Busy. Please wait.
Log in using Clever

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
Didn't know it?
click below
Knew it?
click below
Don't know
Remaining cards (0)
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Emerg Issue_Part

Adapted from participation and short answer chapter 1-12

Please explain what is footprinting and list at least four method of footprinting method for information gathering. Footprinting: collect information on company's network with specific tools; passive obtaining of information. Methods of footprinting include: Web tools: paros E-mail searching Using URL Cookies
What is Port scanning? How can be used by the penetration tester a. Find what services are used by the host b. Find the vulnerabilities
What is enumeration -trying to extract information about a resource shares groups assigned, user's password, recent log on times on the network; more intrusive-attempt to access resource
Please list at least four Netbios enumeration tools -nbstat: display netbios table -netwiew: shows shared resource -net use: connect computer with resource files
Please list at least 10 possible weak in Windows OS. -OS boot up unhealthy -file system unhealthy -NTFS -RPC -NetBIOS- hacker may do enumeration -SMB- SMB Relay -Null sessions- anonymous connection without credentials -Webservice- security holes -SQL server - Null system admin password -Buffer over
Please list at least 8 methods for securing the windows OS - Comprehensive password policy - MBSA (Microsoft Baseline security Analyzer) - use security tester - patching systems -antivirus -enable logging and view logs - disable unused service and filtering ports -delete default sharing
What is the best tool for exploiting Null session Enum: brute force password attack
Which Windows operating system did not get infected with malware at all? Windows 98
When was NetBIOS build? -Designed by IBM in 1983
Please list Windows embedded OS examples -Windows embedded standard- Quebec -Windows embedded enterprise- (XP, Vista)
Please list the *Nix Embedded Os -Embedded Linux -Real time Linux -Linux DDWRT
please list the web application top 10 vulnerabilities come out by security professional -CSS attack -infection flaws and malicious file execution -unsecured direct object reference -cross-site request forgery -information leakage -broken authentication -unsecured cryptographic storage -unsecured comm -failure to restrict url access
How to assess web applications To assess web applications: -does the web app use dynamic webpage? - does the web app connect to a back-end database server -does the web app require authentication of the user - on what platform the web app is developed
What is the most important security standard for wireless so far WPA2
Please list at least three kinds of symmetric, three kinds of asymmetric algorithm. Please example the different ways for performing attack in encryption. Symmetric-DES,AES,RC6 Asymmetric-RSA,Diffie-Hellman,Elliptic Curve Bday attack, Man-in-middle, dictionary, replay attack
What is penetration testing security professional performs an attack on a network with permission from the owner to discover vulnerabilities; penetration testers are also called ethical hackers
2 main penetration testing model White box Black box
Created by: ITSec_guy



Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards