Assignment

Question 1
__________ is the exploitation of an organization's telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources.
War driving
Line dialing
PBX driving
War dialing

Question 2
__________ cryptography is the most common method on the Internet for authenticating a message sender or encrypting a message.
Symmetric
Hash-based
Private-key
Public-key

Question 3
__________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD.
Gnoppix
GeeXboX
Morphix
Damn Small Linux

Question 4
The __________ utility tests the integrity of an ODBC data source.
odbcping
ASPRunner
FlexTracer
DbEncrypt

Question 5
In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP and Telnet, operate.
Internet
network
transport
application

Question 6
Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________.
a pound sign
two dashes
a single quotation mark
double quotes

Question 7
__________ allow attackers to pass malicious code to different systems via a web application.
SQL injection attacks
XSS vulnerabilities
Authentication hijacking attacks
Command injection flaws

Question 8
A __________ is a trusted entity that signs certificates and can vouch for the identity of the user and the user's public key.
verification authority
certification authority
validation authority
registration authority

Question 9
Null sessions require access to TCP port __________.
139
141
345
349

Question 10
__________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server.
ODBC
SQLP
OSQL
SRS

Question 11
The __________ file is used to determine which TTY devices the root user is allowed to log in to.
/usr/securetty
/etc/securetty
/var/securetty
/home/securetty

Question 12
__________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after connecting to it.
CheckOK
SMTPCheck
SMTPMon
SLCheck

Question 13
__________ is a method of gaining access to sensitive data in a Bluetooth-enabled device.
Bluebugging
Bluesnarfing
BTKeylogging
Blueprinting

Question 14
__________ is a simple form of attack aimed directly at the application's business logic.
Authentication hijacking
Parameter tampering
Cookie poisoning
Session poisoning

Question 15
Once the Oracle database server has been traced, the first port of call is made to the __________ listener.
SQL
TNS
TCP
PL/SQL

Question 16
__________ is a common and easy form of SQL injection. The technique involves evading the logon forms.
Command injection
SELECT bypass
INSERT injection
Authorization bypass

Question 17
__________ gathering is the process of accumulating information from resources like the Internet that can later be analyzed as business intelligence.
Competitive intelligence
Tracerouting
Passive information
Footprinting

Question 18
__________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned third-party applications on the iPhone.
iFuntastic
iNdependence
iActivator
AppSnapp

Question 19
Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during authentication. This is called the __________ value of an authentication header.
registration
site
domain
realm

Question 20
Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools menu.
Clear History
Clear Private Data
Delete Private Data
Delete History

Question 21
A(n) __________ is a custom command in Linux that is a substitute for a formal command string.
user string
system link
alias
link

Question 22
A __________ is a device that cannot function in any capacity.
block
brick
rock
cage

Question 23
__________ involves plotting the tables in the database.
Database enumeration
Database footprinting
Table footprinting
Table enumeration

Question 24
A __________ is a device that receives digital signals and converts them into analog signals, and vice versa.
firewall
proxy
hub
modem

Question 25
Which of the following types of tools would be most effective in cracking UNIX passwords?
Ophcrack
KerbCrack
John the Ripper
RainbowCrack

Question 26
SQL Server, like other databases, delimits queries with a __________.
colon
period
semicolon
comma

Question 27
__________ is a unique 15- or 17-digit code used to identify a mobile station to a GSM network.
IMEI
SIMID
SIM
PhoneID

Question 28
Which of the following password attacks is conducted using nontechnical means?
hybrid
brute force
social engineering
rainbow tables

Question 29
In __________-level hijacking, the attacker obtains the session IDs to get control of an existing session or to create a new, unauthorized session.
network
data link
transport
application

Question 30
Which of the tools listed below can be used to execute code on remote Windows systems?
X.exe
PsExec
Rsync
Ghost

Question 31
Kaspersky is used as __________.
a hacking tool against PDAs
a hacking tool against IPHONEs
a hacking tool against IPODs
an antivirus for Windows Mobile

Question 32
__________ viruses search all drives and connected network shares to locate files with an EXE or SCR extension.
W32/Madang-Fam
W32/Hasnot-A
W32/Fujacks-AK
W32/Fujacks-E

Question 33
What is the difference between online and offline password attacks?
Online attacks are conducted against people using the Internet, and offline attacks are conducted against people on private networks.

Online attacks target passwords or their representations as they traverse a network, and offline attacks focus on stored passwords.
Online attacks are used to gain access to systems, and offline attacks are used to knock systems off the network.
Offline attacks target passwords or their representations as they traverse a network, and online attacks focus on stored passwords.

Question 34
__________ synchronizes the information between a Palm device and a desktop PC.
HotSync
ActiveSync
PocketSync
PalmSync

Question 35
__________ is a type of computer architecture in which multiple processors share the same memory and are each assigned different tasks to perform.
Xcode
Multitasking
Cocoa
Symmetric multiprocessing

Question 36
__________ hackers are information security professionals who specialize in evaluating, and defending against, threats from attackers.
Gray-hat
Black-hat
Consulting
Ethical

Question 37
An __________ share is a hidden share that allows communication between two processes on the same system.
SMC
IPC
EPC
SMB

Question 38
The __________ method appends data in the URL field.
POST
GET
APPEND
URL

Question 39
__________ is a lightweight substitute for telnet that enables the execution of processes on other systems, eliminating the need for manual installation of client software.
PsExec
Alchemy Remote Executor
Emsa FlexInfo Pro
RemoteApp

Question 40
__________ is a back-end GPL tool that works directly with any RFID ISO-reader to make the content stored on the RFID tags accessible.
RFDump
RFReader
RFReceiver
RFExplorer

Question 41
__________ is a parallelized login cracker that supports numerous protocols for attack.
ADMsnmp
SING
Hydra
John the Ripper

Question 42
IT __________ are designed to evaluate an organization's security policies and procedures.
ping sweeps
vulnerability assessments
penetration tests
security audits

Question 43
__________ is the act of gathering information about the security profile of a computer system or organization, undertaken in a methodological manner.
Tracerouting
Passive information gathering
Footprinting
Competitive intelligence gathering

Question 44
__________ is a command-line interface for Microsoft SQL Server that allows an attacker to execute commands on the underlying operating system, execute SQL queries, and upload files to a remote server.
SQLExec
Absinthe
Sqlninja
SQLSmack

Question 45
__________ occurs when hackers break into government or corporate computer systems as an act of protest.
Hacktivism
Cyber terrorism
Cybercrime
Suicide hacking

Question 46
Mac OS X includes __________, a collection of frameworks, APIs, and accompanying runtimes that allows for a host of open-source web, database, scripting, and development technologies.
Cocoa
Coffee
Bean
Xcode

Question 47
__________ is usually employed when the attacker discerns that there is a low probability that these reconnaissance activities will be detected.
Social engineering
Direct information gathering
Active reconnaissance
Inactive reconnaissance

Question 48
__________ is a programming language that permits website designers to run applications on the user's computer.
Java
Ruby
Python
Smalltalk

Question 49
_________ hijacking is a hacking technique that uses spoofed packets to take over a connection between a victim and a target machine.
ACK
Blind
TCP/IP
Network-level

Question 50
In order for traffic to get back to the attacker during session hijacking, a process called __________ is used that allows the sender to specify a particular route for the IP packet to take to the destination.
desynchronization
source routing
spoofing
TCP routing

Question 51
__________ is a worm for Windows XP that downloads and executes malicious files on the compromised computer and spreads through removable storage devices.
HTTP W32.Drom
W32/VBAut-B
W32/QQRob-ADN
W32/SillyFDC-BK

Question 52
The Java-based __________ worm spreads through Bluetooth and affects unprotected Mac OS X 10.4 systems.
OSX/Leap-A
AppHook.B
Inqtana.A
BTHook-A

Question 53
__________ is a virus targeted against mobile personal digital assistant devices.
Skulls
Brador
Doomboot.A
Podloso

Question 54
The __________ stores confidential information that is accessible only from inside the organization.
public website
confidential website
private website
external website

Question 55
__________ is the unauthorized alteration of routing tables.
Route poisoning
Routing table spoofing
Routing table poisoning
Route spoofing

Question 56
__________ automatically scans a computer, looking for cookies created by Internet Explorer, Mozilla Firefox, and Netscape Navigator, and then displays the data stored in each one.
Cookie Viewer
Cookie Explorer
Cookie Browser
Cookie Manager

Question 57
__________ is a tool that administrators can use to test the reliability of their critical systems and determine what actions they must take to fix any problems.
DbEncrypt
AppDetective
Selective Audit
AppRadar

Question 58
The __________ script allows a remote user to view the code of server-side scripts.
Showlogin.asp
Showcode.asp
RemoteAccess.asp
Remotelogin.asp

Question 59
__________ is a method in which a sniffer is used to track down a conversation between two users.
A man-in-the-middle (MITM) attack
Session hijacking
IP spoofing
Network tapping

Question 60
__________ is a small utility that lists all USB devices currently connected to a computer, as well as all previously used USB devices.
MyUSBOnly
USB Blocker
USB CopyNotify!
USBDeview

Question 61
After gaining access, what is the attacker's next goal?
Cover their tracks.
Start denial-of-service attacks.
Find ways to maintain access.
None of the above.

Question 62
__________ is an HTTP authentication brute-force program. It attempts to guess passwords for basic HTTP authentication by logging in to a web server.
Authforce
ObiWaN
Hydra
Cain & Abel

Question 63
__________ record the parts of the website visited and can contain identifying information.
Logs
Records
Cookies
Certificates

Question 64
Web applications have a three-layered architecture consisting of presentation, logic, and __________.
application
data layers
transport
HTTP

Question 65
__________ is a Linux security feature that enables a user to choose the directory that an application can access.
Chroot
Sandbox
Jailroot
Rootjail

Question 66
There are several aspects to security, and the owner of a system should have confidence that the system will behave according to its specifications. This is called __________.
confidentiality
reusability
accountability
assurance

Question 67
The __________ command displays the ARP table and is used to modify it.
ifconfig -arp
arp-table
netstat -arp
arp

Question 68
__________ detects and monitors Bluetooth devices in a wireless network. It provides information about the features of each device and the services provided by it.
Bluetooth Network Scanner
BlueFire Mobile Security
BlueAuditor
BlueWatch

Question 69
Which of the following statements best describes a penetration test?
A penetration test is using a password cracker to gain access to a system.
A penetration test is an attempt to simulate methods used by attackers to gain unauthorized access to a computer system.

A penetration test is the act of hacking computer systems; it is used by criminals to attack legitimate organizations.
A penetration test is an audit of an organization's security policies and procedures.

Question 70
Which website can an ethical hacker visit to see web pages from 2002?
www.symantec.com
www.archive.org
www.oldwebsites.net
www.historyoftheinternet.com

Question 71
__________ provides a complete view for monitoring and analyzing activity within USB host controllers, USB hubs, and USB devices.
USB PC Lock
USBlyzer
Advanced USB Monitor
Virus Chaser USB

Question 72
The __________ is due to a canonicalization error in IIS 4.0 and 5.0 that allows an attacker to use malformed URLs to access files and folders located on the logical drive that includes web folders.
canonicalization vulnerability
::$DATA vulnerability
Unicode directory traversal vulnerability
Msw3prt IPP vulnerability

Question 73
A __________ attack adds numbers or symbols to a dictionary file's contents to crack a password successfully.
brute-force
dictionary
hybrid
parameter manipulation

Question 74
Only __________ scan is valid while scanning a Windows system.
SYN
Null
FIN
Xmas

Question 75
Ethical hackers use their knowledge and skills to __________.
learn the details of computer systems and enhance their capabilities
attack government and commercial businesses
develop new programs or reverse-engineer existing software to make it more efficient
defend networks from malicious attackers

Question 76
Tripwire protects against Trojan horse attacks by __________.
blocking the port that the Trojan program is listening on
removing any Trojan horse programs found on the system
detecting unexpected changes to a system utility file that may indicate it had been replaced by a Trojan horse
quarantining any Trojan horse programs discovered on the system

Question 77
The ISAPI extension responsible for IPP is __________.
msisapi.dll
msw3prt.dll
msipp5i.dll
isapiipp.dll

Question 78
__________ is a protocol used to create, modify, and terminate sessions such as VOIP.
SMS
SIP
GSMA
GPRS

Question 79
A(n) __________ is a specific way to breach the security of an IT system through a vulnerability.
hole
exposure
exploit
threat

Question 80
__________ is a portable, battery-powered device that mediates interactions between RFID readers and RFID tags.
RSA blocker tag
RFID Firewall
RFID Guardian
Kill switch

Question 81
Which of the statements below correctly describes a dictionary attack against passwords?
It is an attack that tries every combination of characters until a correct password is identified.
It is an attack that uses a list of words to guess passwords until a correct password is identified.
It is an attack that uses a list of words and appends additional numbers or characters to each word until a correct password is identified.
It is an attack that uses precomputed values until a correct password is identified.

Question 82
The __________ are the agreed-on guidelines for a penetration test.
rules of engagement
project scope statements
test requirements
service-level agreements (SLAs)

Question 83
The Network News Transport Protocol service uses port __________.
110
119
135
139

Question 84
A(n) __________ is the logical, not physical, component of a TCP connection.
ISN
socket
port
SYN

Question 85
__________ reconnaissance is a hacker's attempt to scout for or survey potential targets and then investigate the target using publicly available information.
Active
Passive
Public
Open

Question 86
A __________, also called a packet analyzer, is a software program that can capture, log, and analyze protocol traffic over the network and decode its contents.
sniffer
recorder
logger
tapper

Question 87
__________ is, simply enough, looking through an organization's trash for any discarded sensitive information.
Trash diving
Trash carving
Dumpster searching
Dumpster diving

Question 88
__________ is a secure method of posting data to the database.

URL
SQL
GET
POST

Question 89
How do you defend against privilege escalation?
Use encryption to protect sensitive data.
Restrict the interactive logon privileges.
Run services as unprivileged accounts.
Run users and applications on the least privileges.

Question 90
When an ethical hacker uses nslookup, which protocol are they querying?
DNS
HTTPS
SMB
NTP

Question 91
Bluetooth-enabled devices communicate via short-range, ad hoc networks known as __________.
piconets
uninets
btnets
pans

Question 92
The act of hiding data within or behind other data is known as __________.
encoding
encryption
steganography
fuzzing

Question 93
A __________ occurs when a connection between the target and host is in the established state, or in a stable state with no data transmission, or the server's sequence number is not equal to the client's acknowledgment number, or the client's sequence number is not equal to the server's acknowledgment number.
synchronization state
blind hijacking
source routing
desynchronization state

Question 94
__________ are software applications that run automated tasks over the Internet.
Zombies
Spiders
Bots
Crawlers

Question 95
Which of the following definitions best describes a wrapper?
A wrapper is a packet-crafting technique used to perform stealthy port scans.
A wrapper is an encryption tool used to hide messages inside image files.
A wrapper is a method of hiding a virus inside an executable file.
A wrapper is a tool used to bind a Trojan to a legitimate file.

Question 96
In a hit-and-run attack, __________.
the attacker constantly injects bad packets into the router
the attacker mistreats packets, resulting in traffic congestion
the attacker injects a few bad packets into the router
the attacker alters a single packet, resulting in denial of service

Question 97
__________ is a command-line TCP/IP packet assembler/analyzer.
Hping2
Firewalk
WUPS
Blaster Scan

Question 98
The __________ tool traces various application calls from Windows API functions to the Oracle Call Interface.
ASPRunner
FlexTracer
odbcping
SQL Query Analyzer

Question 99
With the __________ tool, you can ping multiple IP addresses simultaneously.
Fping
Nmap
Nessus
Unicornscan

Question 100
Attackers use a technique called __________ to exploit the system by pretending to be legitimate users or different systems.
identity theft
impersonation
spoofing
flooding

Question 101
__________ is a Microsoft-proprietary protocol that authenticates users and computers based on an authentication challenge and response.
LMLAN
Kerberos
NTLM
NTLAN

Question 102
__________ reconstructs a device's Bluetooth PIN and link key from data sniffed during a pairing session.
Blooover
Hidattack
BTCrack
Cabir and Mabir

Question 103
This type of port scanning technique splits a TCP header into several packets so that the packet filters cannot detect what the packets intend to do.
UDP scanning
IP fragment scanning
inverse TCP flag scanning
ACK flag scanning

Question 104
__________ is an application that, when installed on a system, runs a background process that silently copies files from any USB flash drive connected to it.
USB Switchblade
USBDumper
USB Hacksaw
USB Copy 'em all

Question 105
__________ is an application that identifies all Bluetooth-enabled devices, their communications, and their connectivity within a given area.
BlueSweep
BlueWatch
BlueKey
BlueFire Mobile

Question 106
__________ URLs, or intranets, are private links that only a company's employees use.
Internal
Private
Organizational
Domain

Question 107
In Internet Explorer, the __________ zone is a security zone for sites that the user has designated as safe to visit.
user sites
legal sites
white list
trusted sites

Question 108
Which of the following is not a category of security assessment?
security audit
rootkit detection
vulnerability assessment
penetration testing

Question 109
A hacker has successfully used a tool to intercept communications between two entities and establish credentials with both sides of the connection. The two remote ends of the communication never notice that the attacker is relaying the information between the two. This is called a(n) __________ attack.
man-in-the-middle
interceptoring
MAC poisoning attack
firewalking

Question 110
__________ is a cable modem hacking program. It performs the task of uncapping by incorporating all the uncapping steps into one program.
Yersinia
OneStep: ZUP
Zebra
Solar Winds MIB Browser

Question 111
Information on all Linux accounts is stored in the __________ and /etc/shadow files.
/etc/conf
/etc/passwd
/etc/password
/conf/passwd

Question 112
Which type of penetration test is conducted with absolutely no prior knowledge of the target environment?
white-box testing
gray-box testing
red-hat testing
black-box testing

Question 113
Redirections for URLs are handled with the __________ URL handler, which can cause errors in older versions of Internet Explorer.
goto:
mdir:
mhtml:
redir:

Question 114
Traceroute uses the __________ field in an IP packet to determine how long it takes to reach a target host and whether that host is reachable and active.
IHL
flags
TOS
TTL

Question 115
Which of the following is not a Microsoft Internet Information Services vulnerability?
::$DATA vulnerability
UFS integer overflow vulnerability
Showcode.asp vulnerability
WebDAV/RPC exploits

Question 116
Which of the following statements best describes the rules of engagement for a penetration test?
The rules of engagement are the systems that a tester can knock offline during a penetration test.
The rules of engagement are the agreed-upon guidelines for a penetration test, including desired code of conduct and procedures.
The rules of engagement define the service-level agreement and scope of a penetration test.
The rules of engagement include the insurance and risk management associated with third-party testing.

Question 117
The __________ service is responsible for sending a response packet that contains connection details to clients who send a specially formed request.
SSRS
OSQL
ODBC
SQLP

Question 118
The RFID __________ policy establishes the framework for many other security controls. It provides a vehicle for management to communicate its expectations regarding the RFID system and its security.
security
physical access
secure disposal
usage

Question 119
A __________ is a set of related programs, usually located at a network gateway server, that protect the resources of a private network from other network users.
firewall
proxy
packet filter
router

Question 120
While conducting an ethical penetration test in Europe, which Regional Internet Registry (RIR) would you use?
APNIC
RIPE NCC
ARIN
LACNIR

Question 121
__________ is a tool for performing automated attacks against web-enabled applications.
cURL
dotDefender
Burp Intruder
AppScan

Question 122
If the supplied data does not fit within the size constraints of a single packet, the data is spread among multiple packets in a process known as __________.
framing
separation
fragmentation
division

Question 123
__________ is a nonvoice service available with most GSM networks.
CDMA
EDO
EDVA
GPRS

Question 124
The information resource or asset that is being protected from attacks is usually called the __________.
key value
target of evaluation
main asset
target asset

Question 125
__________ is an information service provider that helps law offices, government agencies, businesses, and individuals find information about people.
People-Search-America.com
Best People Search
Switchboard
Google Finance