Chat with AI
Deck 4: Operating Systems and Applications
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/63
Play
Full screen (f)
Deck 4: Operating Systems and Applications
1
Which of the following are valid ways to disable the storage of LM hashes on a Windows host? (Choose all that apply)
A) Use group policy
B) Editing the registry
C) Use a password that is at least 15 characters long
D) LM hashes cannot be disabled because of legacy support
A) Use group policy
B) Editing the registry
C) Use a password that is at least 15 characters long
D) LM hashes cannot be disabled because of legacy support
Use group policy
Editing the registry
Use a password that is at least 15 characters long
Editing the registry
Use a password that is at least 15 characters long
2
Curtis is looking over a SAM file he captured using PWDump3v2. He is looking at the LM hashes for a password he might be able to crack rather quickly. Which of the following users has a password that is less than 7 characters?
A) E390B1995922152FAAD3B435B51404EE
B) 4097A469B4C52C1D1D71060D896B7A46
C) FB4138BA5EB0FA6AF56EE607BD78827B
D) E52CAC67419A9A224A3B108F3FA6CB6D
A) E390B1995922152FAAD3B435B51404EE
B) 4097A469B4C52C1D1D71060D896B7A46
C) FB4138BA5EB0FA6AF56EE607BD78827B
D) E52CAC67419A9A224A3B108F3FA6CB6D
E390B1995922152FAAD3B435B51404EE
3
Which of the following is the static string that is encrypted with the DES key in LM?
A) M!cr0s0ft
B) Lm@uth
C) LmH@sH
D) KGS!@$%
A) M!cr0s0ft
B) Lm@uth
C) LmH@sH
D) KGS!@$%
KGS!@$%
4
An attacker writes a script similar to the one given. What is he trying to accomplish?
FOR /F "token=1, 2*" %i in passlist.txt do net use \\target\IPC$ %i /u: %j
A) Send a virus disguised as "passlist.txt" to the target
B) Password guessing from a list
C) Backdoor the target host with an undocumented feature of Windows
D) Access the IPC$ share with a strong authentication token
FOR /F "token=1, 2*" %i in passlist.txt do net use \\target\IPC$ %i /u: %j
A) Send a virus disguised as "passlist.txt" to the target
B) Password guessing from a list
C) Backdoor the target host with an undocumented feature of Windows
D) Access the IPC$ share with a strong authentication token
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
5
What is the feature supported by all NTFS volumes that allows forked data to be associated with a file in a way that will not affect the size of the original data?
A) Alternate Data Streams
B) Steganography
C) Cryptography
D) FAT32 hidden streams (for legacy support)
A) Alternate Data Streams
B) Steganography
C) Cryptography
D) FAT32 hidden streams (for legacy support)
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
6
There is a windows tweak that allows the storage of different login credentials using the "Stored Usernames and Passwords" applet. Which command will allow access to this tool?
A) runas passmgr.exe
B) net use \\server\ShowKMgr
C) rundll32.exe keymgr.dll, KRShowKeyMgr
D) runas winpassmgr.bat
A) runas passmgr.exe
B) net use \\server\ShowKMgr
C) rundll32.exe keymgr.dll, KRShowKeyMgr
D) runas winpassmgr.bat
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
7
Bill seems to be connected to every marketing project that has had information leaked to the same competitor. Someone notices on a myspace page some photographs of Bill socializing with some executives of that competitor. Bill is sent on vacation for a week, and a supervisor access Bill's email and notices repeated emails with silly documents attached like jokes, random lists, or cooking recipe's.
He asks you if this seems suspicious and wonders if these are coded messages. You tell him it is even easier than that, and suspect which of the following techniques?
A) ADS Streams are being used to smuggle documents using a USB key
B) Steganography is being used to tunnel the secrets through the VPN
C) this host was compromised by foreign hackers and Bill is the real victim
D) snow.exe could be used to hide data inside the attached documents
He asks you if this seems suspicious and wonders if these are coded messages. You tell him it is even easier than that, and suspect which of the following techniques?
A) ADS Streams are being used to smuggle documents using a USB key
B) Steganography is being used to tunnel the secrets through the VPN
C) this host was compromised by foreign hackers and Bill is the real victim
D) snow.exe could be used to hide data inside the attached documents
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
8
Your father just purchased a new computer and brings it to you for a lookover. He wants to make sure he can safely use the internet and a few other applications. You show him the necessary steps to preparing a Windows computer fresh out of the box. What did you teach your father to do (Choose 3)?
A) Make sure the antivirus scanners are updating
B) Make sure all applications have security patches updated
C) Download a free anti-toolbar blocker application from secure-updatez.ws
D) Make sure his explorer settings are set to the maximum security levels for all websites.
E) Enable Windows Update and the personal firewall
A) Make sure the antivirus scanners are updating
B) Make sure all applications have security patches updated
C) Download a free anti-toolbar blocker application from secure-updatez.ws
D) Make sure his explorer settings are set to the maximum security levels for all websites.
E) Enable Windows Update and the personal firewall
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
9
Blair receives permission to audit the passwords on a critical server. The server is joined to a domain and is therefore "Kerberized" but Blair decides to try the simplest approach first anyway. He uses pwdump to successfully obtain the hashes and john the ripper to crack them. Blair's supervisor is stunned. He says "I made sure every password was at least 10 characters long"
Why did the audit fail?
A) Blair used a terabyte sized dictionary file he downloaded from the Internet
B) The effective length of the passwords was only 7 characters.
C) Blair used "AllCrack2008" the most powerful cracking tool available
D) Blair used a hacked version of John the Ripper that is "forensic" strength.
Why did the audit fail?
A) Blair used a terabyte sized dictionary file he downloaded from the Internet
B) The effective length of the passwords was only 7 characters.
C) Blair used "AllCrack2008" the most powerful cracking tool available
D) Blair used a hacked version of John the Ripper that is "forensic" strength.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
10
KC comes into work about 30 minutes early to start a ARP poisoned attack to sniff traffic between the workstation of a fellow coworker, Greg, and the domain controller. His boss compliments him for being so early and likes his work ethic.
KC waits until Greg comes to work logs in to the domain. He sniffs the passwords and spends the rest of the afternoon cracking it. What tool can be used to perform this entire sequence?
A) Rainbowcrack
B) L0phtcrack
C) Kerbcrack version 6
D) Cain and Abel
KC waits until Greg comes to work logs in to the domain. He sniffs the passwords and spends the rest of the afternoon cracking it. What tool can be used to perform this entire sequence?
A) Rainbowcrack
B) L0phtcrack
C) Kerbcrack version 6
D) Cain and Abel
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
11
April is noticing in her network monitoring software that an unusual amount of UDP traffic is being sent to ports 1026 and 1027 toward various hosts. He sets up a honeypot by opening a port and listening in case any of this traffic heads in his direction.
A few minutes later he sees text appear on the command console that reads and recognizes this as messenger spam. "Windows has discovered 31 critical errors. The following steps must be taken immediately: [the rest goes on to recommend a download and other destructive suggestions]"
What did April do to receive and view this message?
A) Used Netcat with the command: nc -l -p 1026 -u -v
B) Used Netcat with the command: nc -l -p 31 -u -v
C) Used Windump with the command: windump -l -p 1026 -u -v
D) Sent a message back to the source asking for clarification
A few minutes later he sees text appear on the command console that reads and recognizes this as messenger spam. "Windows has discovered 31 critical errors. The following steps must be taken immediately: [the rest goes on to recommend a download and other destructive suggestions]"
What did April do to receive and view this message?
A) Used Netcat with the command: nc -l -p 1026 -u -v
B) Used Netcat with the command: nc -l -p 31 -u -v
C) Used Windump with the command: windump -l -p 1026 -u -v
D) Sent a message back to the source asking for clarification
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
12
As a technique, rootkits hide processes and the resources that start them. What is the primary objective of a rootkit?
A) Hide process that open access points (backdoors)
B) Replace important system files with corrupted versions
C) Prevent diagnostic tools from operating correctly
D) Privilege escalation
A) Hide process that open access points (backdoors)
B) Replace important system files with corrupted versions
C) Prevent diagnostic tools from operating correctly
D) Privilege escalation
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
13
Marco wants to encode data into a music file. Since it is text, he isn't sure this can be done. After searching the internet he comes across a promising tool.
What tool did he find?
A) Mp3stego
B) Snow
C) Camera Shy
D) S-Tools
What tool did he find?
A) Mp3stego
B) Snow
C) Camera Shy
D) S-Tools
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
14
Ernest finds a laptop that seems to have an encrypted drive. He knows the owner of the laptop works for a company that requires 15 character strong passwords. With a good quality password cracker how long will it take Ernest to brute force this password?
A) 5 minutes
B) 30 seconds
C) 12 Million years
D) 2 days
A) 5 minutes
B) 30 seconds
C) 12 Million years
D) 2 days
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
15
In order to speed up the process of breaking a password that is pretty strong, Barney decides to use DNA.
What is the best description of this technique?
A) Decremented Notation Algorithm is a super efficient way to break passwords. The more random the password the better the technique works.
B) Distributed Nonce Algorithm increases the analysis of seed values to 1000 times normal rates. This allows more key space to be covered in a short time.
C) Distributed Network Architecture allows multiple computers to calculate possible hash values in parallel.
D) Distinct Nuance Alternatives can get "close enough" hash collisions in a hort amount of time using minimal processing power.
What is the best description of this technique?
A) Decremented Notation Algorithm is a super efficient way to break passwords. The more random the password the better the technique works.
B) Distributed Nonce Algorithm increases the analysis of seed values to 1000 times normal rates. This allows more key space to be covered in a short time.
C) Distributed Network Architecture allows multiple computers to calculate possible hash values in parallel.
D) Distinct Nuance Alternatives can get "close enough" hash collisions in a hort amount of time using minimal processing power.
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
16
From the following log entries, what are the affected user accounts?
Mkdir - p /etc/x11/applnk/internet/.etc
Touch -macr /etc/x11/applnk/internet/.etc
Mkdir - p /etc/x11/applnk/internet/.etcpasswd
Touch -macr /etc/x11/applnk/internet/.etcpasswd
Adduser dns -d /bin -s /bin/bash -u 0 -g 0
Passwd nobody -d
Passwd dns -d
A) dns, nobody
B) nobody, macr
C) dns, IUSR_
D) mkdir, touch
Mkdir - p /etc/x11/applnk/internet/.etc
Touch -macr /etc/x11/applnk/internet/.etc
Mkdir - p /etc/x11/applnk/internet/.etcpasswd
Touch -macr /etc/x11/applnk/internet/.etcpasswd
Adduser dns -d /bin -s /bin/bash -u 0 -g 0
Passwd nobody -d
Passwd dns -d
A) dns, nobody
B) nobody, macr
C) dns, IUSR_
D) mkdir, touch
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
17
A common technique when compromising Linux hosts is to make sure that if it is used as a sniffer, the command __________ is replaced with a modified version that will not show the ________ flag in its
Output. (fill in the blanks)
A) ipconfig, PRMISC
B) ifconfig, SNIFFER=1
C) ipconfig, PROMISC=On
D) ifconfig, PROMISC
Output. (fill in the blanks)
A) ipconfig, PRMISC
B) ifconfig, SNIFFER=1
C) ipconfig, PROMISC=On
D) ifconfig, PROMISC
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
18
Where are password hashes stored on a Linux system?
A) /etc/credentials
B) /etc/passwd
C) /etc/shadow
D) /etc/sam
A) /etc/credentials
B) /etc/passwd
C) /etc/shadow
D) /etc/sam
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
19
Darren wants to run a stealth nmap scan that will require root privileges. Observing best practices, he does not want to be logged in as root. What is the best way to run the command?
A) root nmap -sS
B) runas nmap -sS
C) sudo nmap -sS
D) start nmap -sS
A) root nmap -sS
B) runas nmap -sS
C) sudo nmap -sS
D) start nmap -sS
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
20
Doug was just told about a set of tools known as the "dsniff' suite that runs nicely under Backtrack Linux. Which tool can he use to capture a file transfer that took place over NFS?
A) filesnarf
B) urlsnarf
C) mailsnarf
D) nsfsnarf
A) filesnarf
B) urlsnarf
C) mailsnarf
D) nsfsnarf
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
21
What does the following command do?
Hping2 -I eth0 -a 2.2.2.2 -s 1020 -p 22 --syn -c 1 -d 0xF00 -setseq 0x0000000F 192.168.100.2
A) This command will gernerate multiple SYN packets from address 192.168.100.2
B) This command will generate a UDP packet from from 22 spoofing address 2.2.2.2
C) This command will generate one TCP segment from 2.2.2.2 port 1020 with sequence number 15
D) This command will generate one TCP packet destined for 2.2.2.2 port 1020 and coming from
192)168.100.2
Hping2 -I eth0 -a 2.2.2.2 -s 1020 -p 22 --syn -c 1 -d 0xF00 -setseq 0x0000000F 192.168.100.2
A) This command will gernerate multiple SYN packets from address 192.168.100.2
B) This command will generate a UDP packet from from 22 spoofing address 2.2.2.2
C) This command will generate one TCP segment from 2.2.2.2 port 1020 with sequence number 15
D) This command will generate one TCP packet destined for 2.2.2.2 port 1020 and coming from
192)168.100.2
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
22
Cedric is troubleshooting his Linux system because a hardware component has stopped working properly. He wonders if another admin has installed a non approved LKM. He runs a check and is relieved to find that at least is not what is wrong. What command did he run?
A) cat /var/log/drivers.log
B) cat /proc/hardware/LKM
C) cat /proc/kernel/LKM
D) cat /proc/sys/kernel/tainted
A) cat /var/log/drivers.log
B) cat /proc/hardware/LKM
C) cat /proc/kernel/LKM
D) cat /proc/sys/kernel/tainted
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
23
William wants to check his Linux system for rootkits, which of the following tools can he use? (Choose Two)
A) chkrootkit
B) rkhunter
C) rootkit revealer
D) Sophos anti-rootkit
A) chkrootkit
B) rkhunter
C) rootkit revealer
D) Sophos anti-rootkit
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
24
It is possible to run critical services on a Linux machine in such as way that the root directory for that service seems to be different than the root of the actually system. The purpose is to prevent access to any files outside of that directory structure. What is this technique called?
A) Chroot jail
B) Tar pit
C) tcpwrappers
D) Pluggable Authentication Modules
A) Chroot jail
B) Tar pit
C) tcpwrappers
D) Pluggable Authentication Modules
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
25
Which of the following Linux tools can be used for not only detecting port scans but taking action to prevent them?
A) Portsentry
B) Port Knocking
C) Port-Auth
D) PortSentinel
A) Portsentry
B) Port Knocking
C) Port-Auth
D) PortSentinel
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
26
Peter is worried about the possibility of software on his system being vulnerable to "stack smashing" attacks. He always compiles from source. What other precaution can he take?
A) Never use the ./configure script the developer provides either
B) Compile with "Stackguard"
C) Only use SELinux kernels
D) He patches his kernel everytime an update is released
A) Never use the ./configure script the developer provides either
B) Compile with "Stackguard"
C) Only use SELinux kernels
D) He patches his kernel everytime an update is released
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
27
Zachery remembers someone mentioning a tool called "Bastille Linux" that he could use for hardening the configuration of his system after install. Which of the other tools is also an option?
A) LSAT
B) LIDS
C) chkrootkit
D) Sara
A) LSAT
B) LIDS
C) chkrootkit
D) Sara
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
28
Carter is evaluating ways to detect intrusions on his Linux system. He has log file analysis under control as he needs to be able to easily create status reports for his boss. He is looking for tools that monitor modifications to files.
Which of the following is an option?
A) Firewalk
B) Whisker
C) He should write his own scripts using the find command
D) AIDE
Which of the following is an option?
A) Firewalk
B) Whisker
C) He should write his own scripts using the find command
D) AIDE
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
29
Which of the following allows a safe environment for developers that wish to work on code using normal permissions but ensure they are still isolated from the rest of the system?
A) XEN
B) SELinux
C) UML
D) Kernel Mode
A) XEN
B) SELinux
C) UML
D) Kernel Mode
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
30
The IT manager of a large corporation is a bit reluctant to allow the use of Linux systems on users systems because he has been told they come with many hacking tools that are either pre-installed or easy to obtain. For example he cites tools like ettercap that can create havoc on a local network.
Which of the following can also be used for a session hijack or arp poisoning attack?
A) hunt
B) t-sight
C) fragroute
D) p0f
Which of the following can also be used for a session hijack or arp poisoning attack?
A) hunt
B) t-sight
C) fragroute
D) p0f
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
31
What is a hash?
A) Single key algorithm used to protect data at rest
B) Non-reversible representation of the data
C) Private key encryption in which the that itself is used as a counterpart to the key
D) A mechanism to protect the exchange of a public key
A) Single key algorithm used to protect data at rest
B) Non-reversible representation of the data
C) Private key encryption in which the that itself is used as a counterpart to the key
D) A mechanism to protect the exchange of a public key
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
32
Which of the following is the best description of a "weak key"?
A) A key a defines its own IV
B) A key that is easy to guess
C) A key that is too short
D) A key that makes an encryption algorithm behave in a particular way
A) A key a defines its own IV
B) A key that is easy to guess
C) A key that is too short
D) A key that makes an encryption algorithm behave in a particular way
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
33
Some versions of Windows Servers use a feature called "syskey" to enhance the protection of the database where user account hashes are stored. What level of encryption does syskey use in Windows 2000?
A) 128b
B) 56b
C) 256b
D) 40b
A) 128b
B) 56b
C) 256b
D) 40b
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
34
Nick wants to protect data as it moves across a network by using a tunnel but he cannot implement a full VPN solution. Which of the following is his best option?
A) MD5
B) RSA
C) SSH
D) PGP
A) MD5
B) RSA
C) SSH
D) PGP
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
35
Kalyna implements a strong system to protect her network communications. It involves DSA (Digital Signature Algorithm) but uses Eliptic Curve Cryptography to enhance the efficiency of the system. What is this technology called?
A) ELGamal and DSA
B) ECDSA
C) RSA-PSS
D) SHA-1 with RSA
A) ELGamal and DSA
B) ECDSA
C) RSA-PSS
D) SHA-1 with RSA
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
36
If the hash of a password is sent across the network, it might be possible to capture and replay it without ever having to attack the hash itself. In order to prevent this, and also keep the hash from being transmitted in the clear, what method can be used?
A) Challenge / Response
B) SSL
C) Cryptographic Authentication
D) Cross Realm Authentication
A) Challenge / Response
B) SSL
C) Cryptographic Authentication
D) Cross Realm Authentication
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
37
Tabatha wants to implement two-factor authentication that includes the use of hardware devices but she doesn't have the budget for smart cards. Which of the following is her next best option?
A) OTP (One Time Passwords)
B) Security Token
C) Proximity Cards
D) Biometric Devices
A) OTP (One Time Passwords)
B) Security Token
C) Proximity Cards
D) Biometric Devices
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
38
ExampleFinancial got attacked by a group of hackers from Elbonia. Forensic analysis shows that a home users machine was infected with a spreading Trojan that got into the corporate network through the VPN. The attackers wanted to use it to capture important source code but also ended up using it to obtain information from the dataset of customer information.
What policy can they implement to avoid this in the future?
A) Enable a 25 character password for all VPN access
B) Do not allow VPN access from home computers
C) Use only dial-up connections for VPN access to a segmented gateway
D) Require bio-metric authentication
What policy can they implement to avoid this in the future?
A) Enable a 25 character password for all VPN access
B) Do not allow VPN access from home computers
C) Use only dial-up connections for VPN access to a segmented gateway
D) Require bio-metric authentication
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
39
Which of the following is not a block cipher?
A) DES
B) Blowfish
C) RC4
D) Rijndael
A) DES
B) Blowfish
C) RC4
D) Rijndael
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
40
What is the best definition of a covert channel?
A) A server using an unusual port for connections
B) Repurposing a protocol for a use other than intended
C) Multiplexing on a communication link
D) Control channels used in technologies such as WiFi or DSL
A) A server using an unusual port for connections
B) Repurposing a protocol for a use other than intended
C) Multiplexing on a communication link
D) Control channels used in technologies such as WiFi or DSL
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
41
What statement best describes the way to prevent a key generating algorithm from create the same keys, weak keys, or a batch of keys that have a lot in common?
A) A different algorithm should be used each time to confuse the cryptanalyst
B) The algorithm should be salted with a one-time random value before each key is made
C) Only one time keys should be used, it is impossible to prevent a computer from repeating a process
D) Keys should always be created offline, by a dedicated system
A) A different algorithm should be used each time to confuse the cryptanalyst
B) The algorithm should be salted with a one-time random value before each key is made
C) Only one time keys should be used, it is impossible to prevent a computer from repeating a process
D) Keys should always be created offline, by a dedicated system
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
42
Caden is considering an email encryption technology. It must be available for multiple types of systems. Which one is his best choice?
A) S/MIME
B) SSH
C) PGP
D) Yahoo
A) S/MIME
B) SSH
C) PGP
D) Yahoo
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
43
One of the disadvantages of symmetric key encryption is key management. For instance, if there are 10 people that wish to exchange data with each other, but maintain confidentiality at the same time, how many keys must be issued?
A) 1000
B) 10
C) 1
D) 45
A) 1000
B) 10
C) 1
D) 45
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
44
Which of the true is not correct in regards to one-time pads?
A) There are the same or greater length than the message being encrypted
B) The pad itself must be exchanged out of band
C) A truly random pad is considered unbreakable
D) If the pad is generated the same way by each party, they don't need to exchange it, therefore it is never exposed to risk
A) There are the same or greater length than the message being encrypted
B) The pad itself must be exchanged out of band
C) A truly random pad is considered unbreakable
D) If the pad is generated the same way by each party, they don't need to exchange it, therefore it is never exposed to risk
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
45
A method for verifying that a message is being exchanged only by two members with a prior association and that its integrity has also been maintained is called:
A) Diffie Hellman
B) Message Digest Fingerprint
C) Message Authentication Code
D) Digital Watermarking
A) Diffie Hellman
B) Message Digest Fingerprint
C) Message Authentication Code
D) Digital Watermarking
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
46
A one time, unique value that is added to an algorithm to ensure a truly random output is called ______?
A) Nonce
B) IV
C) Salt
D) Seed
A) Nonce
B) IV
C) Salt
D) Seed
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
47
Using the HTTP/S Connect(), an attacker can create a:
A) Covert tunnel
B) E-Commerce site
C) SQL Connection
D) Send Email
A) Covert tunnel
B) E-Commerce site
C) SQL Connection
D) Send Email
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
48
Viruses can be described as having three parts: Replicator, Concealer, and Payload. In the payload portion, there is a trigger mechanism and destructive code. When the trigger is based on events such as keystrokes, what class of malware is that considered:
A) Hoax
B) Timed Destruction
C) Keystroke Bomb
D) Logic Bomb
A) Hoax
B) Timed Destruction
C) Keystroke Bomb
D) Logic Bomb
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
49
Which of the following is not a valid mobile phone technology?
A) GSM
B) GPRS
C) GPS
D) CDMA
A) GSM
B) GPRS
C) GPS
D) CDMA
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
50
The ITU Protocol for sending audio-visual data across any packet based network is called:
A) H.323
B) H.636
C) X.500
D) X.509
A) H.323
B) H.636
C) X.500
D) X.509
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
51
The act of stealing information from a victims magnetic strip is called:
A) Sniffing
B) Carding
C) Skimming
D) Bump and Run
A) Sniffing
B) Carding
C) Skimming
D) Bump and Run
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
52
A mechanism that RFID devices use to be rendered inoperative is called:
A) Kill switch
B) Denial of Service
C) Tracking disable
D) The cannot be disabled
A) Kill switch
B) Denial of Service
C) Tracking disable
D) The cannot be disabled
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
53
USB Hacksaw is a tool that can be used to:
A) Automatically download files and email them to the attacker
B) Disable the USB drivers preventing over devices to work
C) Log the USB mouse movements and clicks, then combine them with screenshots
D) Prevent unauthorized access to a PC by acting as a dongle
A) Automatically download files and email them to the attacker
B) Disable the USB drivers preventing over devices to work
C) Log the USB mouse movements and clicks, then combine them with screenshots
D) Prevent unauthorized access to a PC by acting as a dongle
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
54
Programs such as NetNanny can be installed to monitor and control the Internet use on a computer, including keeping logs of chats. To prevent the sites themselves from knowing who visited them, a different tool is used.
Which of the following will accomplish this purpose?
A) GoToMyPC
B) Free Agent Pro
C) NetSeive
D) Anonymizer
Which of the following will accomplish this purpose?
A) GoToMyPC
B) Free Agent Pro
C) NetSeive
D) Anonymizer
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
55
There are many products that take a variety of approaches to protecting laptops from being stolen. They range from physically altering the laptop to make it impossible to resell, to biometric controls to complete drive encryption. Which of the following places a tracking device that can help with locating the physical location of the stolen or misplaced laptop?
A) Stop-Lock
B) PAL PC Tracker
C) Inspice Trace
D) ZTrace Gold
A) Stop-Lock
B) PAL PC Tracker
C) Inspice Trace
D) ZTrace Gold
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
56
Using Internet Explorer setting settings, it is possible to set a security level. High security disables Javascript and Active X controls. Which zone are all of the websites that are visited placed unless they are specifically listed in other custom zones?
A) Internet
B) Trusted
C) Custom
D) Default
A) Internet
B) Trusted
C) Custom
D) Default
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
57
At any given time there are thousands of free proxy servers available on the Internet that can be used to keep certain activities anonymous. What protocol has been designed to allow the chaining together of proxy servers?
A) SOCKS5
B) ProxyChain
C) FreeGate
D) TOR
A) SOCKS5
B) ProxyChain
C) FreeGate
D) TOR
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
58
Onan wants to install a biometric reader to control access to a server room. He knows there will only be about 5 people that will ever need access. In regards to storage of the user account credentials, which of the following systems will be the easiest and most efficient to install?
A) One to one
B) Many to one
C) One to Many
D) The should not be stored in or near the device itself
A) One to one
B) Many to one
C) One to Many
D) The should not be stored in or near the device itself
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
59
Lucas is an Email administrator. He is extremely sick and tired of spam and convinces his boss to let him focus entirely on the email system for awhile. He puts into place a list of countermeasures that include: Spam prevention software at the edge of his network, DNSBLs (DNS Based Black Lists), and Mail Exchanger Callbacks. Still the SPAM comes in.
He decides the next best thing to try is a system that slows down connections to known SPAM relays to at least reduce the volume of traffic that just gets blasted in. What is this technique known as?
A) SPAM Cannibal
B) Sender Policy Framework
C) Teergrubbing (Tar Pit)
D) SMTP Cannonball
He decides the next best thing to try is a system that slows down connections to known SPAM relays to at least reduce the volume of traffic that just gets blasted in. What is this technique known as?
A) SPAM Cannibal
B) Sender Policy Framework
C) Teergrubbing (Tar Pit)
D) SMTP Cannonball
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
60
Which of the following are best practices when securing a mail relay so it is not "open"? (Choose 2)
A) Disable MX zone transfers
B) Filter VRFY and EXPN commands
C) Filter VRFY and ESPN commands
D) Configure SMTP-AUTH
A) Disable MX zone transfers
B) Filter VRFY and EXPN commands
C) Filter VRFY and ESPN commands
D) Configure SMTP-AUTH
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
61
An attacker sends email to a domain toward an invalid address intentionally. A bounce back is sent and the attacker uses the header to determine internal mail relays. How is a header read to determine the path the bounce took?
A) From the bottom up
B) From the top down
C) With a sniffer
D) Headers are not useful, the source of the email is always spoofed
A) From the bottom up
B) From the top down
C) With a sniffer
D) Headers are not useful, the source of the email is always spoofed
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
62
Password hashes are stored on a Windows machine in several locations. Sometimes only the system account has access, but because this is data at rest booting to an alternate OS or remotely access via a call with system rights could work.
Where could password hashes be stored on a Windows host? (choose four)
A) The registry
B) ERD
C) The SAM file
D) A repair file
E) In RAM
Where could password hashes be stored on a Windows host? (choose four)
A) The registry
B) ERD
C) The SAM file
D) A repair file
E) In RAM
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
63
Sara has managed to get access to the passwd file in the Linux system. Which of the following entries shows a user that is in the root permissions group?
Rkuby:x:1001:1001:Ron Kuby:/home/rkuby:/bin/bash dhcp:x:1002:1002::/home/dns:/bin/bash monticore:x:1003:0::/home/monticore:/bin/bash awright:x:1004:500:Amber Wright:/home/awright:/bin/bash
A) awright
B) monticore
C) dhcp
D) The group cannot be determined in the /etc/passwd file
Rkuby:x:1001:1001:Ron Kuby:/home/rkuby:/bin/bash dhcp:x:1002:1002::/home/dns:/bin/bash monticore:x:1003:0::/home/monticore:/bin/bash awright:x:1004:500:Amber Wright:/home/awright:/bin/bash
A) awright
B) monticore
C) dhcp
D) The group cannot be determined in the /etc/passwd file
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 63 flashcards in this deck.
