Which type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses or worms?

 

 

rootkit

 

backdoor

 

wrapper

 

shield

rootkit

From the command prompt, the following command is issued: telnet  www.myserver.com  80. What process is being implemented for the purpose of information gathering?

 

 

HTML scanning

 

Xmas Tree port scanning

 

TCP SYN scanning

 

banner grabbing

banner grabbing

The IEEE 802.15.1-2005 standard is based on which version of the Bluetooth specifications?

 

 

Bluetooth v2.1

 

Bluetooth v1.2

 

Bluetooth v1.0

 

Bluetooth v1.1

Bluetooth v1.2

 

When using AES-CCMP encryption, the AES-256 bit key performs how many rounds?

 

 

4

 

10

 

13

 

15

13

What type of malware is heavily dependent on  a user in order to spread?

 

 

worm

 

virus

 

infection

 

payload

virus

A ___________ attack is similar to a passive man-in-the-middle attack.

 

 

replay

 

hijacking

 

denial of service

 

buffer overflow

replay

An administrator is running a port scan. He wants to ensure that no processes are listening on port 23. What state should the port be in?

 

 

open

 

blocked

 

established

 

closed

closed

Security is the goal to be free from danger as well as the process that achieves that freedom.

 

 

 

True

Today’s software attack tools do not require any sophisticated knowledge on the part of the attacker.

 

 

 

True

Because a rootkit substitutes its own files and routines in the operating system, it can be difficult to detect the presence of a rootkit.

 

 

 

True
An example of a(n) ___________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user’s knowledge or permission.
vulnerability
____________ provides tracking of events.
Accounting
A type of threat that can come from employees, contractors and business partners such as a disgruntled worker is known as _______________.
Insiders

As network administrator, you have been tasked with gaining a better understanding of who the attackers might be, why they might attack and what type of attacks might occur. Which of the following processes will you implement?

 

 

threat mitigation

 

threat profiling

 

risk modeling

 

threat modeling

threat modeling

A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:

 

 

a rootkit

 

a macro

 

a program

 

a process

a macro

A team of consultants has just completed the process of implementing a  VPN for your company. You have been assigned the task of evaluating the VPN implementation for proper setup and security. Your task is an example of:

 

 

VPN review

 

baseline review

 

design review

 

security review

design review

What security goal do the following have in common: hashing, digital signatures, certificates and non-repudiation tools?

 

 

confidentiality

 

integrity

 

availability

 

safety

integrity

Which type of system security malware allows for access to a computer, program or service without authorization?

 

 

botnet

 

zombie

 

backdoor

 

command and control

backdoor

Which of the following encryption protocols is used in the WPA2 standard?

 

 

AES-CCMP

 

AES-CTR

 

AES-PAP

 

AES-SCMP

AES-CCMP

A worm inserts malicious code into a program or data file, thereby spreading similarly to a virus.

 

 

 

false

APs use antennas that radiate a signal in all directions.

 

 

 

true
Analyzing code as it is written in order to prevent errors and increase security is referred to as:
code review

According to the US Bureau of Labor Statistics, what percentage of growth is the available job outlook for information security analysts supposed to reach by the end of the decade?

 

 

10

 

15

 

22

 

27

22

RADMIN is an example of port scanning software.

 

 

 

true

Vulnerability scans are usually performed from outside the security perimeter.

 

 

 

false
A ______________ is an in-depth examination and analysis of a wireless LAN site.
site survey

 

When a wireless device looks for beacon frames it is known as ___________.

scanning

What type of attack takes advantage of web applications that accept user input without validating it and then present it back to the user?

 

 

zero-day scripting

 

SQL injection

 

cross-site scripting

 

XML injection

cross-site scripting

Which of the following protocols creates an encrypted channel between the client and the authentication server in addition to using Microsoft Windows logins and passwords?

 

 

TKIP

 

LEAP

 

PEAP

 

ICMP

PEAP

What is the end result of a penetration test?

 

 

penetration test profile

 

penetration test report

 

penetration test system

 

penetration test view

penetration test report

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

 

 

session replay

 

session spoofing

 

session hijacking

 

session takeover

session hijacking

An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?

 

 

random

 

sanctioned

 

rogue

 

legitimate

rogue

What is the maximum number of characters that can exit within an SSID?

 

 

10

 

12

 

26

 

32

32

Which of the following SQL injection statements can be used to find specific users?

 

 

whatever’ OR full_name = ‘%Mia%’

 

whatever’ OR full_name IS ‘%Mia%’

 

whatever’ OR full_name LIKE ‘%Mia%’

 

whatever’ OR full_name equals ‘%Mia%’

whatever’ OR full_name LIKE ‘%Mia%’

Which of the following uses a standard web browser to provide information and gives the wireless user the opportunity to agree to a policy or present valid login credentials?

 

 

gateway access point

 

captive portal access point

 

wireless device probe

 

AUP enforcement access point

captive portal access point

A security team has been hired to conduct a black box penetration test; thus, the tester has prior knowledge of the network infrastructure that is being tested. 

 

 

 

false

Successful attacks on computers today consist of a single element, malicious software programs that are created to infiltrate computers with the intent to do harm.

 

 

 

false

A healthy security posture results from a sound and workable strategy toward managing risks.

 

 

 

true
On a piconet, slave devices that are connected but are not actively participating are called ______ slaves.
parked

Of the three types of mutating malware, which type changes its internal code to one of a set number of predefined mutations whenever it is executed?

 

 

oligomorphic malware

 

polymorphic malware

 

metamorphic malware

 

statimorphic malware

oligomorphic malware

A virus that infects an executable program file is known as:

 

 

macro virus

 

program virus

 

companion virus

 

boot sector virus

program virus

Which type of attack is targeted against a smaller group of specific individuals such as the major executives working for a manufacturing company?

 

 

whaling

 

typo squatting

 

watering hole

 

vishing

watering hole

EAP uses which of the following types of packets? (Choose three.)

 

 

request

 

response

 

success

 

error

a, b, c

Because of the important role it plays, DNS can be the focus of attacks.

 

 

 

true

XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.

 

 

 

true

An evil twin is an AP set up by an attacker to mimic an authorized AP with the intent to redirect client devices.

 

 

 

true

If TCP port 53 is open, an attacker can assume that DNS is being used.

 

 

 

true
In the ___________ technique, the virus splits the malicious code into several parts and the parts are placed at random positions throughout the program code.
split infection
A ___________ box test is one in which some limited information has been provided to the tester.
gray

Which of the following SQL injection statements can be used to discover the name of the table?

 

 

whatever%20 AND 1=(SELECT COUNT(*) FROM tabname);–

 

whatever’ AND 1=(SELECT COUNT(*) FROM tabname);–

 

whatever; AND 1=(SELECT COUNT(*) FROM tabname);–

 

whatever%; AND 1=(SELECT COUNT(*) FROM tabname);–

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

 

 

whatever AND email IS NULL;–

 

whatever; AND email IS NULL;–

 

whatever” AND email IS NULL;–

 

whatever’ AND email IS NULL;–

Which of the following is responsible for the issuing of EAP request packets?

 

 

supplicant

 

authenticator

 

authentication server

 

proxy

authenticator
The predecessor to today’s Internet was a network known as ___________.
ARPAnet

Which of the three protections ensures that only authorized parties can view information?

 

 

accounting

 

availability

 

integrity

 

confidentiality

confidentiality

Select the EAP protocol supported by WPA2 Enterprise that securely tunnels any credential form for authentication using TLS.

 

 

EAP-MSCHAPv2

 

EAP-AKA

 

EAP-FAST

 

EAP-SIM

EAP-FAST

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

 

 

 

false
Proper _____________ involves identifying risks but making the decision to not engage in the activity.
risk avoidance
The ______________ reports directly to the chief information officer (CIO) and is responsible for assessing, managing and implementing security.
chief information security officer
A __________________ can detect which ports are served and which ports are browsed for each individual system.
vulnerability scanner

Because PEAP can be vulnerable to specific types of attacks, Cisco recommends that users migrate to a more secure EAP than PEAP.

 

 

 

Bluetooth devices are not backwardly compatible with previous versions.

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>