Topic 1: Exam Pool A
Which of the following tools performs comprehensive tests against web servers, including
dangerous files and CGIs?
A.
Nikto
B.
John the Ripper
C.
Dsniff
D.
Snort
Nikto
Explanation:
https://en.wikipedia.org/wiki/Nikto_(vulnerability_scanner)
Nikto is a free software command-line vulnerability scanner that scans web servers for
dangerous files/CGIs, outdated server software, and other problems. It performs generic
and server types specific checks. It also captures and prints any cookies received. The
Nikto code itself is free software, but the data files it uses to drive the program are not.
Tess King is using the nslookup command to craft queries to list all DNS information (such
as Name Servers, host names, MX records, CNAME records, glue records (delegation for
child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.
What do you think Tess King is trying to accomplish? Select the best answer.
A.
A zone harvesting
B.
A zone transfer
C.
A zone update
D.
A zone estimate
A zone transfer
What is the purpose of a demilitarized zone on a network?
A.
To scan all traffic coming through the DMZ to the internal network
B.
To only provide direct access to the nodes within the DMZ and protect the network
behind it
C.
To provide a place to put the honeypot
D.
To contain the network devices you wish to protect
To only provide direct access to the nodes within the DMZ and protect the network
behind it
Which mode of IPSec should you use to assure security and confidentiality of data within
the same LAN?
A.
ESP transport mode
B.
ESP confidential
C.
AH permiscuous
D.
AH Tunnel mode
ESP transport mode
Todd has been asked by the security officer to purchase a counter-based authentication
system. Which of the following best describes this type of system?
A.
A biometric system that bases authentication decisions on behavioral attributes.
B.
A biometric system that bases authentication decisions on physical attributes
C.
An authentication system that creates one-time passwords that are encrypted with
secret keys
D.
An authentication system that uses passphrases that are converted into virtual
passwords.
An authentication system that creates one-time passwords that are encrypted with
secret keys
Bob, a network administrator at BigUniversity, realized that some students are connecting
their notebooks in the wired network to have Internet access. In the university campus,
there are many Ethernet ports available for professors and authorized visitors but not for
students.
He identified this when the IDS alerted for malware activities in the network. What should
Bob do to avoid this problem?
A.
Disable unused ports in the switches
B.
Separate students in a different VLAN
C.
Use the 802.1x protocol
D.
Ask students to use the wireless network
Use the 802.1x protocol
You have gained physical access to a Windows 2008 R2 server which has an accessible
disc drive. When you attempt to boot the server and log in, you are unable to guess the
password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool
can change any user’s password or activate disabled Windows accounts?
A.
John the Ripper
B.
SET
C.
CHNTPW
D.
Cain & Abel
CHNTPW
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming
through the firewall if your network is comprised of Windows NT, 2000, and XP?
A.
110
B.
135
C.
139
D.
161
E.
445
F.
1024
135
139
445
What is not a PCI compliance recommendation?
A.
Use a firewall between the public network and the payment card data.
B.
Use encryption to protect all transmission of card holder data over any public network.
C.
Rotate employees handling credit card transactions on a yearly basis to different
departments.
D.
Limit access to card holder data to as few individuals as possible.
Rotate employees handling credit card transactions on a yearly basis to different
departments.
Explanation:
https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security
Build and Maintain a Secure Network
1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security
parameters.
Protect Cardholder Data
3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software or programs.
6. Develop and maintain secure systems and applications.
Implement Strong Access Control Measures
7. Restrict access to cardholder data by business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
Regularly Monitor and Test Networks
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
Maintain an Information Security Policy
12. Maintain a policy that addresses information security for employees and contractors.
A hacker is an intelligent individual with excellent computer skills and the ability to explore a
computer’s software and hardware without the owner’s permission. Their intention can
either be to simply gain knowledge or to illegally make changes.
Which of the following class of hacker refers to an individual who works both offensively
and defensively at various times?
A.
White Hat
B.
Suicide Hacker
C.
Gray Hat
D.
Black Hat
Gray Hat
You are the Network Admin, and you get a complaint that some of the websites are no
longer accessible. You try to ping the servers and find them to be reachable. Then you type
the IP address and then you try on the browser, and find it to be accessible. But they are
not accessible when you try using the URL.
What may be the problem?
A.
Traffic is Blocked on UDP Port 53
B.
Traffic is Blocked on TCP Port 80
C.
Traffic is Blocked on TCP Port 54
D.
Traffic is Blocked on UDP Port 80
Traffic is Blocked on UDP Port 53
Explanation: Most likely have an issue with DNS.
DNS stands for “Domain Name System.” It’s a system that lets you connect to websites by
matching human-readable domain names (like example.com) with the server's unique ID
where a website is stored.
Think of the DNS system as the internet’s phonebook. It lists domain names with their
corresponding identifiers called IP addresses, instead of listing people’s names with phone numbers. When a user enters a domain name like wpbeginner.com on their device,
it looks up the IP address and connects them to the physical location where that website is
stored.
NOTE: Often DNS lookup information will be cached locally inside the querying computer
or remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When
DNS information is cached, steps are skipped from the DNS lookup process, making it
quicker. The example below outlines all 8 steps when nothing is cached.
The 8 steps in a DNS lookup:
1. A user types ‘example.com’ into a web browser, and the query travels into the Internet
and is received by a DNS recursive resolver;
2. The resolver then queries a DNS root nameserver;
3. The root server then responds to the resolver with the address of a Top-Level Domain
(TLD) DNS server (such as .com or .net), which stores the information for its domains.
When searching for example.com, our request is pointed toward the .com TLD;
4. The resolver then requests the .com TLD;
5. The TLD server then responds with the IP address of the domain’s nameserver,
example.com;
6. Lastly, the recursive resolver sends a query to the domain’s nameserver;
7. The IP address for example.com is then returned to the resolver from the nameserver;
8. The DNS resolver then responds to the web browser with the IP address of the domain
requested initially;
Once the 8 steps of the DNS lookup have returned the IP address for example.com, the
browser can request the web page:
9. The browser makes an HTTP request to the IP address;
10. The server at that IP returns the webpage to be rendered in the browser.
NOTE 2: DNS primarily uses the User Datagram Protocol (UDP) on port number 53 to
serve requests. And if this port is blocked, then a problem arises already in the first step.
But the ninth step is performed without problems.
What is one of the advantages of using both symmetric and asymmetric cryptography in
SSL/TLS?
A.
Supporting both types of algorithms allows less-powerful devices such as mobile phones
to use symmetric encryption instead.
B.
Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
C.
Symmetric encryption allows the server to security transmit the session keys out-ofband.
D.
Asymmetric cryptography is computationally expensive in comparison. However, it is
well-suited to securely negotiate keys for use with symmetric cryptography.
Supporting both types of algorithms allows less-powerful devices such as mobile phones
to use symmetric encryption instead.
| Page 1 out of 48 Pages |