760 likes | 924 Views
CNIT 123. Review. Chapter 1 Ethical Hacking Overview. Sally wants to hack into the CCSF medical center and get student records, to prove how lousy the security is. What should she do first?. Use Tor Create a fake identity Inform the college administration in writing
E N D
CNIT 123 Review
Sally wants to hack into the CCSF medical center and get student records, to prove how lousy the security is. What should she do first? • Use Tor • Create a fake identity • Inform the college administration in writing • Get permission from the college administration in writing • None of the above
Sally wants to hack into the CCSF medical center and get student records, to prove how lousy the security is. What should she do first? • Use Tor • Create a fake identity • Inform the college administration in writing • Get permission from the college administration in writing • None of the above
What law makes it a federal crime to access classified information without authorization? • CFAA • EPIC • PATRIOT ACT • Stored Wire and Electronic Communication and Transactional Records Act • DMCA
Which of these acts is illegal? • Cracking WEP to use your neighbor's router • Using Nmap to scan google.com • Bypassing a logon password as part of a computer repair job for a customer • Searching for passwords on Google • Reading secret documents on Wikileaks
Which act is not illegal? • Downloading pop music from The Pirate Bay • Connecting to your neighbor's unsecured wireless network • Using a keylogger to get your teacher's final exam • Using a booter to kick rival players off a video game • Joining Anonymous and taking down Sony with the Low Orbit Ion Cannon
Which TCP/IP layer uses MAC addresses? • Application • Transport • Internet • Network • None of the above
Which protocol is encrypted? • HTTP • Telnet • FTP • SMTP • None of the above
I send a SYN to a server, and get a RST back. What state is this port in? • Open • Closed • Filtered • The answer cannot be determined from the information provided
I send an ACK to a server, and get no reply. What state is this port in? • Open • Closed • Filtered • The answer cannot be determined from the information provided
Which TCP header field determines how frequently ACK packets are required? • Destination port • SEQ • ACK • Data offset • Window
Which protocol is the most secure? • Telnet • FTP • SSH • HTTP • SMTP
Which protocol uses the GET method? • Ethernet • IP • TCP • UDP • HTTP
Which protocol uses SYN and ACK? • Ethernet • IP • TCP • UDP • HTTP
Which protocol uses MAC addresses? • Ethernet • IP • TCP • UDP • HTTP
How many bits are there in an IPv4 address? • 8 • 32 • 48 • 128 • 256
What port does Telnet use? • 20 • 21 • 23 • 80 • 443
What makes UDP different from TCP? • UDP has no handshake • UDP is unreliable • UDP transfers data faster • UDP has a smaller header • All of the above
Which threat must be attached to an EXE file? • Virus • Worm • Trojan • Keylogger • Rootkit
Which threat is caused by lying security professionals? • Bot • FUD • DoS • DDoS • Buffer overflow
Which threat is caused by a careless programmer? • Bot • Trojan • DoS • DDoS • Buffer overflow
Which attack uses hundreds or thousands of machines at once? • Buffer overflow • DoS • Spoofing • Spam • DDoS
Which attack defeats physical security? • Virus • Session hijacking • Keylogger • Bump key • Worm
Which item allows you to change HTTP requests as they are sent? • Proxy • Footprinting • Whois • Cookie • Web bug
Which item finds the human who owns a domain name? • HTTP status code • Footprinting • Whois • Cookie • Web bug
Which item finds a list of all the computers at a company? • Extortion • Footprinting • Zone transfer • Cookie • Web bug
What is the most common way to break into an email account? • Extortion • Footprinting • Piggybacking • Shoulder surfing • Phishing
Which tool queries a DNS server? • Proxy • Nmap • Cain • Whois • dig
Which item is a passive plaintext file? • Web bug • Cookie • Zone transfer • HTTP GET • Spam
Which type of scan became far less effective after Windows XP SP2? • PING scan • SYN scan • ACK scan • UDP scan • NULL scan
Which type of scan is the most common, and called a "Stealth scan"? • PING scan • SYN scan • ACK scan • UDP scan • NULL scan
Which OS introduced Plug and Play? • Win 95 • Win XP • Vista • Win 7 • Win 8
Which OS used the FAT file system? • Win 95 • Win XP • Vista • Win 7 • Win 8
Which OS introduced ASLR? • Win 95 • Win XP • Vista • Win 7 • Win 8
Which OS uses null sessions? • Old Windows versions • All Windows versions • Unix • Netware • iOS
Which is an object-oriented language? • C • Assembly language • Machine language • C++ • Perl
Which language is most likely to cause buffer overflow errors? • C • Perl • Visual Basic • Python • Bash shell scripting
Which item is a Windows file-sharing protocol? • FAT • NTFS • ADS • RPC • SMB
Which item has a Lockdown Wizard? • IIS • LDAP • Null sessions • SQL server • CIFS
Which item hides a file inside another file? • ADS • LDAP • Null sessions • WinFS • NTFS
Which item is based on Windows 7? • RTOS • Windows embedded standard • Windows CE • VxWorks • QNX