Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
ITN 261 Study Guide
Midterm Study Guide for ITN 261
| Question | Answer |
|---|---|
| ITN 261 Midterm Study Guide- | |
| Chapter 1: | |
| Question 1 | |
| 10 / 10 pts | |
| Which of the following are people who do bad things, generally actions that are against the law.? | |
| White-hat hackers | |
| Gray-hat hackers | |
| Correct! | |
| Black-hat hackers | |
| Red-hat hackers | |
| Question 2 | |
| 10 / 10 pts | |
| Attacking a company's Web applications to prevent them from being vulnerable is an example of which of the following? | |
| Correct! | |
| Ethical hacking if you have permission | |
| A legal activity if the application is one you use | |
| Black-hat hacking | |
| Ethical hacking if you disclose the vulnerabilities | |
| Question 3 | |
| 10 / 10 pts | |
| Which of the following are people who always do their work for good? | |
| Correct! | |
| White-hat hackers | |
| Hacktivists | |
| Social engineers | |
| Phreaks | |
| Question 4 | |
| 60 / 70 pts | |
| Match the following terminology to it's corresponding definition. | |
| Correct! | |
| Reconnaissance | |
| Correct! | |
| Footprinting | |
| Correct! | |
| Scanning | |
| You Answered | |
| Enumeration | |
| Correct Answer | |
| you will want to identify services running on any available host. | |
| Correct! | |
| Gaining access | |
| Correct! | |
| Maintaining access | |
| Correct! | |
| Covering tracks | |
| Quiz Score: 90 out of 100 | |
| Chapter 2: | |
| Question 1 | |
| 10 / 10 pts | |
| Which of the following activities is the responsibility of the OSI reference model transport layer? | |
| Physical layer connectivity | |
| Delivery of IP packets | |
| Formatting the data | |
| Physical framing | |
| Question 2 | |
| 10 / 10 pts | |
| OSPF operates at which of the following layers of the OSI model? | |
| Session | |
| Application | |
| Trasnport | |
| Network | |
| Question 3 | |
| 10 / 10 pts | |
| Which of the following is a factor that makes scanning UDP more difficult? | |
| Low overhead | |
| Lack of startup and shutdown | |
| Speed | |
| Packet structure | |
| Question 4 | |
| 10 / 10 pts | |
| Which of the following is the main purpose of ICMP? | |
| Packet delivery | |
| Error detection and correction | |
| Logical errors and diagnostics | |
| IP packet delivery | |
| Question 5 | |
| 10 / 10 pts | |
| Which of the following statements is true in regard to protocols? | |
| IP is a routing protocol, whereas RIP is a routable protocol. | |
| OSPF is a routing protocol, whereas IP is a routable protocol. | |
| BGP is used as a routable protocol, whereas RIP is a routing protocol. | |
| OSPF is a routing protocol, BGP is used as a routable protocol | |
| Question 6 | |
| 10 / 10 pts | |
| The characteristics of Ethernet include all but which one of the following? | |
| Collision detection | |
| Sends traffic to all nodes on a hub | |
| CSMA/CD | |
| Sends traffic using a token | |
| Question 7 | |
| 10 / 10 pts | |
| All but which one of the following is security vulnerability found in RIP? | |
| Broadcasts all data | |
| No authentication | |
| Travels only 56 hops | |
| Subject to route poisoning | |
| Question 8 | |
| 10 / 10 pts | |
| Which of the following statements is true in regard to TCP? | |
| It makes no effort at delivering information. | |
| It guarantees delivery of information. | |
| It does not establish session connection. | |
| It is considered an OSI Layer 2 protocol. | |
| Question 9 | |
| 10 / 10 pts | |
| Which of the following is the address range for Class B IP addresses? | |
| 127-191 | |
| 192-223 | |
| 224-239 | |
| 240-255 | |
| Question 10 | |
| 10 / 10 pts | |
| Which of the following is a common application layer attack? | |
| Port scanning | |
| Malware | |
| Session hijack | |
| SYN attack | |
| Quiz Score: 100 out of 100 | |
| Chapter 3: | |
| Question 1 | |
| 10 / 10 pts | |
| Which of the following best describes the first two steps of the footprinting process? | |
| Passive information gathering | |
| Active information gathering | |
| Actively mapping an organization's vulnerabilities | |
| Using vulnerability scanners to map an organization | |
| Question 2 | |
| 10 / 10 pts | |
| Which of the following examples best portrays passive information gathering? | |
| Reviewing job listings posted by the targeted company | |
| Port scanning the targeted company | |
| Calling the company and asking questions about its services | |
| Driving around the targeted company connecting to open wireless connections | |
| Question 3 | |
| 10 / 10 pts | |
| Web resources used to footprint a company include all but which one of the following? | |
| Internet archive | |
| SEC EDGAR | |
| Company Web site | |
| Request for Comments (RFC) archive | |
| Question 4 | |
| 10 / 10 pts | |
| Which of the following databases would be valuable for obtaining information about a company's financial history? | |
| Internet Assigned Numbers Authority (IANA) | |
| Wayback Machine | |
| EDGAR | |
| Whois | |
| Question 5 | |
| 10 / 10 pts | |
| Which of the following best describes the purpose of the intitle command? | |
| Instructs Google to search for a term within the title of a document | |
| Instructs Google to ignore words in the title of a specific document | |
| Instructs Google to look in the URL of a specific site | |
| Instructs Google to search a specific URL | |
| Question 6 | |
| 10 / 10 pts | |
| In order to locate domain information on a Canadian organization, which of the following Regional Internet Registries would be checked first? | |
| LACNIC | |
| APNIC | |
| RIPE | |
| ARIN | |
| Question 7 | |
| 10 / 10 pts | |
| In order to locate domain information on a European organization, which of the following Regional Internet Registries would be checked first? | |
| LACNIC | |
| APNIC | |
| RIPE | |
| ARIN | |
| Question 8 | |
| 10 / 10 pts | |
| Which of the following tools is used to determine the path to a specific IP address? | |
| IANA | |
| Nslookup | |
| Whois | |
| Traceroute | |
| Question 9 | |
| 10 / 10 pts | |
| Which of the following files is edited to block a search engine's bots from indexing an organizational Web site? | |
| lmhosts.txt | |
| robots.txt | |
| host.txt | |
| index.txt | |
| Question 10 | |
| 10 / 10 pts | |
| Which of the following is most likely to provide a wealth of publicly posted information about an organization's employees? | |
| Social networking sites | |
| The organization's intranet | |
| User group forums | |
| Quiz Score: 100 out of 100 | |
| Chapter 5: | |
| Question 1 | |
| 10 / 10 pts | |
| Nmap's -sT command tells the application to do which of the following? | |
| Choose random targets | |
| Pick a target | |
| Treat all hosts as online | |
| Perform a full TCP connection scan | |
| Question 2 | |
| 10 / 10 pts | |
| What does OS fingerprinting allow? | |
| OS vulnerability testing | |
| Network mapping | |
| Host OS identification | |
| Packet capture | |
| Question 3 | |
| 10 / 10 pts | |
| A ___________ scan detects packets in which all flags are active. | |
| XMAS | |
| FIN | |
| ACK | |
| SYN | |
| Question 4 | |
| 10 / 10 pts | |
| Which of the following is a tool used for network mapping? | |
| Superscan | |
| Cheops | |
| THC-SCan | |
| Kismet | |
| Question 5 | |
| 10 / 10 pts | |
| A SYN scan is useful for which of the following purposes? | |
| Checking for FIN flags | |
| Detecting open connections without completing the TCP handshake | |
| Sending packets with no flags set | |
| Sending packets with all flags set | |
| Question 6 | |
| 10 / 10 pts | |
| Modems can be located by conducting what type of attack? | |
| Wardialing | |
| Wardriving | |
| Pinging | |
| Port scans | |
| Question 7 | |
| 10 / 10 pts | |
| Which of the following ports does SSH operate on? | |
| 20 | |
| 22 | |
| 80 | |
| 110 | |
| Question 8 | |
| 10 / 10 pts | |
| Which of the following best describes the SYN flag? | |
| Synchronize sequence number **a - 144 | |
| Acknowledgement of sequence number | |
| Final data flag used during the four-step shutdown | |
| Reset bit used to close an abnormal connection | |
| Question 9 | |
| 10 / 10 pts | |
| All of the following are active fingerprinting tools except: | |
| Xprobe2 | |
| Nmap | |
| Superscan | |
| p0f | |
| Question 10 | |
| 10 / 10 pts | |
| Which of the following is a tool used for wardriving? | |
| Superscan | |
| Cheops | |
| THC-SCan | |
| Kismet | |
| Quiz Score: 100 out of 100 | |
| Chapter 6: | |
| Question 1 | |
| 10 / 10 pts | |
| Through which of the following can port scans gain information about Windows IPC administrative share information? | |
| Correct! | |
| NULL sessions | |
| Telnet | |
| A Web browser | |
| Social engineering | |
| Question 2 | |
| 0 / 10 pts | |
| NetBIOS enumeration can allow ___________. | |
| registry enumeration | |
| trusted domain enumeration | |
| user enumeration | |
| Correct! | |
| registry enumeration, trusted domain enumeration, and user enumeration | |
| Question 3 | |
| 10 / 10 pts | |
| Which of the following is an attack that uses the rights of a low-privilege user to assume higher privileges? | |
| Root attack | |
| User emulation | |
| Rights modification | |
| Correct! | |
| Privilege escalation | |
| Question 4 | |
| 10 / 10 pts | |
| Installing Netcat on a remote system by using an exploit is an example of what type of attack? | |
| Privilege escalation | |
| Default software exploit | |
| Correct! | |
| Installing a back door | |
| Rootkit installation | |
| Question 5 | |
| 10 / 10 pts | |
| Enumeration can be used to discover all but which of the following types of information? | |
| Correct! | |
| Smartcard PINs | |
| Ports | |
| Services | |
| Shares | |
| Question 6 | |
| 10 / 10 pts | |
| Processes in Windows run in all of but which one of the following user contexts? | |
| Local service | |
| System | |
| Current user | |
| Correct! | |
| Remote access | |
| Question 7 | |
| 10 / 10 pts | |
| Which of the following is a database on the local system that stores user account information? | |
| Correct! | |
| Security Account Manager (SAM) | |
| Local Security Account (LSA) | |
| Kerberos | |
| BitLocker | |
| Question 8 | |
| 0 / 10 pts | |
| Which of the following best describes what occurs when a user attempts a connection to a Windows system without the standard username and password being provided? | |
| Correct! | |
| NULL session | |
| Privilege escalation | |
| Enumeration | |
| Backdoor | |
| Question 9 | |
| 10 / 10 pts | |
| Which of the following best describes what occurs when a lower-level account is cracked in order to obtain increased access? | |
| NULL session | |
| Correct! | |
| Privilege escalation | |
| Enumeration | |
| Backdoor | |
| Question 10 | |
| 10 / 10 pts | |
| Which of the following is a utility specifically designed to troubleshoot name resolution issues? | |
| Ping | |
| Correct! | |
| Nbtstat | |
| Tracert | |
| Netstat | |
| Quiz Score: 100 out of 100 | |
| Chapter 7: | |
| Question 1 | |
| 10 / 10 pts | |
| What is it called when you obtain administrative privileges from a normal user account? | |
| Correct! | |
| Privilege escalation | |
| Account migration | |
| Privilege migration | |
| Account escalation | |
| Question 2 | |
| 10 / 10 pts | |
| What does John the Ripper’s single crack mode, the default mode, do? | |
| Checks every possible password | |
| Correct! | |
| Uses known information and mangling rules | |
| Uses a built-in wordlist | |
| Uses wordlist and mangling rules | |
| Question 3 | |
| 10 / 10 pts | |
| What is the trade-off for using rainbow tables? | |
| Disk space prioritized over speed | |
| Accuracy prioritized over disk space | |
| Speed prioritized over accuracy | |
| Correct! | |
| Speed prioritized over disk space | |
| Question 4 | |
| 10 / 10 pts | |
| What would an attacker use an alternate data stream on a Windows system for? | |
| Correct! | |
| Hiding files | |
| Running programs | |
| Storing PowerShell scripts | |
| Blocking files | |
| Question 5 | |
| 10 / 10 pts | |
| If you were looking for reliable exploits you could use against known vulnerabilities, what would you use? | |
| Tor network | |
| Meterpreter | |
| msfvenom | |
| Correct! | |
| Exploit-DB | |
| Question 6 | |
| 10 / 10 pts | |
| You’ve installed multiple files and processes on the compromised system. What should you also look at installing? | |
| Registry keys | |
| Alternate data streams | |
| Correct! | |
| Rootkit | |
| Root login | |
| Question 7 | |
| 10 / 10 pts | |
| What does pivoting on a compromised system get you? | |
| Database access | |
| Correct! | |
| A route to extra networks | |
| Higher level of privileges | |
| Persistent access | |
| Question 8 | |
| 10 / 10 pts | |
| What would you use the program rtgen for? | |
| Generate wordlists | |
| Correct! | |
| Generating rainbow tables | |
| Generating firewall rules | |
| Persistent access | |
| Question 9 | |
| 10 / 10 pts | |
| What tool would you use to compromise a system and then perform post-exploitation actions? | |
| nmap | |
| John the Ripper | |
| searchsploit | |
| Correct! | |
| Metasploit | |
| Question 10 | |
| 10 / 10 pts | |
| What application would be a common target for client-side exploits? | |
| Web server | |
| Correct! | |
| Web browser | |
| Web application firewall | |
| Web pages | |
| Quiz Score: 100 out of 100 |
Created by:
user-1808614