The Ultimate Fundamentals Of Networking Test!

102 Questions | Total Attempts: 614

SettingsSettingsSettings
The Ultimate Fundamentals Of Networking Test! - Quiz

.


Questions and Answers
  • 1. 
    What is the purpose of a demilitarized zone on a network?
    • A. 

      To only provide direct access to the nodes within the DMZ and protect the network behind it

    • B. 

      To provide a place to put the honeypot

    • C. 

      To scan all traffic coming through the DMZ to the internal network

    • D. 

      To contain the network devices you wish to protect

  • 2. 
    You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?
    • A. 

      Snort

    • B. 

      Nmap

    • C. 

      Cain & Able

    • D. 

      Nessus

  • 3. 
    In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?
    • A. 

      Double Hashing

    • B. 

      Keyed Hashing

    • C. 

      Salting

    • D. 

      Key Stretching

  • 4. 
    Which is the first step followed by Vulnerability Scanners for scanning a network?
    • A. 

      Checking if the remote host is alive

    • B. 

      TCP / UDP Port Scanning

    • C. 

      Firewall detection

    • D. 

      OS detection

  • 5. 
    Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in Javascript and can track the customers’ activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this scenario?
    • A. 

      External scripts increase the outbound company data traffic which leads to greater financial losses

    • B. 

      External scripts have direct access to the company servers and can steal the data from there

    • C. 

      External script contents could be maliciously modified without the security team knowledge

    • D. 

      There is no risk at all as the marketing services are trustworthy

  • 6. 
    What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
    • A. 

      Grey-box

    • B. 

      White-box

    • C. 

      Black-box

    • D. 

      Announced

  • 7. 
    A hacker named Jack is trying to compromise a bank’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?
    • A. 

      IDLE/IPID Scanning

    • B. 

      Banner Grabbing

    • C. 

      UDP Scanning

    • D. 

      SSDP Scanning

  • 8. 
    Which of the following provides a security professional with most information about the system's security posture?
    • A. 

      Social engineering, company site browsing, tailgating

    • B. 

      Phishing, spamming, sending trojans

    • C. 

      Port scanning, banner grabbing, service identification

    • D. 

      Wardriving, warchalking, social engineering

  • 9. 
    You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
    • A. 

      Nmap -sT -O -T0

    • B. 

      Nmap -sP -p-65535 -T5

    • C. 

      Nmap -A -Pn

    • D. 

      Nmap -A —host-timeout 99 -T1

  • 10. 
    Which of the following is an adaptive SQL injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
    • A. 

      Dynamic Testing

    • B. 

      Function Testing

    • C. 

      Fuzzing Testing

    • D. 

      Static Testing

  • 11. 
    Cross-site request forgery involves:
    • A. 

      A browser making a request to a server without the user’s knowledge

    • B. 

      A request sent by a malicious user from a browser to a server

    • C. 

      A server making a request to another server without the user’s knowledge

    • D. 

      Modification of a request by a proxy between client and server

  • 12. 
    A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
    • A. 

      Exclamation mark

    • B. 

      Semicolon

    • C. 

      Double quote

    • D. 

      Single quote

  • 13. 
    A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
    • A. 

      Allocate funds for staffing of audit log review

    • B. 

      Perform a vulnerability scan of the system

    • C. 

      Perform a cost/benefit analysis of the audit feature

    • D. 

      Determine the impact of enabling the audit feature

  • 14. 
    The following is a part of a log file taken from the machine on the network with the IP address of 192.168.0.110: Time:June 16 17:30:15 Port:20 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:17 Port:21 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:19 Port:22 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:21 Port:23 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:22 Port:25 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:23 Port:80 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP What type of activity has been logged?
    • A. 

      Denial-of-Service attack targeting 192.168.0.105

    • B. 

      Teardrop attack targeting 192.168.0.110

    • C. 

      Port scan targeting 192.168.0.110

    • D. 

      Port scan targeting 192.168.0.105

  • 15. 
    Why is a penetration test considered to be more thorough than vulnerability scan?
    • A. 

      A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.

    • B. 

      Vulnerability scans only do host discovery and port scanning by default.

    • C. 

      The tools used by penetration testers tend to have much more comprehensive vulnerability databases.

    • D. 

      It is not - a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.

  • 16. 
    Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics:- Verifies success or failure of an attack- Monitors System Activities- Detects attacks that a network based IDS fail to detect- Near real time detection and response- Does not require additional hardware- Lower entry cost Which type of IDS is best suited for Tremp's requirements?
    • A. 

      Network based IDS

    • B. 

      Gateway based IDS

    • C. 

      Host based IDS

    • D. 

      Open source based IDS

  • 17. 
    Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that another security risk assessment was performed showing that risk has decreased to 10%.The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with most business profit?
    • A. 

      Introduce more controls to bring risk to 0%

    • B. 

      Mitigate the risk

    • C. 

      Accept the risk

    • D. 

      Avoid the risk

  • 18. 
    Darius is analysing logs from IDS. He want to understand what have triggered one alert and verify if it's true positive or false positive. Looking at the logs he copy and paste basic details like below: source IP: 192.168.21.100 source port: 80 destination IP: 192.168.10.23 destination port: 63221 What is the most proper answer:
    • A. 

      This is most probably true positive which triggered on secure communication between client and server.

    • B. 

      This is most probably false-positive because IDS is monitoring one direction traffic.

    • C. 

      This is most probably false-positive, because an alert triggered on reversed traffic.

    • D. 

      This is most probably true negative.

  • 19. 
    Which of the following algorithms is used for Kerberos encryption? 
    • A. 

      ECC

    • B. 

      DSA

    • C. 

      DES

    • D. 

      RSA

  • 20. 
    Which of the following techniques are NOT relevant in preventing arp spoof attack?
    • A. 

      Kernel based patches

    • B. 

      Static MAC Entries

    • C. 

      Arpwatch

    • D. 

      Secure ARP Protocol

  • 21. 
    Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?
    • A. 

      He already has admin privileges, as shown by the "501" at the end of the SID.

    • B. 

      He needs to disable antivirus protection.

    • C. 

      He needs to gain physical access.

    • D. 

      He must perform privilege escalation.

  • 22. 
    The I.T. Helpdesk at XYZ Company has begun receiving several phone calls from concerned staff regarding a suspicious email they have received.  One employee has forwarded a copy of the suspicous email to you for further investigation. Your manager is asking for immediate information to determine if this is a phishing attack. The email message looks like this: From: [email protected] To: [email protected] Date: 4/10/17 2:35pm Subject:New corporate HR sign up today! Priority: High You want to quickly determine who sent this email message so you look at the envelope headers and see this information: Received from unknown (209.85.213.50) by mail.xyzcompany.com id 2BqvU15YHBK; 10 Apr 2017 14:33:50 You perform a DNS query to determine more information about 209.85.213.50 but no record is found. What web site will allow you to quickly find out more information about 209.85.213.50 including the owner of the IP address?
    • A. 

      Http://www.tucowsdomains.com/whois

    • B. 

      Https://whois.arin.net

    • C. 

      Https://www.networksolutions.com/whois

    • D. 

      Https://www.godaddy.com/whois

  • 23. 
    Which utility will tell you in real time which ports are listening or in another state?
    • A. 

      Netstat

    • B. 

      TCPView

    • C. 

      Loki

    • D. 

      Nmap

  • 24. 
    When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?
    • A. 

      Data items and vulnerability scanning

    • B. 

      Interviewing employees and network engineers

    • C. 

      Reviewing the firewalls configuration

    • D. 

      Source code review

  • 25. 
    A Multihomed firewall has a minimum of how many network connections?
    • A. 

      4

    • B. 

      5

    • C. 

      2

    • D. 

      3

Back to Top Back to top