NVST quiz 5 (121- 150)

A port scanner has reported that your web server running with a supporting SQL database is listening on TCP ports 80, 443, 21, and 1433. Which of these ports is unnecessary and should be closed to prevent hacking attempts?

There are two ways that a SYN flood can exhaust the communication resources of a target:
i. Flood the connection queue;
ii. Flood the entire communication link;
iii. Flood the switch;
iv. Flood the router.

Which of the following is FALSE about User Datagram Protocol (UDP)?

Which of the followings are TRUE about DDoS (Distributed Denial-of-Service) attack?
i. Distributed Denial-of-Service is a simple SYN flood allowed an attacker to generate traffic from one machine
ii. The attacker first take over a large number of victim machines around the world, often referred to as zombies.
iii. The zombies software is the component of the DDoS tool that waits for a command from the attacker, who uses a client tool to interact with the zombies
iv. Tribe Flood Network 2000 (TFN2K) is one of the most fully featured DDoS-specific tool

General types of reconnaissance data can be obtained from Internet are:
i. Employee data
ii. Business partner
iii. Existing technologies
iv. Financial information

A host has an IP address of 128.78.3.2. The network is subnetted by borrowing the first 3 bits of host address bits. What is the subnet mask for 128.78.3.2?

A(n) _______ identifies what program or service on the receiving computer is being accessed.

What does an attacker do in Reconnaissance Phase?
i. An attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack
ii. The core of Reconnaissance attack is intrusive information gathering techniques
iii. System is breached or accessed in order to retrieve information

Each of the following is intended to protect information except __________.

Each of the following protocols can be used to encrypt transmissions over the Internet except _________.

An attacker normally takes inventory of which type of ports on the system?

Which of the following IP address class is reserved for future use?

A(n) __________ is a weakness that allows a threat agent to bypass security.

What is the usage of Cookie?

An attack that opens numerous ports for bogus connections, thereby denying legitimate connections, is called a ______.

IP resides at which layer of the OSI model?

Internet search engines are used by attacker because they provide the following facilities except ________.

Which of the following statements are TRUE about Trojan horse?
i. Most Trojan horse have two parts: Server and Client;
ii. The server-program part is a program or file that is installed on the victim’s machine;
iii. The client-program part is on the attacker’s system;
iv. Trojan horse attacks pose one of the most serious threats to computer security.

Each machine with a TCP/IP stack has ______ TCP ports and ______ UDP ports.

The qualities and characteristics of the network traffic generated by Nmap's ping scan are called its _________.

What is the name of the unique physical address that is assigned to every network interface card?

Attacker can ask the server to send all information it has about a given domain through requesting a ________ from the name server.

You connected your company to the Internet, and security is a concern. What should you install?

Which of the following is an advantage of using virtual machines?

After running John the Ripper, the cracked password is stored in a local file called ________.

Which of the following statements is FALSE about Risk Management?

Which of the following is a coordinated effort in which multiple machines attack a single victim or host with the intent to prevent legitimate service?

Which of the following statements is FALSE about the key terms used in the risk management process?

The following are commonly used techniques for reconnaissance except ________.

Which software tool can be used for cracking window95, window98, SQL2000, Cisco PIX, and router's MD5 hashes?