Homework answers / question archive / Question 1) If you want to mask (or proof) your IP address, what type of scan should you use? Stealth scan IDLE, IPID scan ACK flag probe scan UDP scan Question 2) Which of the following is an Internet Relay Chat bot? EnergyMech SubSeven Netbus Dark Comet Question 3) The following act will help a company become compliant with regulations and standards: Ping scanning Enumeration Vulnerability scanning Replacing Windows systems with Linux Question 4) Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi? War driving War flying War chalking War walking Question 5) Which of the following evasion techniques rely on time-to-live (TTL) fields of a TCP/IP packet? Unicode evasion Obfuscation Denial-of-service attack Insertion attack Question 6) According to your text, components of a cloud broker include which of the following? (choose all that apply) Service aggregation Service arbitration Service intermediation Service negotiation Question 7) Reasons to scan networks include (choose two): Stealing usernames Stealing passwords Identifying hosts Determining open ports Question 8) The network Time Protocol uses which port? 119 123 8080 443 Question 9) Which of the following ports does NTP use as its primary means of communications? UDP port 320 UDP port 161 UDP port 113 UDP port 123 Question 10) What are two advantages to having software as a service (SaaS)? Security Internet dependency Easy administration Low cost Question 11) The following tool extracts documents of an organization from the internet: Cain Metagoofil Netcraft nftables Question 12) A subnet mask of a network is required to perform: A denial-of –service attack on a host Phishing A ping sweep/scan ARP spoofing Question 13) Which of the following enumeration techniques does an attacker use to obtain list of computers that belongs to a domain? SNMP enumeration NTP enumeration SMPT enumeration Netbios enumeration Question 14) A DNS zone transfer (choose two): Uses TCP port 53 Uses UDP port 53 Provides FQDN information about an organization Is possible with Microsoft DNS servers but BIND servers Question 15) Which of the following is true about active stack fingerprinting? Is based on the differential implantation of the stack and the various ways an OS responds to it Is based on the fact that various vendors of OS implement the TCP stack differently TCP connect scan Uses passwords crackers to escalate system privileges Uses sniffing techniques instead of the scanning techniques  Question 16) Which of the following protocols are susceptible to sniffing? Kerberos HTTPS SSL Telnet Question 17) Android options to save persistent application data include which of the following? (choose all that apply) Internal storage External storage SQLite databases Networks connection Question 18) A lack of vetting of apps can lead to which two of the following results? Jail-breaking Rooting Fake apps Malicious apps Question 19) Which of the following companies offer cloud computing services? (choose all that apply) Dropbox Facebook Google Salesforce Question 20) Which of the following characteristics applies to the Simple Service Discovery Protocol (SSDP)? (choose all that apply) Can be vulnerable to denial of service Uses multicast addresses Controls communication for the Universal Plug and play and play Service Not work behind a firewall Question 21) What is the size of WEP initializations vector (IV)? 8-bit 16-bit 24-bit 32-bit Question 22) Which of the following is a connect scan? Nmap-sU Nmap-sS Nmap-sT Nmap-sO Question 23) The following is a tool that can be used to harvest credentials from a Windows machine: Mimikatz LOIC WannaCry Hping Question 24) Meterpreter allows the attacker to move laterally by performing which of the following steps: Hashdump Getsystem Route add Load mimkatz Question 25) Using public Internet IP addresses for a penetration test is an example of: External assessment Network-based assessment Internal assessment Host-based assessment Question 26) The following piece of malware is a bot used as a banking Trojan: Dark Comet Zeus Poison lvy LOIC Question 27) Which of the following are SNMP enumeration tools? (choose all that apply) Getif Softperfect Nmap Spiceworks Question 28) Which rootkit modifies the boot sequence to load itself instead of the original virtual machine monitor? Boot loader-level rootkit Hypervisor-level rootkit Library-level rootkit Kernel-level rootkit Question 29) What is the first step in the vulnerability management life cycle? Risk assessment Remediation Monitoring Creating a baseline Question 30) Which of the following IDS detection techniques detects the intrusion based on the fixed behavioral characteristics? Signature recognition Anomaly detection Protocol anomaly detection All of the above Question 31) Fake Defender deleted apk files from which two of the following locations? /users/Download /home/Download /mnt/external_sd/Download /mnt/extSdCard/Download Question 32) According to your text, which of the following are ways to detect an intrusion with an IDS? (choose all that apply) Anomaly detection Antivirus alerts Signature detection Protocol anomaly detection Question 33) Social engineering attack may include any of the following except: Getting information from Facebook Shoulder surfing Phishing Nessus Question 34) The following are all password-cracking tools except: John the Ripper Cain Hashcat Hashcalc Question 35) Which of the following sentences is true about a proxy? Protects the local network from outside access Allows attacker to view the desktop of users system Does not allow the connection of a number of computers to the Internet when having only one IP Cannot be used to filter out unwanted content Question 36) Which of the following are methods to connect smartphones to a network? (choose all that apply) 3G/4G Bluetooth Wired connection Wi-Fi Question 37) Which of the following are some of the main functions of an intrusion detection system (IDS)? (choose all that apply) Performs packet sniffing Blocks rule-based traffic Performs packet analysis Gathers and analyses information from a network Question 38) Black hat hackers are: Individuals who work both offensively and defensively at various times Individuals with extraordinary computing skills, resorting to malicious or destructive activities Individuals professing hacker skills and using them for defensive purpose, or security analysts Individuals who aim to bring down critical infrastructure for a cause and are not worried about jail Question 39) According to the text, characteristics of virtualization in cloud computing technology include which of the following? (choose all that apply) Isolation Partitioning Wireless capable Encapsulation Question 40) Which of the following is an example of a Trojan that can be used for website defacement? WGET HTTrack Restorator CrimePack Question 41) At which layer of the OSI model do MAC addresses operate? Network Application Presentation Physical Transport Session Data link Question 42) The website netcraft

Question 1) If you want to mask (or proof) your IP address, what type of scan should you use? Stealth scan IDLE, IPID scan ACK flag probe scan UDP scan Question 2) Which of the following is an Internet Relay Chat bot? EnergyMech SubSeven Netbus Dark Comet Question 3) The following act will help a company become compliant with regulations and standards: Ping scanning Enumeration Vulnerability scanning Replacing Windows systems with Linux Question 4) Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi? War driving War flying War chalking War walking Question 5) Which of the following evasion techniques rely on time-to-live (TTL) fields of a TCP/IP packet? Unicode evasion Obfuscation Denial-of-service attack Insertion attack Question 6) According to your text, components of a cloud broker include which of the following? (choose all that apply) Service aggregation Service arbitration Service intermediation Service negotiation Question 7) Reasons to scan networks include (choose two): Stealing usernames Stealing passwords Identifying hosts Determining open ports Question 8) The network Time Protocol uses which port? 119 123 8080 443 Question 9) Which of the following ports does NTP use as its primary means of communications? UDP port 320 UDP port 161 UDP port 113 UDP port 123 Question 10) What are two advantages to having software as a service (SaaS)? Security Internet dependency Easy administration Low cost Question 11) The following tool extracts documents of an organization from the internet: Cain Metagoofil Netcraft nftables Question 12) A subnet mask of a network is required to perform: A denial-of –service attack on a host Phishing A ping sweep/scan ARP spoofing Question 13) Which of the following enumeration techniques does an attacker use to obtain list of computers that belongs to a domain? SNMP enumeration NTP enumeration SMPT enumeration Netbios enumeration Question 14) A DNS zone transfer (choose two): Uses TCP port 53 Uses UDP port 53 Provides FQDN information about an organization Is possible with Microsoft DNS servers but BIND servers Question 15) Which of the following is true about active stack fingerprinting? Is based on the differential implantation of the stack and the various ways an OS responds to it Is based on the fact that various vendors of OS implement the TCP stack differently TCP connect scan Uses passwords crackers to escalate system privileges Uses sniffing techniques instead of the scanning techniques  Question 16) Which of the following protocols are susceptible to sniffing? Kerberos HTTPS SSL Telnet Question 17) Android options to save persistent application data include which of the following? (choose all that apply) Internal storage External storage SQLite databases Networks connection Question 18) A lack of vetting of apps can lead to which two of the following results? Jail-breaking Rooting Fake apps Malicious apps Question 19) Which of the following companies offer cloud computing services? (choose all that apply) Dropbox Facebook Google Salesforce Question 20) Which of the following characteristics applies to the Simple Service Discovery Protocol (SSDP)? (choose all that apply) Can be vulnerable to denial of service Uses multicast addresses Controls communication for the Universal Plug and play and play Service Not work behind a firewall Question 21) What is the size of WEP initializations vector (IV)? 8-bit 16-bit 24-bit 32-bit Question 22) Which of the following is a connect scan? Nmap-sU Nmap-sS Nmap-sT Nmap-sO Question 23) The following is a tool that can be used to harvest credentials from a Windows machine: Mimikatz LOIC WannaCry Hping Question 24) Meterpreter allows the attacker to move laterally by performing which of the following steps: Hashdump Getsystem Route add Load mimkatz Question 25) Using public Internet IP addresses for a penetration test is an example of: External assessment Network-based assessment Internal assessment Host-based assessment Question 26) The following piece of malware is a bot used as a banking Trojan: Dark Comet Zeus Poison lvy LOIC Question 27) Which of the following are SNMP enumeration tools? (choose all that apply) Getif Softperfect Nmap Spiceworks Question 28) Which rootkit modifies the boot sequence to load itself instead of the original virtual machine monitor? Boot loader-level rootkit Hypervisor-level rootkit Library-level rootkit Kernel-level rootkit Question 29) What is the first step in the vulnerability management life cycle? Risk assessment Remediation Monitoring Creating a baseline Question 30) Which of the following IDS detection techniques detects the intrusion based on the fixed behavioral characteristics? Signature recognition Anomaly detection Protocol anomaly detection All of the above Question 31) Fake Defender deleted apk files from which two of the following locations? /users/Download /home/Download /mnt/external_sd/Download /mnt/extSdCard/Download Question 32) According to your text, which of the following are ways to detect an intrusion with an IDS? (choose all that apply) Anomaly detection Antivirus alerts Signature detection Protocol anomaly detection Question 33) Social engineering attack may include any of the following except: Getting information from Facebook Shoulder surfing Phishing Nessus Question 34) The following are all password-cracking tools except: John the Ripper Cain Hashcat Hashcalc Question 35) Which of the following sentences is true about a proxy? Protects the local network from outside access Allows attacker to view the desktop of users system Does not allow the connection of a number of computers to the Internet when having only one IP Cannot be used to filter out unwanted content Question 36) Which of the following are methods to connect smartphones to a network? (choose all that apply) 3G/4G Bluetooth Wired connection Wi-Fi Question 37) Which of the following are some of the main functions of an intrusion detection system (IDS)? (choose all that apply) Performs packet sniffing Blocks rule-based traffic Performs packet analysis Gathers and analyses information from a network Question 38) Black hat hackers are: Individuals who work both offensively and defensively at various times Individuals with extraordinary computing skills, resorting to malicious or destructive activities Individuals professing hacker skills and using them for defensive purpose, or security analysts Individuals who aim to bring down critical infrastructure for a cause and are not worried about jail Question 39) According to the text, characteristics of virtualization in cloud computing technology include which of the following? (choose all that apply) Isolation Partitioning Wireless capable Encapsulation Question 40) Which of the following is an example of a Trojan that can be used for website defacement? WGET HTTrack Restorator CrimePack Question 41) At which layer of the OSI model do MAC addresses operate? Network Application Presentation Physical Transport Session Data link Question 42) The website netcraft

Computer Science

Share With

---

Question 1) If you want to mask (or proof) your IP address, what type of scan should you use?

1. Stealth scan
2. IDLE, IPID scan
3. ACK flag probe scan
4. UDP scan

Question 2) Which of the following is an Internet Relay Chat bot?

1. EnergyMech
2. SubSeven
3. Netbus
4. Dark Comet

Question 3) The following act will help a company become compliant with regulations and standards:

1. Ping scanning
2. Enumeration
3. Vulnerability scanning
4. Replacing Windows systems with Linux

Question 4) Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi?

1. War driving
2. War flying
3. War chalking
4. War walking

Question 5) Which of the following evasion techniques rely on time-to-live (TTL) fields of a TCP/IP packet?

1. Unicode evasion
2. Obfuscation
3. Denial-of-service attack
4. Insertion attack

Question 6) According to your text, components of a cloud broker include which of the following? (choose all that apply)

1. Service aggregation
2. Service arbitration
3. Service intermediation
4. Service negotiation

Question 7) Reasons to scan networks include (choose two):

1. Stealing usernames
2. Stealing passwords
3. Identifying hosts
4. Determining open ports

Question 8) The network Time Protocol uses which port?

1. 119
2. 123
3. 8080
4. 443

Question 9) Which of the following ports does NTP use as its primary means of communications?

1. UDP port 320
2. UDP port 161
3. UDP port 113
4. UDP port 123

Question 10) What are two advantages to having software as a service (SaaS)?

1. Security
2. Internet dependency
3. Easy administration
4. Low cost

Question 11) The following tool extracts documents of an organization from the internet:

1. Cain
2. Metagoofil
3. Netcraft
4. nftables

Question 12) A subnet mask of a network is required to perform:

1. A denial-of –service attack on a host
2. Phishing
3. A ping sweep/scan
4. ARP spoofing

Question 13) Which of the following enumeration techniques does an attacker use to obtain list of computers that belongs to a domain?

1. SNMP enumeration
2. NTP enumeration
3. SMPT enumeration
4. Netbios enumeration

Question 14) A DNS zone transfer (choose two):

1. Uses TCP port 53
2. Uses UDP port 53
3. Provides FQDN information about an organization
4. Is possible with Microsoft DNS servers but BIND servers

Question 15) Which of the following is true about active stack fingerprinting?

1. Is based on the differential implantation of the stack and the various ways an OS responds to it
2. Is based on the fact that various vendors of OS implement the TCP stack differently
3. TCP connect scan
4. Uses passwords crackers to escalate system privileges
5. Uses sniffing techniques instead of the scanning techniques 

Question 16) Which of the following protocols are susceptible to sniffing?

1. Kerberos
2. HTTPS
3. SSL
4. Telnet

Question 17) Android options to save persistent application data include which of the following? (choose all that apply)

1. Internal storage
2. External storage
3. SQLite databases
4. Networks connection

Question 18) A lack of vetting of apps can lead to which two of the following results?

1. Jail-breaking
2. Rooting
3. Fake apps
4. Malicious apps

Question 19) Which of the following companies offer cloud computing services? (choose all that apply)

1. Dropbox
2. Facebook
3. Google
4. Salesforce

Question 20) Which of the following characteristics applies to the Simple Service Discovery Protocol (SSDP)? (choose all that apply)

1. Can be vulnerable to denial of service
2. Uses multicast addresses
3. Controls communication for the Universal Plug and play and play Service
4. Not work behind a firewall

Question 21) What is the size of WEP initializations vector (IV)?

1. 8-bit
2. 16-bit
3. 24-bit
4. 32-bit

Question 22) Which of the following is a connect scan?

1. Nmap-sU
2. Nmap-sS
3. Nmap-sT
4. Nmap-sO

Question 23) The following is a tool that can be used to harvest credentials from a Windows machine:

1. Mimikatz
2. LOIC
3. WannaCry
4. Hping

Question 24) Meterpreter allows the attacker to move laterally by performing which of the following steps:

1. Hashdump
2. Getsystem
3. Route add
4. Load mimkatz

Question 25) Using public Internet IP addresses for a penetration test is an example of:

1. External assessment
2. Network-based assessment
3. Internal assessment
4. Host-based assessment

Question 26) The following piece of malware is a bot used as a banking Trojan:

1. Dark Comet
2. Zeus
3. Poison lvy
4. LOIC

Question 27) Which of the following are SNMP enumeration tools? (choose all that apply)

1. Getif
2. Softperfect
3. Nmap
4. Spiceworks

Question 28) Which rootkit modifies the boot sequence to load itself instead of the original virtual machine monitor?

1. Boot loader-level rootkit
2. Hypervisor-level rootkit
3. Library-level rootkit
4. Kernel-level rootkit

Question 29) What is the first step in the vulnerability management life cycle?

1. Risk assessment
2. Remediation
3. Monitoring
4. Creating a baseline

Question 30) Which of the following IDS detection techniques detects the intrusion based on the fixed behavioral characteristics?

1. Signature recognition
2. Anomaly detection
3. Protocol anomaly detection
4. All of the above

Question 31) Fake Defender deleted apk files from which two of the following locations?

1. /users/Download
2. /home/Download
3. /mnt/external_sd/Download
4. /mnt/extSdCard/Download

Question 32) According to your text, which of the following are ways to detect an intrusion with an IDS? (choose all that apply)

1. Anomaly detection
2. Antivirus alerts
3. Signature detection
4. Protocol anomaly detection

Question 33) Social engineering attack may include any of the following except:

1. Getting information from Facebook
2. Shoulder surfing
3. Phishing
4. Nessus

Question 34) The following are all password-cracking tools except:

1. John the Ripper
2. Cain
3. Hashcat
4. Hashcalc

Question 35) Which of the following sentences is true about a proxy?

1. Protects the local network from outside access
2. Allows attacker to view the desktop of users system
3. Does not allow the connection of a number of computers to the Internet when having only one IP
4. Cannot be used to filter out unwanted content

Question 36) Which of the following are methods to connect smartphones to a network? (choose all that apply)

1. 3G/4G
2. Bluetooth
3. Wired connection
4. Wi-Fi

Question 37) Which of the following are some of the main functions of an intrusion detection system (IDS)? (choose all that apply)

1. Performs packet sniffing
2. Blocks rule-based traffic
3. Performs packet analysis
4. Gathers and analyses information from a network

Question 38) Black hat hackers are:

1. Individuals who work both offensively and defensively at various times
2. Individuals with extraordinary computing skills, resorting to malicious or destructive activities
3. Individuals professing hacker skills and using them for defensive purpose, or security analysts
4. Individuals who aim to bring down critical infrastructure for a cause and are not worried about jail

Question 39) According to the text, characteristics of virtualization in cloud computing technology include which of the following? (choose all that apply)

1. Isolation
2. Partitioning
3. Wireless capable
4. Encapsulation

Question 40) Which of the following is an example of a Trojan that can be used for website defacement?

1. WGET
2. HTTrack
3. Restorator
4. CrimePack

Question 41) At which layer of the OSI model do MAC addresses operate?

1. Network
2. Application
3. Presentation
4. Physical
5. Transport
6. Session
7. Data link

Question 42) The website netcraft.com is good for

1. Passive reconnaissance that yields people’s personal information
2. Active reconnaissance of a company or organization
3. Passive reconnaissance of a company or organization
4.  Fielding old web pages no longer published

Question 43) Which of the following Windows Utilities can be used to enumerate hosts?

1. Net start
2. Net use
3. Net view
4. Net stop

Question 44) Which of the following IP spoofing detection techniques succeeds only when the attacker is in a different subnet?

1. Direct TTL probes technique
2. IP identification number technique
3. UDP flow control method
4. TCP flow control method

Question 45) WPA enhances WEP by changing temporal keys every ____.

1. 1,000 packets
2. 5,000 packets
3. 10,000 packets
4. 15,000 packets

Question 46) According to your text, examples of malware include which of the following? (choose all that apply)

1. Ransomware
2. Metasploit
3. Botnet
4. Crypter

Question 47) Which layer of the OSI model is responsible for encryption and compression?

1. Presentation
2. Physical
3. Data link
4. Session
5. Transport
6. Application
7. Network

Question 48) An organization can implement this cloud deployment model within the corporate firewall.

1. Community cloud
2. Public cloud
3. Private cloud
4. Hybrid cloud

Question 49) Which of the following are disadvantages of signature detection? (choose all that apply)

1. Signature detection
2. Administrative alerts
3. False alerts
4. False positives

Question 50) According to the text, the three different types of virtualization include:

1. SAN virtualization
2. Network virtualization
3. Storage virtualization
4. Server virtualization

Question 51) SYN flooding takes advantage of which of the following? (choose all that apply)

1. A flaw in some firewalls that do not restrict ICMP traffic by default
2. A flaw in how the three-way handshake can be implemented
3. Holding the incomplete connection for a period up to one second
4. Not replaying to SYN/ACks

Question 52) The following is a well-known variant of ransomware:

1. Zeus
2. LOIC
3. Dark Comet
4. WannaCry

Question 53) At which layer of the OSI model do IP addresses operate?

1. Network
2. Physical
3. Application
4. Transport
5. Session
6. Data link
7. Presentation

Question 54) Which of the following can be used as a traceroute tool?

1. TTL (Time to Live)
2. Nslookup
3. Path Analyzer Pro
4. Pingpath

Question 55) The management information base (MIB) includes which of the following? (choose all that apply)

1. User accounts
2. File and folder permissions
3. OID numbers
4. Scalar and tabular objects

Question 56) Your supervisor is concerned about the use of port 139 in your environment. What measure do you recommend talking to deal with the security risk?

1. Block ICMP so the host cannot be detected
2. Turn on the Windows Firewall
3. Use TCP wrappers
4. Disable file and print sharing

Question 57) Which of the following below accurately describes Transmission Control Protocol? (choose all that apply)

1. Provides acknowledgment
2. Supports retransmission of lost data
3. Connection-less oriented protocol
4. Can terminate a connection

Question 58) The verification phase of the vulnerability management life cycle allows for:

1. Identifying critical assets
2. Identifying bugs and misconfiguration
3. Using intrusion detection systems and intrusion prevention systems
4. Security team checks
5. Reducing obvious and glaring vulnerabilities

Question 59) Identify the statement that is true for the RC6 algorithm:

1. Is a parameterized algorithm with a variable block size, key size, and a variable number of rounds
2. Is a 64-bit block cipher that uses a key length that can vary between 32 and 448 bits
3. Is a variable key-size stream cipher with byte-oriented operations and is based on random permutation
4. Includes integer multiplication and the use of four 4-bit working registers

Question 60) Which of the following is true about the 802.11 standard?

1. It defines WPA-2 Enterprise and Personal
2. It operates at 2.4 GHZ only
3. It operates at 5 GHZ only
4. It operates at both 2.4 GHZ and 5 GHZ

Question 61) The act enumerating hosts is (choose two):

1. Considered active scanning
2. Considered passive scanning
3. A passive information gathering technique
4. An active information gathering technique

Question 62) Select the three IP protocols that Snort supports for suspicious behaviour according to your text:

1. ARP
2. TCP
3. UDP
4. ICMP

Question 63) Using websites like mxtoolbox.com that provide top-level domains and subdomains is and example of:

1. Passive reconnaissance
2. Active reconnaissance
3. DNS spoofing
4. Dynamic DNS malware tracking

Question 64) According to the text, which of the following will protect by limiting the ability to access resources?

1. App sandboxing
2. Jail break detection
3. Jail breaking
4. Android rooting

Question 65) Which of the following ports are associated with NETBIOS? (choose all the apply)

1. 137
2. 139
3. 3389
4. 123

Question 66) Which of the following are LDAP enumeration tools? (choose all that apply)

1. Active Directory Explorer
2. LEX
3. JXplorer
4. SnScan

Question 67) The technique of hiding data in a picture or an audio file in another file is known as:

1. Covert channel
2. Steganography
3. Full disk encryption
4. Bitlocker

Question 68) Rainbow tables are extremely effective for cracking:

1. Windows passwords
2. Cisco passwords
3. Linux passwords
4. Salted passwords

Question 69) All of the following are true about Trivial File Transfer Protocol (TFTP), expect (choose one):

1. Uses port 69
2. Allows for file storage
3. Is encrypted
4. Is in clear text

Question 70) Android includes media support for which of the following? (choose all that apply)

1. AAC
2. ARM
3. H.323
4. H.264

Question 71) ARP spoofing involves constructing a large number of forged ARP request and reply packets to overload:

1. Switch
2. Router
3. Bridge
4. Hub

Question 72) Which of the following is an antenna based on the principle of a satellite dish and can pick up Wi-Fi signals from 10 miles away?

1. Parabolic
2. Yagi
3. Dipole
4. Omnidirectional

Question 73) Lightweight Directory Access Protocol uses which port?

1. 389
2. 3389
3. 161
4. 162

Question 74) Which version of Wired Equivalent Privacy (WEP) uses a 104-bit key size?

1. 256-bit WEP
2. 128-bit WEP
3. 64-bit WEP
4. 152-bit WEP

Question 75) What are some of the limitations of cloud computing services? (choose all that apply)

1. Inflexible
2. Control limits
3. Contracts
4. Storage limits

Question 76) The autorun feature of removable disks and CD drives can be a threat to network security. What is the best course of action to remove autorun for removable disks and CD drives in Windows?

1. Use group policy
2. Remove the CD-ROM drive from the system
3. Provide users without administrative rights
4. Tape the USB ports

Question 77) Signs of intrusions include which of the following? (choose all that apply?

1. Missing logs
2. Slow performance
3. System crashes
4. Strange processes

Question 78) When a distributed reflective denial-of-service attack (DRDoS) is used, which two of the following occurs?

1. Traffic will be directed to intermediate hosts
2.  The source address will be spoofed
3. Traffic will be directed to secondary victims
4. Traffic to the secondary hosts will originate from the intermediate hosts 

Question 79) How do you filter for NTP traffic in Wireshark?

1. tcp.port = = 3389
2. tcp.port = = 21
3. udp.port = = 69
4. tcp.port = = 25
5. udp.port = = 123

Question 80) The following are all example of nonelectronic attacks: (choose all that apply)

1. shoulder surfing
2. social engineering
3. dumpster diving
4. manual password-cracking algorithm

Question 81) What is the last step in the vulnerability management life cycle?

1. Risk assessment
2. Remediation
3. Monitoring
4. Creating a baseline

Question 82) Enumerating the network will determine all but:

1. computer names
2. network shares
3. website cookies
4. IP address

Question 83) Which of the following is not a type of password-cracking attack?

1. Hybrid
2. Dictionary
3. Brute force
4. Replay attack

Question 84) The baselining phase of the vulnerability management life cycle allows for:

1. Identifying critical assets
2. Identifying bugs and misconfigurations
3. Using intrusion detection systems and intrusion prevention systems
4. Security team checks
5. Reducing obvious and glaring vulnerabilities

Question 85) An SSID for a wireless network can be a maximum of

1. 32 characters
2. 64 characters
3. 16 characters
4. 48 characters

Question 86) Which cloud consumer model includes storage, service management, and content delivery?

1. SaaS
2. IaaS
3. PaaS
4. SAN

Question 87) Tracert counts the number of _____ to a destination IP address.

1. Hops
2. Lookup requests
3. ICMP echo replies
4. Pings

Question 88) Which of the following are tools used for footprinting? (choose all that apply)

1. Maltego
2. Aircrack-ng
3. FOCA
4. Recon-NT

Question 89) All of the statements below are characteristics of Wireshark except:

1. Packet sniffer
2. Protocol analyser
3.  Open source
4. Runs on various platforms
5. Offered for 48-bit and 64-bit platforms

Question 90) Which of the following techniques practiced by an attacker exploits human behavior to make attacks?

1. Denial of service
2. SQL injection
3. Social engineering
4. Buffer overflow

Question 91) The IEEE 802.16 standard is known as:

1. Wi-Fi
2. Ethernet
3. WiMAX
4. Bluetooth

Question 92) Which of these is an example of passive footprinting?

1. Looking up people on zebaserach.com
2. Nmap scanning
3. Nmap scanning with the stealth options
4. Social engineering

Question 93) A misconfiguration can include all but the following:

1. Disabled security feature
2. Unneeded open port
3. Unpatched system
4. Buffer overflow threat vector

Question 94) Looking at MAC addresses and SSIDs is an example of which of the following assessment types?

1. Passive assessment
2. Active assessment
3. Wireless network assessment
4. Application assessment

Question 95) Which of the following are characteristics of cloud computing services? (choose all that apply)

1. Distributed storage
2. Virtualization technology
3. Resource pooling
4. Measured services

Question 96) What does SSL strip do? (choose all that apply)

1. Exploit the client connection
2. Force HTTP
3. Exploit the server
4. Remove HTTPS

Question 97) Permutation scanning involves which of the following?

1. Looking for new vulnerable machines
2. Collecting a list of possibly vulnerable machines
3. Using a pseudorandom function
4. Using information from infected machines

Question 98) Which of the following scans only works if the operating system’s TCP/IP implementation is based on RFC 793?

1. TCP connect scan
2. NULL scan
3. IDLE scan
4. FTP bounce scan
5. Maintaining access

Question 99) The components of IPsec include all but:

1. ESP (encapsulation security payload)
2. AH (authentication header)
3. IKE (internet key exchange)
4. TLS (transport layer security)

Question 100) The following protocols often use clear text:

1. SSH, TELNET, TFTP, HTTP
2. SSH, TELNET, FTP, HTTP
3. SSH, FTP, TFTP, HTTP
4. FTP, TELNET, TFTP, HTTP

Question 101) Which of the following are service models available to cloud consumers? (choose all that apply)

1. PaaS
2. SaaS
3. SAN
4. IaaS

Question 102) The security Account Manager (SAM) database contains:

1. Users’ passwords
2. Users’ passwords in Unicode
3. Users’ passwords in hexadecimal (O-F)
4. Hashes of users’ passwords

Question 103) The remediation phase of the vulnerability management life cycle allows for:

1. Identify critical assets
2. Identifying bugs and misconfigurations
3. Using intrusion detection systems and intrusion prevention systems
4. Security team checks
5. Reducing obvious and glaring vulnerabilities

Question 104) UDP is considered (choose two):

1. Reliable
2. Unreliable
3. Connection-oriented
4. Connection-less oriented

Question 105) A computer can reach other hosts on the 10.10.10.0/24 network, but not the internet.

What is likely the technical issue?

1. The wrong public IP is being used
2. Type ipconfig / renew to fix
3. The gateway is wrong
4. ICMP is blocked

Question 106) Of the following, which two are purposes of malware?

1. Obtaining passwords
2. Disable networking functions
3. Making a computer useless
4. Remove the default LAN route

Question 107) Which two tools are well-known vulnerability scanners?

1. Nessus
2. Kali
3. OpenVAS
4. Hping

Question 108) App stores include (choose three):

1. Google play
2. ITunes Store
3. BlackBerry App World
4. Fanddago

Question 109) What type of social engineering might have the person looking in the back of a company’s facility?

1. Shoulder surfing
2. Person of interest watching
3. Dumpster diving
4. Distribution of malware via USB

Question 110) The website archive.org has

1. Information about web server software and operating systems
2. People’s information including addresses and phone numbers
3. Old web pages
4. A list of sites that been hacked recently

Question 111) According to OWASP, which of the following are secure coding techniques? (choose all that apply)

1. Debugger detection
2. Jail-break detection
3. Certificate pinning
4. checksum

Question 112) The tool hping can be used for:

1. Denial of service
2. Social engineering
3. Phishing
4. DNS lookups

Question 113) Footprinting tools will help gather the following information about a target: (choose all that apply)

1. DNS records
2. IP addresses
3. Process lists
4. Host names

Question 114) Which layer of the OSI model do port numbers get assigned?

1. Presentation
2. Application
3. Data link
4. Network
5. Transport
6. Session
7. Physical

Question 115) Which of the following Bluetooth attacks refers to sending unsolicited messages over Bluetooth to Bluetooth-enabled?

1. Bluesmacking
2. Blue snarfing
3. BlueSniff
4.  Bluejacking

Question 116) Which of the following applies to an SSID? (choose all that apply)

1. Is part of the frame header
2. Can be up to 32 characters
3. Is case sensitive
4. Will be encrypted in WEP or WPA/WPA2 is used

Question 117) Examining network devices for settings and configurations is an example of:

1. External assessment
2. Network-based assessment
3. Internal assessment
4. Host-based assessment

Question 118) The following is an attack vector due to a code vulnerability that is present:

1. Buffer overflow
2. Default credentials
3. Physical access attack
4. Phishing scam

Question 119) Which password-cracking technique will the attacker use if he/she gets some information about the password to crack?

1. Rule-based attack
2. Syllable attack
3. Denial-of-service attack
4. Distributed network attack (DNA)

Question 120) Which of the following is an antenna used in wireless base stations and provides a 360-degree horizontal radiation pattern?

1. Yagi antenna
2. Omnidirectional antenna
3. Dipole antenna
4. Parabolic grid antenna

Question 121) The following are well-known variants of ransomware:

1. Zeus
2. WannaCry
3. NotPetya
4. Trickbot

Question 122) This type of denial-of-service attack involves the use of multiple intermediary and secondary machines to contribute to the attack against the target system.

1. Distributed Reflection Denial of Service (DRDoS)
2. Distributed Denial of service (DDoS)
3. Distributed Resource Denial of Service (DRDoS)
4. Distributed Intermediary Denial of Service (DIDoS)

Question 123) Which of the following are types of database attacks? (choose all that apply)

1. SQL injection
2. Privilege escalation
3. Data dumping
4. OS command execution

Question 124) The psexec utility can be used to perform which of the following actions?

1. Launch an interactive command session
2. Show open files
3. List processes
4. Get system information

Question 125) Identify the attack which forces an unsuspecting user’s browser to send malicious requests the user did not intend?

1. Cross-site request forgery (CSRF)
2. SQL injection attack
3. LDAP injection attack
4. Cross-site scripting (XSS)