The Ultimate Fundamentals Of Networking Test!

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Terry519vx

Terry519vx

Community Contributor

Quizzes Created: 2 | Total Attempts: 1,838

Questions: 102 | Attempts: 692 | Updated: Mar 22, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

The Ultimate Fundamentals Of Networking Test! - Quiz

Questions and Answers

1.

What is the purpose of a demilitarized zone on a network?
- A.
  
  To only provide direct access to the nodes within the DMZ and protect the network behind it
- B.
  
  To provide a place to put the honeypot
- C.
  
  To scan all traffic coming through the DMZ to the internal network
- D.
  
  To contain the network devices you wish to protect
Correct Answer
A. To only provide direct access to the nodes within the DMZ and protect the network behind it

Explanation
A demilitarized zone (DMZ) on a network serves the purpose of providing direct access to the nodes within the DMZ while also protecting the network behind it. It acts as a buffer zone between the internal network and the external network, allowing for controlled access to certain resources. By placing servers or services that need to be accessed by external entities in the DMZ, the internal network is shielded from potential threats. This setup ensures that any malicious activity originating from the DMZ does not directly impact the internal network, enhancing overall network security.

Rate this question:
2.

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?
- A.
  
  Snort
- B.
  
  Nmap
- C.
  
  Cain & Able
- D.
  
  Nessus
Correct Answer
A. Snort

Explanation
Snort would be the most likely tool to select because it is a versatile network security tool that can perform network intrusion prevention and intrusion detection. It can also function as a network sniffer, capturing and analyzing network traffic. Additionally, Snort has the capability to record network activity, making it a comprehensive tool for network security monitoring and analysis.

Rate this question:

1
0
3.

In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?
- A.
  
  Double Hashing
- B.
  
  Keyed Hashing
- C.
  
  Salting
- D.
  
  Key Stretching
Correct Answer
C. Salting

Explanation
Salting is a password protection technique where random strings of characters are added to the password before calculating their hashes. This adds an extra layer of security by making it difficult for attackers to guess the password through methods like rainbow table attacks. The salted password is then stored in the database, along with the salt value used. When a user tries to authenticate, the entered password is salted with the same value and compared with the stored salted password. If they match, the user is granted access.

Rate this question:
4.

Which is the first step followed by Vulnerability Scanners for scanning a network?
- A.
  
  Checking if the remote host is alive
- B.
  
  TCP / UDP Port Scanning
- C.
  
  Firewall detection
- D.
  
  OS detection
Correct Answer
A. Checking if the remote host is alive

Explanation
Vulnerability scanners start by checking if the remote host is alive before proceeding with any other scans. This step is important because if the host is not active or accessible, further scanning will be pointless. By checking the host's availability, the vulnerability scanner ensures that it can establish a connection and communicate with the target system before continuing with more extensive network scanning activities.

Rate this question:
5.

Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in Javascript and can track the customers’ activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this scenario?
- A.
  
  External scripts increase the outbound company data traffic which leads to greater financial losses
- B.
  
  External scripts have direct access to the company servers and can steal the data from there
- C.
  
  External script contents could be maliciously modified without the security team knowledge
- D.
  
  There is no risk at all as the marketing services are trustworthy
Correct Answer
C. External script contents could be maliciously modified without the security team knowledge

Explanation
The main security risk associated with this scenario is that the external script contents could be maliciously modified without the security team's knowledge. Since the marketing tools are located on the servers of the marketing company, the web-site developers have no control over the scripts. This leaves the possibility for attackers to modify the scripts and inject malicious code, potentially leading to data breaches or other security vulnerabilities. The security team's monthly reviews may not be sufficient to detect such modifications, making it a significant risk.

Rate this question:
6.

What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
- A.
  
  Grey-box
- B.
  
  White-box
- C.
  
  Black-box
- D.
  
  Announced
Correct Answer
A. Grey-box

Explanation
Grey-box analysis is performed when an attacker has partial knowledge of the inner-workings of the application. In this type of analysis, the attacker has some limited information about the system, such as access to the application's interface or documentation. This allows them to gain a deeper understanding of the application's behavior and vulnerabilities, which can be used to exploit and compromise the system. Grey-box analysis combines elements of both black-box (no knowledge) and white-box (full knowledge) analysis, making it a valuable technique for attackers seeking to exploit vulnerabilities in a targeted application.

Rate this question:
7.

A hacker named Jack is trying to compromise a bank’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?
- A.
  
  IDLE/IPID Scanning
- B.
  
  Banner Grabbing
- C.
  
  UDP Scanning
- D.
  
  SSDP Scanning
Correct Answer
B. Banner Grabbing

Explanation
Banner grabbing is a process that would help the hacker named Jack to determine the operating system of the bank's computer system. By analyzing the banners, which are information sent by the operating system, Jack can identify the specific operating system being used. This knowledge will enable him to launch further attacks targeted towards the vulnerabilities of that operating system.

Rate this question:
8.

Which of the following provides a security professional with most information about the system's security posture?
- A.
  
  Social engineering, company site browsing, tailgating
- B.
  
  Phishing, spamming, sending trojans
- C.
  
  Port scanning, banner grabbing, service identification
- D.
  
  Wardriving, warchalking, social engineering
Correct Answer
C. Port scanning, banner grabbing, service identification

Explanation
Port scanning, banner grabbing, and service identification provide a security professional with the most information about the system's security posture. Port scanning involves scanning a system's network ports to identify open ports and potential vulnerabilities. Banner grabbing involves collecting information from network services such as web servers to gather details about the system. Service identification involves determining the specific services running on a system, which can help identify potential vulnerabilities or misconfigurations. These techniques provide valuable information for assessing and improving the security of a system.

Rate this question:
9.

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
- A.
  
  Nmap -sT -O -T0
- B.
  
  Nmap -sP -p-65535 -T5
- C.
  
  Nmap -A -Pn
- D.
  
  Nmap -A —host-timeout 99 -T1
Correct Answer
A. Nmap -sT -O -T0

Explanation
The command "nmap -sT -O -T0" would result in a scan of common ports with the least amount of noise in order to evade IDS. The "-sT" flag specifies a TCP connect scan, which is less likely to be detected by IDS compared to other scan types. The "-O" flag enables OS detection, which can provide additional information about the target system without generating additional noise. The "-T0" flag sets the timing template to the slowest possible value, reducing the likelihood of detection by IDS.

Rate this question:
10.

Which of the following is an adaptive SQL injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
- A.
  
  Dynamic Testing
- B.
  
  Function Testing
- C.
  
  Fuzzing Testing
- D.
  
  Static Testing
Correct Answer
C. Fuzzing Testing

Explanation
Fuzzing testing is an adaptive SQL injection testing technique that involves inputting large amounts of random data to identify coding errors. By observing the changes in the output, developers can discover vulnerabilities and potential security flaws in the system. This technique helps to simulate real-world scenarios and test the resilience of the system against unexpected inputs. Fuzzing testing is an effective method to identify and fix coding errors, ensuring the security and stability of the SQL application.

Rate this question:
11.

Cross-site request forgery involves:
- A.
  
  A browser making a request to a server without the user’s knowledge
- B.
  
  A request sent by a malicious user from a browser to a server
- C.
  
  A server making a request to another server without the user’s knowledge
- D.
  
  Modification of a request by a proxy between client and server
Correct Answer
A. A browser making a request to a server without the user’s knowledge

Explanation
Cross-site request forgery (CSRF) involves a browser making a request to a server without the user's knowledge. This means that an attacker can exploit the trust between a user and a website to perform unauthorized actions on behalf of the user. The attacker tricks the user's browser into making a request to a vulnerable website, which then executes the request as if it came from the user. This can lead to various malicious activities, such as changing account settings, making financial transactions, or deleting data, without the user's consent or knowledge.

Rate this question:
12.

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
- A.
  
  Exclamation mark
- B.
  
  Semicolon
- C.
  
  Double quote
- D.
  
  Single quote
Correct Answer
D. Single quote

Explanation
The tester should use a single quote as the first character to attempt breaking a valid SQL request. This is because SQL injection involves inserting malicious SQL code into input fields, and using a single quote can help the tester determine if the application is vulnerable to such attacks. By inputting a single quote, the tester can check if the application's response indicates a potential vulnerability, such as displaying error messages or returning unexpected results.

Rate this question:

1
0
13.

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
- A.
  
  Allocate funds for staffing of audit log review
- B.
  
  Perform a vulnerability scan of the system
- C.
  
  Perform a cost/benefit analysis of the audit feature
- D.
  
  Determine the impact of enabling the audit feature
Correct Answer
D. Determine the impact of enabling the audit feature

Explanation
Before enabling the audit feature, the bank should first determine the impact of enabling it. This step is important as it allows the bank to assess the potential consequences of enabling the audit feature on their system. By understanding the impact, the bank can evaluate any potential risks, benefits, and requirements associated with enabling auditing. This will help them make an informed decision and take necessary precautions to ensure the security and privacy of the sensitive information stored and processed in relation to home loans.

Rate this question:
14.

The following is a part of a log file taken from the machine on the network with the IP address of 192.168.0.110: Time:June 16 17:30:15 Port:20 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:17 Port:21 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:19 Port:22 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:21 Port:23 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:22 Port:25 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP Time:June 16 17:30:23 Port:80 Source:192.168.0.105 Destination:192.168.0.110 Protocol:TCP What type of activity has been logged?
- A.
  
  Denial-of-Service attack targeting 192.168.0.105
- B.
  
  Teardrop attack targeting 192.168.0.110
- C.
  
  Port scan targeting 192.168.0.110
- D.
  
  Port scan targeting 192.168.0.105
Correct Answer
C. Port scan targeting 192.168.0.110

Explanation
The log file shows a series of connections being made to different ports on the IP address 192.168.0.110. This indicates a port scan, which is an activity where an attacker systematically scans a target IP address for open ports. In this case, the source IP address is 192.168.0.105, suggesting that it is the one performing the port scan. Therefore, the correct answer is "Port scan targeting 192.168.0.110."

Rate this question:
15.

Why is a penetration test considered to be more thorough than vulnerability scan?
- A.
  
  A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.
- B.
  
  Vulnerability scans only do host discovery and port scanning by default.
- C.
  
  The tools used by penetration testers tend to have much more comprehensive vulnerability databases.
- D.
  
  It is not - a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.
Correct Answer
A. A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.

Explanation
A penetration test is considered to be more thorough than a vulnerability scan because it actively exploits vulnerabilities in the targeted infrastructure. This means that the penetration test goes beyond just identifying vulnerabilities, but also attempts to exploit them to assess the potential impact and consequences. On the other hand, a vulnerability scan typically only involves identifying vulnerabilities through host discovery and port scanning, without actively exploiting them. Additionally, penetration testing tools often have more comprehensive vulnerability databases, allowing for a more thorough assessment of the system's security.

Rate this question:
16.

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics:- Verifies success or failure of an attack- Monitors System Activities- Detects attacks that a network based IDS fail to detect- Near real time detection and response- Does not require additional hardware- Lower entry cost Which type of IDS is best suited for Tremp's requirements?
- A.
  
  Network based IDS
- B.
  
  Gateway based IDS
- C.
  
  Host based IDS
- D.
  
  Open source based IDS
Correct Answer
C. Host based IDS

Explanation
A host-based IDS is best suited for Tremp's requirements because it verifies the success or failure of an attack, monitors system activities, and detects attacks that a network-based IDS may fail to detect. Additionally, a host-based IDS provides near real-time detection and response, does not require additional hardware, and has a lower entry cost compared to other types of IDSs.

Rate this question:
17.

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that another security risk assessment was performed showing that risk has decreased to 10%.The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with most business profit?
- A.
  
  Introduce more controls to bring risk to 0%
- B.
  
  Mitigate the risk
- C.
  
  Accept the risk
- D.
  
  Avoid the risk
Correct Answer
C. Accept the risk

Explanation
Accepting the risk would be the best decision for the project in terms of its successful continuation with the most business profit. This is because the risk has decreased to 10%, which is below the risk threshold of 20%. Introducing more controls to bring the risk to 0% may not be cost-effective or necessary since the risk is already within an acceptable range. Mitigating the risk may also not be necessary as it is already below the risk threshold. Avoiding the risk may not be feasible or practical for the project.

Rate this question:
18.

Darius is analysing logs from IDS. He want to understand what have triggered one alert and verify if it's true positive or false positive. Looking at the logs he copy and paste basic details like below: source IP: 192.168.21.100 source port: 80 destination IP: 192.168.10.23 destination port: 63221 What is the most proper answer:
- A.
  
  This is most probably true positive which triggered on secure communication between client and server.
- B.
  
  This is most probably false-positive because IDS is monitoring one direction traffic.
- C.
  
  This is most probably false-positive, because an alert triggered on reversed traffic.
- D.
  
  This is most probably true negative.
Correct Answer
C. This is most probably false-positive, because an alert triggered on reversed traffic.

Explanation
The given answer suggests that the alert triggered on reversed traffic, which indicates that the source and destination IP addresses and ports are switched. This implies that the IDS detected suspicious activity from the destination IP and port (192.168.10.23:63221) towards the source IP and port (192.168.21.100:80), which is unusual and may be a false positive.

Rate this question:
19.

Which of the following algorithms is used for Kerberos encryption?
- A.
  
  ECC
- B.
  
  DSA
- C.
  
  DES
- D.
  
  RSA
Correct Answer
C. DES

Explanation
DES (Data Encryption Standard) is the correct answer for this question. DES is a symmetric encryption algorithm that is used in the Kerberos protocol for encrypting and decrypting data. It is a widely used encryption algorithm known for its security and efficiency. DES uses a 56-bit key to encrypt and decrypt data in blocks of 64 bits. It has been widely used in various applications, including network security protocols like Kerberos.

Rate this question:
20.

Which of the following techniques are NOT relevant in preventing arp spoof attack?
- A.
  
  Kernel based patches
- B.
  
  Static MAC Entries
- C.
  
  Arpwatch
- D.
  
  Secure ARP Protocol
Correct Answer
A. Kernel based patches

Explanation
Kernel based patches are not relevant in preventing ARP spoof attacks because they are not specifically designed to address this type of attack. Kernel based patches typically focus on fixing vulnerabilities and improving the performance of the operating system's kernel, but they do not directly deal with preventing ARP spoofing. Other techniques mentioned, such as static MAC entries, arpwatch, and secure ARP protocol, are more relevant in preventing ARP spoof attacks.

Rate this question:
21.

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?
- A.
  
  He already has admin privileges, as shown by the "501" at the end of the SID.
- B.
  
  He needs to disable antivirus protection.
- C.
  
  He needs to gain physical access.
- D.
  
  He must perform privilege escalation.
Correct Answer
D. He must perform privilege escalation.

Explanation
Before Matthew has full administrator access, he must perform privilege escalation. Although he already has admin privileges, as indicated by the "501" at the end of the SID, this does not grant him full administrator access. Privilege escalation is the process of gaining higher levels of access or privileges than originally granted, allowing Matthew to have complete control and unrestricted access to the system.

Rate this question:
22.

The I.T. Helpdesk at XYZ Company has begun receiving several phone calls from concerned staff regarding a suspicious email they have received. One employee has forwarded a copy of the suspicous email to you for further investigation. Your manager is asking for immediate information to determine if this is a phishing attack. The email message looks like this: From: [email protected] To: [email protected] Date: 4/10/17 2:35pm Subject:New corporate HR sign up today! Priority: High You want to quickly determine who sent this email message so you look at the envelope headers and see this information: Received from unknown (209.85.213.50) by mail.xyzcompany.com id 2BqvU15YHBK; 10 Apr 2017 14:33:50 You perform a DNS query to determine more information about 209.85.213.50 but no record is found. What web site will allow you to quickly find out more information about 209.85.213.50 including the owner of the IP address?
- A.
  
  Http://www.tucowsdomains.com/whois
- B.
  
  Https://whois.arin.net
- C.
  
  Https://www.networksolutions.com/whois
- D.
  
  Https://www.godaddy.com/whois
Correct Answer
B. Https://whois.arin.net

Explanation
The correct answer is https://whois.arin.net. This website is a reliable source for performing a WHOIS query to find information about IP addresses. By entering 209.85.213.50 into the search field, you can quickly obtain details about the owner of the IP address, which will help in determining if the email is part of a phishing attack or not.

Rate this question:
23.

Which utility will tell you in real time which ports are listening or in another state?
- A.
  
  Netstat
- B.
  
  TCPView
- C.
  
  Loki
- D.
  
  Nmap
Correct Answer
A. Netstat

Explanation
Netstat is a utility that provides information about network connections and listening ports on a computer. It displays a list of active connections, including the protocol, local and remote IP addresses, and the state of each connection. By using Netstat, users can see which ports are open and actively listening for incoming connections, as well as identify any suspicious or unauthorized connections. This real-time information is useful for network troubleshooting, monitoring network activity, and ensuring the security of a computer or network. TCPView, Loki, and Nmap are also network monitoring tools, but Netstat specifically focuses on displaying real-time information about listening ports.

Rate this question:
24.

When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?
- A.
  
  Data items and vulnerability scanning
- B.
  
  Interviewing employees and network engineers
- C.
  
  Reviewing the firewalls configuration
- D.
  
  Source code review
Correct Answer
A. Data items and vulnerability scanning

Explanation
To determine inconsistencies in the secure assets database and verify system compliance to the minimum security baseline, a security analyst should perform data items and vulnerability scanning. This involves analyzing the data items within the secure assets database to identify any inconsistencies or discrepancies. Additionally, vulnerability scanning helps to identify any potential weaknesses or vulnerabilities within the system that may pose a security risk. By conducting these assessments, the security analyst can ensure that the system is in line with the minimum security baseline and address any issues that may compromise its security.

Rate this question:
25.

A Multihomed firewall has a minimum of how many network connections?
- A.
  
  4
- B.
  
  5
- C.
  
  2
- D.
  
  3
Correct Answer
C. 2

Explanation
A multihomed firewall is a firewall that is connected to multiple networks. In order to be considered multihomed, it must have at least two network connections. This allows the firewall to filter and control traffic between the different networks, providing an added layer of security. Therefore, the correct answer is 2.

Rate this question:

1
1
26.

What does the -oX flag do in an Nmap scan?
- A.
  
  Output the results in XML format to a file
- B.
  
  Perform a Xmas scan
- C.
  
  Perform an eXpress scan
- D.
  
  Output the results in truncated format to the screen
Correct Answer
A. Output the results in XML format to a file

Explanation
The -oX flag in an Nmap scan is used to output the results in XML format to a file. This allows for easier parsing and analysis of the scan results using various tools. XML format provides a structured and standardized way to store and exchange data, making it a suitable choice for storing Nmap scan results. By using the -oX flag, the user can specify the name and location of the output file where the XML-formatted results will be saved.

Rate this question:
27.

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
- A.
  
  FTPS
- B.
  
  SSL
- C.
  
  IPsec
- D.
  
  SFTP
Correct Answer
C. IPsec

Explanation
IPsec is a layer 3 protocol that provides end-to-end encryption of the connection. It operates at the network layer of the OSI model and can be used to encrypt data at the IP packet level, ensuring that all traffic passing through the network is secure. While FTP does not provide encryption by default, IPsec can be implemented to encrypt the FTP traffic, providing a secure connection between the client and server.

Rate this question:
28.

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP doesn't encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?
- A.
  
  FORCETLS
- B.
  
  STARTTLS
- C.
  
  UPGRADETLS
- D.
  
  OPPORTUNISTICTLS
Correct Answer
B. STARTTLS

Explanation
SMTP uses the command "STARTTLS" to initiate a secure connection between two mail servers and transmit email over TLS. This command allows SMTP to upgrade the connection and encrypt the email, ensuring that the information in the message is protected and cannot be read by unauthorized individuals.

Rate this question:
29.

You are performing a penetration test for a client, and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain. If the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?
- A.
  
  List domain=abccorp.local type=zone
- B.
  
  List server=192.168.10.2 type=all
- C.
  
  Ls -d abccorp.local
- D.
  
  Lserver 192.168.10.2 -t all select
Correct Answer
C. Ls -d abccorp.local

Explanation
The command "ls -d abccorp.local" is used to attempt a zone transfer in nslookup. A zone transfer is a mechanism used to replicate DNS records from a primary DNS server to a secondary DNS server. By typing this command, the tester is requesting the DNS server at 192.168.10.2 to provide all DNS records for the abccorp.local domain, which can be useful for further analysis and exploitation during the penetration test.

Rate this question:
30.

While scanning with Nmap, Patin found several hosts which have the IP ID sequence of incremental. He then decided to conduct: nmap -Pn -p- -sI kiosk.adobe.com www.riaa.com Whereas kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-sI" with Nmap?
- A.
  
  Conduct ICMP scan
- B.
  
  Conduct stealth scan
- C.
  
  Conduct silent scan
- D.
  
  Conduct IDLE scan
Correct Answer
D. Conduct IDLE scan

Explanation
The purpose of using "-sI" with Nmap is to conduct an IDLE scan. IDLE scanning is a stealthy method of scanning that allows the attacker to use a third-party system as a proxy to scan a target network. By using a host with an incremental IP ID sequence (in this case, kiosk.adobe.com), the attacker can send spoofed packets to the target network, and the responses from the target network will be sent to the host with the incremental IP ID sequence. This allows the attacker to gather information about the target network without directly interacting with it, making it difficult to detect.

Rate this question:
31.

Clara, a black hat, has connected her Linux laptop to an Ethernet jack in the E-Corp reception area. She types "ip route" at a terminal and receives the following output, realizing that she's still connected to a WiFi network across the street. If she were to attack a host at 192.168.100.250, out of which interface would the traffic exit? default via 192.168.100.1 dev wlp5s0 src 192.168.100.156 metric 202 default via 192.168.96.1 dev enp5s0u1 src 192.168.100.54 metric 600 192.168.100.0/24 dev wlp5s0 proto kernel scope link src 192.168.100.156 metric 202 192.168.96.0/21 dev enp5s0u1 proto kernel scope link src 192.168.100.54 metric 600
- A.
  
  Wlan0
- B.
  
  Wlp5s0
- C.
  
  Default
- D.
  
  Enp5s0u1
Correct Answer
B. Wlp5s0

Explanation
The traffic would exit through the interface "wlp5s0" because it is the interface associated with the WiFi network that Clara is currently connected to. This can be determined from the "ip route" output where the line "default via 192.168.100.1 dev wlp5s0 src 192.168.100.156 metric 202" indicates that the default route for internet traffic is through the "wlp5s0" interface.

Rate this question:
32.

What is the known plaintext attack used against DES which results in the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?
- A.
  
  Man-in-the-middle attack
- B.
  
  Traffic analysis attack
- C.
  
  Replay attack
- D.
  
  Meet-in-the-middle attack
Correct Answer
D. Meet-in-the-middle attack

Explanation
A meet-in-the-middle attack is a known plaintext attack that exploits the vulnerability of using two DES keys in sequence. In this attack, the attacker encrypts the plaintext with one key and stores the intermediate result. Then, they decrypt the ciphertext with another key and stores the intermediate result. By comparing the two intermediate results, the attacker can find the matching pair of keys that produce the same result. This attack reduces the effective key size, making it no more secure than using a single key.

Rate this question:
33.

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____ database structure instead of SQL's _____ structure. Because of this, LDAP has difficulty representing many-to-one relationships.
- A.
  
  Relational, Hierarchical
- B.
  
  Strict, Abstract
- C.
  
  Simple, Complex
- D.
  
  Hierarchical, Relational
Correct Answer
D. Hierarchical, Relational

Explanation
LDAP uses a hierarchical database structure instead of SQL's relational structure. In a hierarchical structure, data is organized in a tree-like format with parent-child relationships, where each entry can have multiple children but only one parent. This makes it suitable for representing one-to-many relationships. On the other hand, SQL databases use a relational structure where data is organized in tables with rows and columns, allowing for many-to-one relationships. Therefore, LDAP has difficulty representing many-to-one relationships due to its hierarchical database structure.

Rate this question:
34.

Which of the following DoS tools is used to attack targets web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.
- A.
  
  MyDoom
- B.
  
  LOIC
- C.
  
  R-U-Dead-Yet? (RUDY)
- D.
  
  Stacheldraht
Correct Answer
C. R-U-Dead-Yet? (RUDY)

Explanation
R-U-Dead-Yet? (RUDY) is the correct answer because it is a Denial of Service (DoS) tool specifically designed to target web applications by starving the available sessions on the web server. It achieves this by keeping sessions at a halt using never-ending POST transmissions and sending an arbitrarily large content-length header value. This overwhelms the server and prevents it from serving legitimate user requests, effectively causing a denial of service.

Rate this question:
35.

You have successfully logged on a Linux system. You want now to cover you tracks. Your login attempt may be logged on several files located in /var/log. Which file does NOT belongs to the list:
- A.
  
  Auth.log
- B.
  
  Wtmp
- C.
  
  Btmp
- D.
  
  User.log
Correct Answer
D. User.log

Explanation
The file "user.log" does not belong to the list because it is not a standard log file in Linux systems. The other files mentioned, such as "auth.log," "wtmp," and "btmp," are commonly used to log authentication and login activities. However, "user.log" is not a standard log file name and is not typically used for logging login attempts.

Rate this question:

0
1
36.

Nedved is an IT Security Manager of a Bank in his country. One day, he found out that there is a security breach to his company's email server based on analysis of a suspicious connection from the email server to an unknown IP Address. What is the first thing that Nedved needs to do before contacting the incident response team?
- A.
  
  Migrate the connection to the backup email server
- B.
  
  Leave it be and contacts the incident response team right away
- C.
  
  DIsconnects the email server from the network
- D.
  
  Blocks the connection to the suspicious IP Address from the firewall
Correct Answer
B. Leave it be and contacts the incident response team right away

Explanation
Nedved should leave the suspicious connection as it is and immediately contact the incident response team. This is because the incident response team is specialized in handling security breaches and will have the necessary expertise to investigate and mitigate the situation effectively. Disconnecting the email server or blocking the connection without proper analysis may hinder the investigation process and potentially cause further damage. Migrating the connection to the backup email server is not the immediate priority as resolving the security breach takes precedence.

Rate this question:
37.

A pen tester is configuring a windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?
- A.
  
  Winpsw
- B.
  
  Winprom
- C.
  
  Libpcap
- D.
  
  Winpcap
Correct Answer
D. Winpcap

Explanation
To allow the NIC to work in promiscuous mode while setting up Wireshark on a Windows laptop, the required river and library are Winpcap. Winpcap is a packet capture library that enables applications to capture and transmit network packets. It provides low-level access to network interfaces and allows Wireshark to capture all network traffic on the network interface, including packets not addressed to the laptop itself.

Rate this question:
38.

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
- A.
  
  Msfencode
- B.
  
  Msfpayload
- C.
  
  Msfcli
- D.
  
  Msfd
Correct Answer
A. Msfencode

Explanation
Msfencode is a Metasploit Framework tool that can help penetration testers evade anti-virus systems. It is used to encode payloads, making them undetectable by anti-virus software. By encoding the payload, it changes the signature of the file, bypassing the anti-virus detection and allowing the penetration tester to deliver the payload without being detected. This tool is commonly used in penetration testing to assess the effectiveness of an organization's anti-virus defenses.

Rate this question:
39.

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.
- A.
  
  Nmap -sn -sF 10.1.0.0/16 445
- B.
  
  Nmap -p 445 -n -T4 --open 10.1.0.0/16
- C.
  
  Nmap -s 445 -sU -T5 10.1.0.0/16
- D.
  
  Nmap -p 445 --max -Pn 10.1.0.0/16
Correct Answer
B. Nmap -p 445 -n -T4 --open 10.1.0.0/16

Explanation
The fastest way for Trinity to scan all hosts on a /16 network for TCP port 445 only is by using the command "nmap -p 445 -n -T4 --open 10.1.0.0/16". This command specifies the port to be scanned (-p 445), disables DNS resolution (-n), sets the timing template to aggressive (-T4), and only shows open ports (--open).

Rate this question:
40.

Darius just received a call: Unknown Caller: Hello, my name is Rashad and i'm security engineer from Microsoft Corporation. We have observed suspicious activity originating from your system and we would like to stop this threat. To do so I would ask you to install some updates on your system. Would you prefer to send me you link or an attachment within email? Darius: Hello, please send me an email with the attachment at [email protected] Unknow Caller: Thank you for your cooperation i'm sending instruction and all files. What Darius just faced?
- A.
  
  Just normal call from Microsoft Cyberdivision
- B.
  
  Social Engineering Attack
- C.
  
  Tailgating
- D.
  
  Piggybacking
Correct Answer
B. Social Engineering Attack

Explanation
Darius just faced a social engineering attack. In this scenario, the caller claimed to be a security engineer from Microsoft Corporation and manipulated Darius into believing that there was suspicious activity on his system. The caller then requested Darius to install updates by either sending a link or an attachment within an email. This is a typical example of social engineering, where the attacker deceives the victim into taking actions that compromise their security.

Rate this question:
41.

You are analysing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?
- A.
  
  Sudo tshark -f "net 192.168.8.0/24"
- B.
  
  Tshark -net 192.255.255.255 mask 192.168.8.0
- C.
  
  Wireshark --fetch "192.168.8. "
- D.
  
  Wireshark --capture --local --masked 192.168.8.0 --range 24
Correct Answer
D. Wireshark --capture --local --masked 192.168.8.0 --range 24

Explanation
The correct answer is "wireshark --capture --local --masked 192.168.8.0 --range 24". This command will run a capture against a specific set of IPs, in this case, the IP range 192.168.8.0/24. The "--capture" flag indicates that a capture should be performed, the "--local" flag specifies that the capture should be performed on the local machine, the "--masked" flag specifies the IP range to capture, and the "--range" flag specifies the range of IPs to capture, in this case, 24.

Rate this question:
42.

In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?
- A.
  
  Vulnerabilities in the application layer are greatly different from IPv4
- B.
  
  Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addressed
- C.
  
  Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.
- D.
  
  Implementing IPv4 security in a dual-stack network offers protection from IPv6 atttacks too.
Correct Answer
C. Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.

Explanation
The major difference concerning application layer vulnerabilities in IPv6 compared to IPv4 is that vulnerabilities in the application layer are independent of the network layer. This means that the vulnerabilities and the techniques used to mitigate them are almost identical in both IPv6 and IPv4. This implies that the security measures built into IPv6 do not necessarily address application layer vulnerabilities, and implementing IPv4 security in a dual-stack network can also provide protection from IPv6 attacks.

Rate this question:
43.

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?
- A.
  
  Application
- B.
  
  Session
- C.
  
  Transport
- D.
  
  Presentation
Correct Answer
A. Application

Explanation
In the context of PKI (Public Key Infrastructure), the encryption and decryption of the sensitive email message take place at the Application layer of the OSI model. The Application layer is responsible for providing network services to the user and enables applications to access the network. In this case, the email application is utilizing PKI to secure the message, which involves encrypting the email at the sender's end and decrypting it at the receiver's end. This ensures that only user B, the intended recipient, can read the sensitive email.

Rate this question:

0
2
44.

Which TCP scanning method is unlikely to set off network IDS?
- A.
  
  TCP connect scan
- B.
  
  TCP ACK scan
- C.
  
  TCP SYN scan
- D.
  
  TCP FIN scan
Correct Answer
C. TCP SYN scan

Explanation
A TCP SYN scan is unlikely to set off network IDS because it only completes the TCP handshake process up to the SYN/ACK stage. It sends a SYN packet to the target host and waits for a response. If the port is open, the target host will respond with a SYN/ACK packet, indicating that the port is open and ready for a connection. However, the TCP SYN scan does not complete the handshake by sending an ACK packet, which is typically required to establish a full connection. This incomplete handshake makes it difficult for network IDS to detect the scan as it appears more like a normal connection attempt rather than a scan.

Rate this question:
45.

At 2:05pm your log monitoring tool sends an alert to the InfoSec team that a special account named dba_admin was just used. While investigating this alert, at 2:30pm your database administrator calls with information that a database extract of ten thousand records occurred around 2pm. He says this is unusual because no data extract jobs were scheduled at that time. At 2:45pm your web proxy sends an alert to the InfoSec team that someone just tried to access the underground hacker site named Data4Sale.com. After consulting on the information available so far, the Manager of Information Security, the Director of Information Technology, and the Chief Information Security Officer declare an incident. During the Evidence Gathering and Handling phase of the incident response, what is the most important thing to do?
- A.
  
  Reviewing the evidence in careful detail to identify the attacking hosts.
- B.
  
  Creating detailed notes about lessons learned from the incident.
- C.
  
  Recording the date and time when evidence is gathered, and the location where the evidence is stored.
- D.
  
  Recording what is discussed at every incident response meeting.
Correct Answer
A. Reviewing the evidence in careful detail to identify the attacking hosts.

Explanation
The most important thing to do during the Evidence Gathering and Handling phase of the incident response is to review the evidence in careful detail to identify the attacking hosts. This is crucial in order to determine the source of the attack and gather information about the attackers. By carefully examining the evidence, the InfoSec team can gather valuable insights that can help in understanding the nature of the incident and developing effective countermeasures to prevent future attacks.

Rate this question:
46.

What does mean the line 7 of the traceroute : ark@debian-lxde:~$ traceroute -n 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 192.168.2.1 0.914 ms 1.000 ms 1.054 ms 2 192.168.1.1 2.364 ms 1.983 ms 2.126 ms 3 4 193.253.85.230 2.313 ms 3.021 ms 2.848 ms 5 81.253.182.230 3.086 ms 2.868 ms 4.077 ms 6 81.253.184.82 10.248 ms 10.268 ms 10.085 ms 7 81.52.200.209 6.970 ms 81.52.200.217 6.454 ms 81.52.200.209 7.179 ms 8 81.52.186.142 6.766 ms 7.278 ms 7.206 ms 9 209.85.244.252 8.847 ms 8.644 ms 8.639 ms 10 8.8.8.8 9.289 ms 9.123 ms 9.024 ms ark@debian-lxde:~$
- A.
  
  Router 81.253.184.82 has two equivalent paths toward destination
- B.
  
  The traffic is encapsulated by a GRE tunnel between router 3 and 8
- C.
  
  The 81.58.200.217 address is a host which has redirected the traffic
- D.
  
  MPLS is used between router 6 and router 7
Correct Answer
A. Router 81.253.184.82 has two equivalent paths toward destination
47.

What is the process for allowing or blocking a specific port in the Windows firewall? (For example, TCP port 22 inbound)
- A.
  
  The firewall rule must be added from within the application that is using that port.
- B.
  
  This is not possible without installing third-party software, since Windows only allows changing firewall settings for individual applications.
- C.
  
  The only way to implement a specific rule like this is to use the "netsh" program on the command-line.
- D.
  
  A rule matching these requirements can be created in "Windows Firewall with Advanced Security", located in the Control Panel.
Correct Answer
D. A rule matching these requirements can be created in "Windows Firewall with Advanced Security", located in the Control Panel.

Explanation
To allow or block a specific port in the Windows firewall, a rule that matches the requirements can be created in "Windows Firewall with Advanced Security", which is located in the Control Panel. This means that it is possible to configure the firewall settings directly within Windows without the need for third-party software. The "netsh" program on the command-line can also be used to implement specific rules, but the correct answer focuses on the option available in the Control Panel.

Rate this question:
48.

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?
- A.
  
  Openssl_client -connect www.website.com:443
- B.
  
  Openssl_client -site www.website.com:443
- C.
  
  Openssl s_client -site www.website.com:443
- D.
  
  Openssl s_client -connect www.website.com:443
Correct Answer
D. Openssl s_client -connect www.website.com:443

Explanation
The correct answer is "openssl s_client -connect www.website.com:443". OpenSSL on Linux servers includes the command line tool "s_client" which is used to test TLS connections. The "-connect" option is used to specify the server and port to connect to, in this case, www.website.com on port 443.

Rate this question:
49.

Jim's company regularly performs backups of their critical servers. But the company can't afford to send backup tapes to an off-site vendor for long term storage and archiving. Instead Jim's company keeps the backup tapes in a safe in the office. Jim's company is audited each year, and the results from this year's audit show a risk because backup tapes aren't stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?
- A.
  
  Degauss the backup tapes and transport them in a lock box.
- B.
  
  Encrypt the backup tapes and use a courier to transport them.
- C.
  
  Encrypt the backup tapes and transport them in a lock box.
- D.
  
  Hash the backup tapes and transport them in a lock box.
Correct Answer
C. Encrypt the backup tapes and transport them in a lock box.

Explanation
The correct answer is to encrypt the backup tapes and transport them in a lock box. Encrypting the backup tapes ensures that even if they are lost or stolen during transit, the data on them cannot be accessed without the encryption key. Transporting them in a lock box adds an additional layer of physical security, preventing unauthorized access to the tapes. This combination of encryption and physical security helps to protect the sensitive data on the backup tapes while they are in transit.

Rate this question:
50.

Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like Computer Security Policy, Information Protection Policy, Information Security Policy, Network Security Policy, Physical Security Policy, Remote Access Policy, and User Account Policy.What is the main theme of the sub-policies for Information Technologies?
- A.
  
  Confidentiality, Integrity, Availability
- B.
  
  Authenticity, Integrity, Non-repudiation
- C.
  
  Authenticity, Confidentiality, Integrity
- D.
  
  Availability, Nonrepudiation, Confidentiality
Correct Answer
A. Confidentiality, Integrity, Availability

Explanation
The main theme of the sub-policies for Information Technologies is Confidentiality, Integrity, and Availability. These three principles are fundamental in ensuring the security of a system, organization, or entity. Confidentiality ensures that sensitive information is protected from unauthorized access. Integrity ensures that data remains accurate, complete, and unaltered. Availability ensures that the system or information is accessible and usable when needed. By focusing on these three aspects, the sub-policies aim to establish a secure environment for information technologies.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 22, 2023

Quiz Edited by
ProProfs Editorial Team
Sep 19, 2018

Quiz Created by
Terry519vx

The Ultimate Fundamentals Of Networking Test!

What is the purpose of a demilitarized zone on a network?

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?

In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?

Which is the first step followed by Vulnerability Scanners for scanning a network?

What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

A hacker named Jack is trying to compromise a bank’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?

Which of the following provides a security professional with most information about the system's security posture?

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

Which of the following is an adaptive SQL injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?

Cross-site request forgery involves:

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

Why is a penetration test considered to be more thorough than vulnerability scan?

Which of the following algorithms is used for Kerberos encryption?

Which of the following techniques are NOT relevant in preventing arp spoof attack?

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

Which utility will tell you in real time which ports are listening or in another state?

When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A Multihomed firewall has a minimum of how many network connections?

What does the -oX flag do in an Nmap scan?

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

While scanning with Nmap, Patin found several hosts which have the IP ID sequence of incremental. He then decided to conduct: nmap -Pn -p- -sI kiosk.adobe.com www.riaa.com Whereas kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-sI" with Nmap?

What is the known plaintext attack used against DES which results in the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____ database structure instead of SQL's _____ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

Which of the following DoS tools is used to attack targets web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.

You have successfully logged on a Linux system. You want now to cover you tracks. Your login attempt may be logged on several files located in /var/log. Which file does NOT belongs to the list:

A pen tester is configuring a windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

You are analysing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

Which TCP scanning method is unlikely to set off network IDS?

What is the process for allowing or blocking a specific port in the Windows firewall? (For example, TCP port 22 inbound)

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _ database structure instead of SQL's _ structure. Because of this, LDAP has difficulty representing many-to-one relationships.