NVST TEST 3

1.

1 point

*The objectives of port scanning are generally to identify one or more of the following:
i. Open ports
ii. Host operating system
iii. Software or service versions
iv. Vulnerable software versions (mst)

a) i, ii and iii;

b) i, iii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.

2.

1 point

*Which of the following is the outcome of an Access Attack?

a. It is an attack against the confidentiality of the information

b. It is an attack against the integrity of information

c. It causes information to be unavailable

d. It is an attack against the accountability of information

3.

1 point

*Each of the following is an OSI model protocol layer except ______________.

a)software

b) Transport

c) Network

d) Physical

4.

1 point

*Which of the following is the correct sequence of phases of hackers attack?

a) Reconnaissance, Gaining Access, Maintaining Access, Scanning, Clearing Tracks;

b) Scanning, Reconnaissance, Gaining Access, Maintaining Access, Clearing Tracks;

c) Reconnaissance, Maintaining Access, Scanning, Gaining Access, Clearing Tracks;

d) Reconnaissance, Scanning, Gaining Access, Maintaining Access, Clearing Tracks;

5.

1 point

*When a threat uses vulnerability to attack a resource, some severe consequences can result in
i. Loss of Confidentiality
ii. Loss of Integrity
iii. Loss of Availability

a. i and ii;

b. ii and iii;

c. i, ii and iii;

d. None of the above.

6.

1 point

*In order to exploit RPC's vulnerability, the attacker would require the ability to send a specially crafted request to which three ports of the remote machine.

a) 135, 139 or 145

b) 21, 23 or 80

c) 21, 135 or 139

d) 135, 139 or 445

7.

1 point

Which of the following is a probable cause of a hacker creating a back door in a system?

c) The hacker is trying to get personal information form the user over the phone.

a) The hacker is trying to guess the credentials of the user.

d) The hacker is trying to connect to the user's wireless home network.

b) The hacker is trying to get access without having to authenticate.

8.

1 point

Which is NOT a countermeasure of Buffer Overflow Attacks?

a) avoid sloppy programming

b) configure system with executable stack

c) implement strict control on unnecessary outgoing traffic from the network

d) apply patches to system

9.

1 point

*When a browser surfs the Internet, which of the following is the correct order flow of data through the communication layers?

a) Network -> Data -> Physical -> Transport

b) Transport -> Data -> Physical -> Network

c) Network -> Transport -> Physical -> Data

d) Transport -> Network -> Data -> Physical

10.

1 point

To protect the privacy of web surfing habits, which of the following should be deleted on a regular basis?

a) Download history

b) SSL certificates

c) Cookies

d) Plug-ins

11.

1 point

You need to allow only secure Internet traffic in and out of your company network. Which of the following ports would you open on the firewall?

a) 22

b) 53

c) 80

d) 443

12.

1 point

For DoS (Denial-of-Service) Attack, Stopping service means:

a) Crashing or shutting off a specific program or machine that users want to access;

b) Stopping the computer from booting up;

c) Shutting down the computer remotely;

d) Stopping the network resource from being accessed.

13.

1 point

The primary goal of information security is to protect ______________.

a) Procedures

b) people

c) information

d) products

14.

1 point

The attacker had managed to access the target system. Identify the command execution statement of >net use z: \\192.168.1.2\c$ */u:student

a) check which network is connected to the Z drive of the target system.

b) check whether there is a network "student" which is connected to the z drive of the target system.

c) map the c drive of the target system to the z drive of the attacker.

d) map the attacker system's c drive to the z drive of the target system.

15.

1 point

Nmap is able to provide the following types of scanning except ______.

a) TCP Connect

b) TCP SYN

c) Password Scanning

d) UDP Connect

16.

1 point

*Which of the following statements is FALSE?

a) TCP Packet includes two port numbers: a source port and a destination port

b) A TCP port with listening service is known as an reserved port

c) The TCP port number is a 16-bit numbers

d) There are 65,536 different TCP ports on each machines

17.

1 point

The TCP/IP adheres roughly to the following protocol layers except _________.

a) Physical (Layer 1)

b) Network (Layer 3)

c) Transport (Layer 4)

d) little interaction with Data Link (Layer 2)

18.

1 point

Which layer of the OSI model is responsible for code and character-set conversion as well as recognizing data formats?

a) Application

b) Presentation

c) Session

d) Network

19.

1 point

*Which of the following Hacker Class is also known as “Cracker”?

a. Grey Hats

b. Red Hats

c. Black Hats

d. White Hats

20.

1 point

*Without even touching a computer, an attacker might be able to gain very sensitive information about an organisation through
i. Social Engineering;
ii. Physical Break-in;
iii. War Dialling;
iv. Dumpster Diving.

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.