overflow
B) SQL Injection
C) XSS
D) Credential Stuffing

A

A

54
Q

What is the role of set payload in Metasploit?

A) To choose the vulnerability to exploit
B) To select a malicious code to run on the target
C) To define the victim’s IP address
D) To establish listener settings

A

B

55
Q

What type of network structure is most vulnerable to pivoting?

A) Flat, unsegmented networks
B) Highly segmented, well-monitored networks
C) Air-gapped systems
D) Secure Wi-Fi networks

A

A

56
Q

What is commonly used in testing email servers for vulnerabilities?
A) Hydra
B) Social Engineering Toolkit
C) SMTP Relay Testing
D) Nikto

A

C

57
Q

What does an RFI (Remote File Inclusion) attack target?

A) File paths in vulnerable web applications
B) Buffer memory of the target
C) SQL query parameters
D) Shell execution commands

A

A

58
Q

What type of hash is commonly cracked in password files?

A) MD5
B) AES
C) RSA
D) Elliptic Curve

A

A

59
Q

What is an example of a brute-force attack tool?

A) Hydra
B) Wireshark
C) Nessus
D) Nikto

A

A

60
Q

What does a RAT (Remote Access Trojan) enable?

A) Unauthorized access to target systems
B) Denial-of-service attacks
C) Encryption of data for ransom
D) Firewall evasion

A

A

SRSI_2 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions