SlideShare a Scribd company logo

Cmit 321 final exam new spring 2016

Download as ODT, PDF
A
andrey_milev

http://finishedexams.com/homework_text.php?cat=16082

Education
1 of 47
CMIT 321 FINAL EXAM NEW -SPRING 2016 buy here http://finishedexams.com/homewor k_text.php?cat=16082 www.finishedexams.com Immediate access to solutions for ENTIRE COURSES, FINAL EXAMS and HOMEWORKS “RATED A+" - Without Registration!
Times Purchased: 15 Rated: A+ Views: 43 * Click Buy Answer and complete the checkout process, an email will be immediately sent to you with a key (password) to have access to the answers. CMIT 321 FINAL EXAM NEW -SPRING 2016 Question 1 1 / 1 point __________ is the exploitation of an organization's telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources. a. War driving b. Line dialing c. PBX driving d. War dialing View Feedback Question 2 1 / 1 point __________ cryptography is the most common method on the Internet for authenticating a message sender or encrypting a message. a. Symmetric b. Hash-based c. Private-key d. Public-key View Feedback
Question 3 1 / 1 point __________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD. a. Gnoppix b. GeeXboX c. Morphix d. Damn Small Linux View Feedback Question 4 1 / 1 point The __________ utility tests the integrity of an ODBC data source. a. odbcping b. ASPRunner c. FlexTracer d. DbEncrypt View Feedback Question 5 1 / 1 point In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP and Telnet, operate. a. Internet b. network c. transport d. application
View Feedback Question 6 1 / 1 point Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________. a. a pound sign b. two dashes c. a single quotation mark d. double quotes View Feedback Question 7 1 / 1 point __________ allow attackers to pass malicious code to different systems via a web application. a. SQL injection attacks b. XSS vulnerabilities c. Authentication hijacking attacks d. Command injection flaws View Feedback Question 8 1 / 1 point A __________ is a trusted entity that signs certificates and can vouch for the identity of the user and the user's public key. a. verification authority b. certification authority
c. validation authority d. registration authority View Feedback Question 9 1 / 1 point Null sessions require access to TCP port __________. a. 139 b. 141 c. 345 d. 349 View Feedback Question 10 1 / 1 point __________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server. a. ODBC b. SQLP c. OSQL d. SSRS View Feedback Question 11 1 / 1 point The __________ file is used to determine which TTY devices the root user is allowed to log in to.
a. /usr/securetty b. /etc/securetty c. /var/securetty d. /home/securetty View Feedback Question 12 1 / 1 point __________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after connecting to it. a. CheckOK b. SMTPCheck c. SMTPMon d. SLCheck View Feedback Question 13 1 / 1 point __________ is a method of gaining access to sensitive data in a Bluetooth-enabled device. a. Bluebugging b. Bluesnarfing c. BTKeylogging d. Blueprinting View Feedback Question 14
1 / 1 point __________ is a simple form of attack aimed directly at the application's business logic. a. Authentication hijacking b. Parameter tampering c. Cookie poisoning d. Session poisoning View Feedback Question 15 1 / 1 point Once the Oracle database server has been traced, the first port of call is made to the __________ listener. a. SQL b. TNS c. TCP d. PL/SQL View Feedback Question 16 1 / 1 point __________ is a common and easy form of SQL injection. The technique involves evading the logon forms. a. Command injection b. SELECT bypass c. INSERT injection d. Authorization bypass
View Feedback Question 17 1 / 1 point __________ gathering is the process of accumulating information from resources like the Internet that can later be analyzed as business intelligence. a. Competitive intelligence b. Tracerouting c. Passive information d. Footprinting View Feedback Question 18 1 / 1 point __________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned third-party applications on the iPhone. a. iFuntastic b. iNdependence c. iActivator d. AppSnapp View Feedback Question 19 1 / 1 point Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during authentication. This is called the __________ value of an authentication header. a. registration
b. site c. domain d. realm View Feedback Question 20 1 / 1 point Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools menu. a. Clear History b. Clear Private Data c. Delete Private Data d. Delete History View Feedback Question 21 1 / 1 point A(n) __________ is a custom command in Linux that is a substitute for a formal command string. a. user string b. system link c. alias d. link View Feedback Question 22 1 / 1 point A __________ is a device that cannot function in any capacity.
a. block b. brick c. rock d. cage View Feedback Question 23 0 / 1 point __________ involves plotting the tables in the database. a. Database enumeration b. Database footprinting c. Table footprinting d. Table enumeration View Feedback Question 24 1 / 1 point A __________ is a device that receives digital signals and converts them into analog signals, and vice versa. a. firewall b. proxy c. hub d. modem View Feedback Question 25
1 / 1 point Which of the following types of tools would be most effective in cracking UNIX passwords? a. Ophcrack b. KerbCrack c. John the Ripper d. RainbowCrack View Feedback Question 26 1 / 1 point SQL Server, like other databases, delimits queries with a __________. a. colon b. period c. semicolon d. comma View Feedback Question 27 1 / 1 point __________ is a unique 15- or 17-digit code used to identify a mobile station to a GSM network. a. IMEI b. SIMID c. SIM d. PhoneID
View Feedback Question 28 1 / 1 point Which of the following password attacks is conducted using nontechnical means? a. hybrid b. brute force c. social engineering d. rainbow tables View Feedback Question 29 1 / 1 point In __________-level hijacking, the attacker obtains the session IDs to get control of an existing session or to create a new, unauthorized session. a. network b. data link c. transport d. application View Feedback Question 30 1 / 1 point Which of the tools listed below can be used to execute code on remote Windows systems? a. X.exe b. PsExec
c. Rsync d. Ghost View Feedback Question 31 1 / 1 point Kaspersky is used as __________. a. a hacking tool against PDAs b. a hacking tool against IPHONEs c. a hacking tool against IPODs d. an antivirus for Windows Mobile View Feedback Question 32 1 / 1 point __________ viruses search all drives and connected network shares to locate files with an EXE or SCR extension. a. W32/Madang-Fam b. W32/Hasnot-A c. W32/Fujacks-AK d. W32/Fujacks-E View Feedback Question 33 1 / 1 point What is the difference between online and offline password attacks?
a. Online attacks are conducted against people using the Internet, and offline attacks are conducted against people on private networks. b. Online attacks target passwords or their representations as they traverse a network, and offline attacks focus on stored passwords. c. Online attacks are used to gain access to systems, and offline attacks are used to knock systems off the network. d. Offline attacks target passwords or their representations as they traverse a network, and online attacks focus on stored passwords. View Feedback Question 34 0 / 1 point __________ synchronizes the information between a Palm device and a desktop PC. a. HotSync b. ActiveSync c. PocketSync d. PalmSync View Feedback Question 35 1 / 1 point __________ is a type of computer architecture in which multiple processors share the same memory and are each assigned different tasks to perform. a. Xcode b. Multitasking c. Cocoa d. Symmetric multiprocessing View Feedback
Question 36 1 / 1 point __________ hackers are information security professionals who specialize in evaluating, and defending against, threats from attackers. a. Gray-hat b. Black-hat c. Consulting d. Ethical View Feedback Question 37 1 / 1 point An __________ share is a hidden share that allows communication between two processes on the same system. a. SMC b. IPC c. EPC d. SMB View Feedback Question 38 1 / 1 point The __________ method appends data in the URL field. a. POST b. GET c. APPEND
d. URL View Feedback Question 39 1 / 1 point __________ is a lightweight substitute for telnet that enables the execution of processes on other systems, eliminating the need for manual installation of client software. a. PsExec b. Alchemy Remote Executor c. Emsa FlexInfo Pro d. RemoteApp View Feedback Question 40 1 / 1 point __________ is a back-end GPL tool that works directly with any RFID ISO-reader to make the content stored on the RFID tags accessible. a. RFDump b. RFReader c. RFReceiver d. RFExplorer View Feedback Question 41 1 / 1 point __________ is a parallelized login cracker that supports numerous protocols for attack. a. ADMsnmp
b. SING c. Hydra d. John the Ripper View Feedback Question 42 1 / 1 point IT __________ are designed to evaluate an organization's security policies and procedures. a. ping sweeps b. vulnerability assessments c. penetration tests d. security audits View Feedback Question 43 1 / 1 point __________ is the act of gathering information about the security profile of a computer system or organization, undertaken in a methodological manner. a. Tracerouting b. Passive information gathering c. Footprinting d. Competitive intelligence gathering View Feedback Question 44
1 / 1 point __________ is a command-line interface for Microsoft SQL Server that allows an attacker to execute commands on the underlying operating system, execute SQL queries, and upload files to a remote server. a. SQLExec b. Absinthe c. Sqlninja d. SQLSmack View Feedback Question 45 1 / 1 point __________ occurs when hackers break into government or corporate computer systems as an act of protest. a. Hacktivism b. Cyber terrorism c. Cybercrime d. Suicide hacking View Feedback Question 46 1 / 1 point Mac OS X includes __________, a collection of frameworks, APIs, and accompanying runtimes that allows for a host of open-source web, database, scripting, and development technologies. a. Cocoa b. Coffee c. Bean d. Xcode
View Feedback Question 47 1 / 1 point __________ is usually employed when the attacker discerns that there is a low probability that these reconnaissance activities will be detected. a. Social engineering b. Direct information gathering c. Active reconnaissance d. Inactive reconnaissance View Feedback Question 48 1 / 1 point __________ is a programming language that permits website designers to run applications on the user's computer. a. Java b. Ruby c. Python d. Smalltalk View Feedback Question 49 1 / 1 point _________ hijacking is a hacking technique that uses spoofed packets to take over a connection between a victim and a target machine. a. ACK b. Blind
c. TCP/IP d. Network-level View Feedback Question 50 1 / 1 point In order for traffic to get back to the attacker during session hijacking, a process called __________ is used that allows the sender to specify a particular route for the IP packet to take to the destination. a. desynchronization b. source routing c. spoofing d. TCP routing View Feedback Question 51 1 / 1 point __________ is a worm for Windows XP that downloads and executes malicious files on the compromised computer and spreads through removable storage devices. a. HTTP W32.Drom b. W32/VBAut-B c. W32/QQRob-ADN d. W32/SillyFDC-BK View Feedback Question 52 1 / 1 point
The Java-based __________ worm spreads through Bluetooth and affects unprotected Mac OS X 10.4 systems. a. OSX/Leap-A b. AppHook.B c. Inqtana.A d. BTHook-A View Feedback Question 53 1 / 1 point __________ is a virus targeted against mobile personal digital assistant devices. a. Skulls b. Brador c. Doomboot.A d. Podloso View Feedback Question 54 1 / 1 point The __________ stores confidential information that is accessible only from inside the organization. a. public website b. confidential website c. private website d. external website View Feedback
Question 55 1 / 1 point __________ is the unauthorized alteration of routing tables. a. Route poisoning b. Routing table spoofing c. Routing table poisoning d. Route spoofing View Feedback Question 56 1 / 1 point __________ automatically scans a computer, looking for cookies created by Internet Explorer, Mozilla Firefox, and Netscape Navigator, and then displays the data stored in each one. a. Cookie Viewer b. Cookie Explorer c. Cookie Browser d. Cookie Manager View Feedback Question 57 1 / 1 point __________ is a tool that administrators can use to test the reliability of their critical systems and determine what actions they must take to fix any problems. a. DbEncrypt b. AppDetective c. Selective Audit
d. AppRadar View Feedback Question 58 1 / 1 point The __________ script allows a remote user to view the code of server-side scripts. a. Showlogin.asp b. Showcode.asp c. RemoteAccess.asp d. Remotelogin.asp View Feedback Question 59 1 / 1 point __________ is a method in which a sniffer is used to track down a conversation between two users. a. A man-in-the-middle (MITM) attack b. Session hijacking c. IP spoofing d. Network tapping View Feedback Question 60 1 / 1 point __________ is a small utility that lists all USB devices currently connected to a computer, as well as all previously used USB devices. a. MyUSBOnly
b. USB Blocker c. USB CopyNotify! d. USBDeview View Feedback Question 61 1 / 1 point After gaining access, what is the attacker's next goal? a. Cover their tracks. b. Start denial-of-service attacks. c. Find ways to maintain access. d. None of the above. View Feedback Question 62 1 / 1 point __________ is an HTTP authentication brute-force program. It attempts to guess passwords for basic HTTP authentication by logging in to a web server. a. Authforce b. ObiWaN c. Hydra d. Cain & Abel View Feedback Question 63 1 / 1 point
__________ record the parts of the website visited and can contain identifying information. a. Logs b. Records c. Cookies d. Certificates View Feedback Question 64 1 / 1 point Web applications have a three-layered architecture consisting of presentation, logic, and __________. a. application b. data layers c. transport d. HTTP View Feedback Question 65 1 / 1 point __________ is a Linux security feature that enables a user to choose the directory that an application can access. a. Chroot b. Sandbox c. Jailroot d. Rootjail View Feedback
Question 66 1 / 1 point There are several aspects to security, and the owner of a system should have confidence that the system will behave according to its specifications. This is called __________. a. confidentiality b. reusability c. accountability d. assurance View Feedback Question 67 1 / 1 point The __________ command displays the ARP table and is used to modify it. a. ifconfig -arp b. arp-table c. netstat -arp d. arp View Feedback Question 68 0 / 1 point __________ detects and monitors Bluetooth devices in a wireless network. It provides information about the features of each device and the services provided by it. a. Bluetooth Network Scanner b. BlueFire Mobile Security c. BlueAuditor
d. BlueWatch View Feedback Question 69 1 / 1 point Which of the following statements best describes a penetration test? a. A penetration test is using a password cracker to gain access to a system. b. A penetration test is an attempt to simulate methods used by attackers to gain unauthorized access to a computer system. c. A penetration test is the act of hacking computer systems; it is used by criminals to attack legitimate organizations. d. A penetration test is an audit of an organization's security policies and procedures. View Feedback Question 70 1 / 1 point Which website can an ethical hacker visit to see web pages from 2002? a. www.symantec.com b. www.archive.org c. www.oldwebsites.net d. www.historyoftheinternet.com View Feedback Question 71 1 / 1 point __________ provides a complete view for monitoring and analyzing activity within USB host controllers, USB hubs, and USB devices. a. USB PC Lock
b. USBlyzer c. Advanced USB Monitor d. Virus Chaser USB View Feedback Question 72 1 / 1 point The __________ is due to a canonicalization error in IIS 4.0 and 5.0 that allows an attacker to use malformed URLs to access files and folders located on the logical drive that includes web folders. a. canonicalization vulnerability b. ::$DATA vulnerability c. Unicode directory traversal vulnerability d. Msw3prt IPP vulnerability View Feedback Question 73 1 / 1 point A __________ attack adds numbers or symbols to a dictionary file's contents to crack a password successfully. a. brute-force b. dictionary c. hybrid d. parameter manipulation View Feedback Question 74
1 / 1 point Only __________ scan is valid while scanning a Windows system. a. SYN b. Null c. FIN d. Xmas View Feedback Question 75 1 / 1 point Ethical hackers use their knowledge and skills to __________. a. learn the details of computer systems and enhance their capabilities b. attack government and commercial businesses c. develop new programs or reverse-engineer existing software to make it more efficient d. defend networks from malicious attackers View Feedback Question 76 1 / 1 point Tripwire protects against Trojan horse attacks by __________. a. blocking the port that the Trojan program is listening on b. removing any Trojan horse programs found on the system c. detecting unexpected changes to a system utility file that may indicate it had been replaced by a Trojan horse d. quarantining any Trojan horse programs discovered on the system View Feedback
Question 77 1 / 1 point The ISAPI extension responsible for IPP is __________. a. msisapi.dll b. msw3prt.dll c. msipp5i.dll d. isapiipp.dll View Feedback Question 78 1 / 1 point __________ is a protocol used to create, modify, and terminate sessions such as VOIP. a. SMS b. SIP c. GSMA d. GPRS View Feedback Question 79 1 / 1 point A(n) __________ is a specific way to breach the security of an IT system through a vulnerability. a. hole b. exposure c. exploit
d. threat View Feedback Question 80 1 / 1 point __________ is a portable, battery-powered device that mediates interactions between RFID readers and RFID tags. a. RSA blocker tag b. RFID Firewall c. RFID Guardian d. Kill switch View Feedback Question 81 1 / 1 point Which of the statements below correctly describes a dictionary attack against passwords? a. It is an attack that tries every combination of characters until a correct password is identified. b. It is an attack that uses a list of words to guess passwords until a correct password is identified. c. It is an attack that uses a list of words and appends additional numbers or characters to each word until a correct password is identified. d. It is an attack that uses precomputed values until a correct password is identified. View Feedback Question 82 0 / 1 point The __________ are the agreed-on guidelines for a penetration test. a. rules of engagement
b. project scope statements c. test requirements d. service-level agreements (SLAs) View Feedback Question 83 1 / 1 point The Network News Transport Protocol service uses port __________. a. 110 b. 119 c. 135 d. 139 View Feedback Question 84 1 / 1 point A(n) __________ is the logical, not physical, component of a TCP connection. a. ISN b. socket c. port d. SYN View Feedback Question 85 1 / 1 point
__________ reconnaissance is a hacker's attempt to scout for or survey potential targets and then investigate the target using publicly available information. a. Active b. Passive c. Public d. Open View Feedback Question 86 1 / 1 point A __________, also called a packet analyzer, is a software program that can capture, log, and analyze protocol traffic over the network and decode its contents. a. sniffer b. recorder c. logger d. tapper View Feedback Question 87 1 / 1 point __________ is, simply enough, looking through an organization's trash for any discarded sensitive information. a. Trash diving b. Trash carving c. Dumpster searching d. Dumpster diving View Feedback
Question 88 1 / 1 point __________ is a secure method of posting data to the database. a. URL b. SQL c. GET d. POST View Feedback Question 89 1 / 1 point How do you defend against privilege escalation? a. Use encryption to protect sensitive data. b. Restrict the interactive logon privileges. c. Run services as unprivileged accounts. d. Run users and applications on the least privileges. View Feedback Question 90 1 / 1 point When an ethical hacker uses nslookup, which protocol are they querying? a. DNS b. HTTPS c. SMB
d. NTP View Feedback Question 91 1 / 1 point Bluetooth-enabled devices communicate via short-range, ad hoc networks known as __________. a. piconets b. uninets c. btnets d. pans View Feedback Question 92 1 / 1 point The act of hiding data within or behind other data is known as __________. a. encoding b. encryption c. steganography d. fuzzing View Feedback Question 93 1 / 1 point A __________ occurs when a connection between the target and host is in the established state, or in a stable state with no data transmission, or the server's sequence number is not equal to the client's acknowledgment number, or the client's sequence number is not equal to the server's acknowledgment number. a. synchronization state
b. blind hijacking c. source routing d. desynchronization state View Feedback Question 94 1 / 1 point __________ are software applications that run automated tasks over the Internet. a. Zombies b. Spiders c. Bots d. Crawlers View Feedback Question 95 1 / 1 point Which of the following definitions best describes a wrapper? a. A wrapper is a packet-crafting technique used to perform stealthy port scans. b. A wrapper is an encryption tool used to hide messages inside image files. c. A wrapper is a method of hiding a virus inside an executable file. d. A wrapper is a tool used to bind a Trojan to a legitimate file. View Feedback Question 96 1 / 1 point
In a hit-and-run attack, __________. a. the attacker constantly injects bad packets into the router b. the attacker mistreats packets, resulting in traffic congestion c. the attacker injects a few bad packets into the router d. the attacker alters a single packet, resulting in denial of service View Feedback Question 97 1 / 1 point __________ is a command-line TCP/IP packet assembler/analyzer. a. Hping2 b. Firewalk c. WUPS d. Blaster Scan View Feedback Question 98 1 / 1 point The __________ tool traces various application calls from Windows API functions to the Oracle Call Interface. a. ASPRunner b. FlexTracer c. odbcping d. SQL Query Analyzer View Feedback
Question 99 1 / 1 point With the __________ tool, you can ping multiple IP addresses simultaneously. a. Fping b. Nmap c. Nessus d. Unicornscan View Feedback Question 100 1 / 1 point Attackers use a technique called __________ to exploit the system by pretending to be legitimate users or different systems. a. identity theft b. impersonation c. spoofing d. flooding View Feedback Question 101 1 / 1 point __________ is a Microsoft-proprietary protocol that authenticates users and computers based on an authentication challenge and response. a. LMLAN b. Kerberos c. NTLM
d. NTLAN View Feedback Question 102 1 / 1 point __________ reconstructs a device's Bluetooth PIN and link key from data sniffed during a pairing session. a. Blooover b. Hidattack c. BTCrack d. Cabir and Mabir View Feedback Question 103 1 / 1 point This type of port scanning technique splits a TCP header into several packets so that the packet filters cannot detect what the packets intend to do. a. UDP scanning b. IP fragment scanning c. inverse TCP flag scanning d. ACK flag scanning View Feedback Question 104 1 / 1 point __________ is an application that, when installed on a system, runs a background process that silently copies files from any USB flash drive connected to it.
a. USB Switchblade b. USBDumper c. USB Hacksaw d. USB Copy 'em all View Feedback Question 105 1 / 1 point __________ is an application that identifies all Bluetooth-enabled devices, their communications, and their connectivity within a given area. a. BlueSweep b. BlueWatch c. BlueKey d. BlueFire Mobile View Feedback Question 106 1 / 1 point __________ URLs, or intranets, are private links that only a company's employees use. a. Internal b. Private c. Organizational d. Domain View Feedback Question 107
1 / 1 point In Internet Explorer, the __________ zone is a security zone for sites that the user has designated as safe to visit. a. user sites b. legal sites c. white list d. trusted sites View Feedback Question 108 1 / 1 point Which of the following is not a category of security assessment? a. security audit b. rootkit detection c. vulnerability assessment d. penetration testing View Feedback Question 109 1 / 1 point A hacker has successfully used a tool to intercept communications between two entities and establish credentials with both sides of the connection. The two remote ends of the communication never notice that the attacker is relaying the information between the two. This is called a(n) __________ attack. a. man-in-the-middle b. interceptoring c. MAC poisoning attack d. firewalking
View Feedback Question 110 1 / 1 point __________ is a cable modem hacking program. It performs the task of uncapping by incorporating all the uncapping steps into one program. a. Yersinia b. OneStep: ZUP c. Zebra d. Solar Winds MIB Browser View Feedback Question 111 1 / 1 point Information on all Linux accounts is stored in the __________ and /etc/shadow files. a. /etc/conf b. /etc/passwd c. /etc/password d. /conf/passwd View Feedback Question 112 1 / 1 point Which type of penetration test is conducted with absolutely no prior knowledge of the target environment? a. white-box testing b. gray-box testing
c. red-hat testing d. black-box testing View Feedback Question 113 1 / 1 point Redirections for URLs are handled with the __________ URL handler, which can cause errors in older versions of Internet Explorer. a. goto: b. mdir: c. mhtml: d. redir: View Feedback Question 114 1 / 1 point Traceroute uses the __________ field in an IP packet to determine how long it takes to reach a target host and whether that host is reachable and active. a. IHL b. flags c. TOS d. TTL View Feedback Question 115 1 / 1 point
Which of the following is not a Microsoft Internet Information Services vulnerability? a. ::$DATA vulnerability b. UFS integer overflow vulnerability c. Showcode.asp vulnerability d. WebDAV/RPC exploits View Feedback Question 116 1 / 1 point Which of the following statements best describes the rules of engagement for a penetration test? a. The rules of engagement are the systems that a tester can knock offline during a penetration test. b. The rules of engagement are the agreed-upon guidelines for a penetration test, including desired code of conduct and procedures. c. The rules of engagement define the service-level agreement and scope of a penetration test. d. The rules of engagement include the insurance and risk management associated with third-party testing. View Feedback Question 117 1 / 1 point The __________ service is responsible for sending a response packet that contains connection details to clients who send a specially formed request. a. SSRS b. OSQL c. ODBC d. SQLP View Feedback
Question 118 1 / 1 point The RFID __________ policy establishes the framework for many other security controls. It provides a vehicle for management to communicate its expectations regarding the RFID system and its security. a. security b. physical access c. secure disposal d. usage View Feedback Question 119 1 / 1 point A __________ is a set of related programs, usually located at a network gateway server, that protect the resources of a private network from other network users. a. firewall b. proxy c. packet filter d. router View Feedback Question 120 1 / 1 point While conducting an ethical penetration test in Europe, which Regional Internet Registry (RIR) would you use? a. APNIC b. RIPE NCC
c. ARIN d. LACNIR View Feedback Question 121 1 / 1 point __________ is a tool for performing automated attacks against web-enabled applications. a. cURL b. dotDefender c. Burp Intruder d. AppScan View Feedback Question 122 1 / 1 point If the supplied data does not fit within the size constraints of a single packet, the data is spread among multiple packets in a process known as __________. a. framing b. separation c. fragmentation d. division View Feedback Question 123 1 / 1 point __________ is a nonvoice service available with most GSM networks.
a. CDMA b. EDO c. EDVA d. GPRS View Feedback Question 124 1 / 1 point The information resource or asset that is being protected from attacks is usually called the __________. a. key value b. target of evaluation c. main asset d. target asset View Feedback Question 125 1 / 1 point __________ is an information service provider that helps law offices, government agencies, businesses, and individuals find information about people. a. People-Search-America.com b. Best People Search c. Switchboard d. Google Finance View Feedback

Recommended

Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016sergejsvolkovs10
 
CMIT 321 FINAL EXAM (2016 VERSION)
CMIT 321 FINAL EXAM (2016 VERSION)CMIT 321 FINAL EXAM (2016 VERSION)
CMIT 321 FINAL EXAM (2016 VERSION)HamesKellor
 
CMIT 321 FINAL EXAM (UMUC)
CMIT 321 FINAL EXAM (UMUC)CMIT 321 FINAL EXAM (UMUC)
CMIT 321 FINAL EXAM (UMUC)HamesKellor
 
CMIT 321 FINAL EXAM
CMIT 321 FINAL EXAMCMIT 321 FINAL EXAM
CMIT 321 FINAL EXAMHamesKellor
 
CMIT 321 FINAL EXAM 2016
CMIT 321 FINAL EXAM 2016CMIT 321 FINAL EXAM 2016
CMIT 321 FINAL EXAM 2016HamesKellor
 
CEHv8 practice Exam with key
CEHv8 practice Exam with keyCEHv8 practice Exam with key
CEHv8 practice Exam with keyJahaSoft
 
Specialist marketing officer professional knowledge questions.pdf(1)
Specialist marketing officer professional knowledge questions.pdf(1)Specialist marketing officer professional knowledge questions.pdf(1)
Specialist marketing officer professional knowledge questions.pdf(1)Nivi Mohanty
 
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun YenCODE BLUE
 

Recommended

Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016sergejsvolkovs10
 
CMIT 321 FINAL EXAM (2016 VERSION)
CMIT 321 FINAL EXAM (2016 VERSION)CMIT 321 FINAL EXAM (2016 VERSION)
CMIT 321 FINAL EXAM (2016 VERSION)HamesKellor
 
CMIT 321 FINAL EXAM (UMUC)
CMIT 321 FINAL EXAM (UMUC)CMIT 321 FINAL EXAM (UMUC)
CMIT 321 FINAL EXAM (UMUC)HamesKellor
 
CMIT 321 FINAL EXAM
CMIT 321 FINAL EXAMCMIT 321 FINAL EXAM
CMIT 321 FINAL EXAMHamesKellor
 
CMIT 321 FINAL EXAM 2016
CMIT 321 FINAL EXAM 2016CMIT 321 FINAL EXAM 2016
CMIT 321 FINAL EXAM 2016HamesKellor
 
CEHv8 practice Exam with key
CEHv8 practice Exam with keyCEHv8 practice Exam with key
CEHv8 practice Exam with keyJahaSoft
 
Specialist marketing officer professional knowledge questions.pdf(1)
Specialist marketing officer professional knowledge questions.pdf(1)Specialist marketing officer professional knowledge questions.pdf(1)
Specialist marketing officer professional knowledge questions.pdf(1)Nivi Mohanty
 
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun Yen
[CB20] Pwning OT: Going in Through the Eyes by Ta-Lun YenCODE BLUE
 
Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonOffensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonMalachi Jones
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...CODE BLUE
 
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQLManmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQLManmeet Singh Sidhu
 
Frankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binariesFrankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binariesYury Chemerkin
 
Crisis. advanced malware
Crisis. advanced malwareCrisis. advanced malware
Crisis. advanced malwareYury Chemerkin
 
CMIT 321 QUIZ 1
CMIT 321 QUIZ 1CMIT 321 QUIZ 1
CMIT 321 QUIZ 1HamesKellor
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable codenullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable coden|u - The Open Security Community
 
Ceh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingCeh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingAsep Sopyan
 
Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016powellabril
 
Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016powellabril
 
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docxREVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docxjoellemurphey
 
exam2
exam2exam2
exam2EMChief
 
Set3 ict-question
Set3 ict-questionSet3 ict-question
Set3 ict-questionAzmiah Mahmud
 
Group 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docxGroup 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docxJeanmarieColbert3
 
312 50-demo
312 50-demo312 50-demo
312 50-demoTomas Vileikis
 
Wa
WaWa
WaTomas Vileikis
 
Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.Engr. Md. Jamal Uddin Rayhan
 
Question 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdfQuestion 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdfudit652068
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxcravennichole326
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxelbanglis
 

More Related Content

What's hot

Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonOffensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonMalachi Jones
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...CODE BLUE
 
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQLManmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQLManmeet Singh Sidhu
 
Frankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binariesFrankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binariesYury Chemerkin
 
Crisis. advanced malware
Crisis. advanced malwareCrisis. advanced malware
Crisis. advanced malwareYury Chemerkin
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable codenullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable coden|u - The Open Security Community
 
Ceh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingCeh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingAsep Sopyan
 

What's hot (10)

Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonOffensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with Python
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
[CB21] The Lazarus Group's Attack Operations Targeting Japan by Shusei Tomona...
 
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQLManmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
Manmeet_8 mon_Embedded_Circuit designing_Mannul Testing_SQL
 
Frankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binariesFrankenstein. stitching malware from benign binaries
Frankenstein. stitching malware from benign binaries
 
Crisis. advanced malware
Crisis. advanced malwareCrisis. advanced malware
Crisis. advanced malware
 
CMIT 321 QUIZ 1
CMIT 321 QUIZ 1CMIT 321 QUIZ 1
CMIT 321 QUIZ 1
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question Collection
 
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable codenullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
nullcon 2011 - Reversing MicroSoft patches to reveal vulnerable code
 
Ceh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingCeh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hacking
 

Similar to Cmit 321 final exam new spring 2016

Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016powellabril
 
Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016powellabril
 
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docxREVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docxjoellemurphey
 
Group 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docxGroup 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docxJeanmarieColbert3
 
Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.Engr. Md. Jamal Uddin Rayhan
 
Question 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdfQuestion 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdfudit652068
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxcravennichole326
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxelbanglis
 
Significance
SignificanceSignificance
SignificanceJulie May
 
Certified ethical hacker (cehv11) exam dumps 2022
Certified ethical hacker (cehv11) exam dumps 2022Certified ethical hacker (cehv11) exam dumps 2022
Certified ethical hacker (cehv11) exam dumps 2022SkillCertProExams
 
Cis 333 Enhance teaching / snaptutorial.com
Cis 333 Enhance teaching / snaptutorial.comCis 333 Enhance teaching / snaptutorial.com
Cis 333 Enhance teaching / snaptutorial.comDavis104
 
Sy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicSy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicjenie Emmons
 
CIS 333 Focus Dreams/newtonhelp.com
CIS 333 Focus Dreams/newtonhelp.comCIS 333 Focus Dreams/newtonhelp.com
CIS 333 Focus Dreams/newtonhelp.combellflower85
 
Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com amaranthbeg146
 
Chapter 12 protection_mechanisms
Chapter 12 protection_mechanismsChapter 12 protection_mechanisms
Chapter 12 protection_mechanismshusseinalshomali
 

Similar to Cmit 321 final exam new spring 2016 (20)

Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016
 
Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016Cmit 321 final exam new spring 2016
Cmit 321 final exam new spring 2016
 
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docxREVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
REVIEW FINAL STUDY GUIDEQuestion 1 A _____ is used in large en.docx
 
exam2
exam2exam2
exam2
 
Set3 ict-question
Set3 ict-questionSet3 ict-question
Set3 ict-question
 
Group 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docxGroup 11. Which of the following is NOT a basic computer ope.docx
Group 11. Which of the following is NOT a basic computer ope.docx
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
 
Wa
WaWa
Wa
 
Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.Bangladesh Bank Assistant Maintenance Engineer Question Solution.
Bangladesh Bank Assistant Maintenance Engineer Question Solution.
 
Question 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdfQuestion 1IP addresses are used at the data link layer.True Fa.pdf
Question 1IP addresses are used at the data link layer.True Fa.pdf
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
 
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docxExam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
Exam IT 505Multiple Choice (20 questions , 2 points each)Pleas.docx
 
Significance
SignificanceSignificance
Significance
 
Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015
 
Certified ethical hacker (cehv11) exam dumps 2022
Certified ethical hacker (cehv11) exam dumps 2022Certified ethical hacker (cehv11) exam dumps 2022
Certified ethical hacker (cehv11) exam dumps 2022
 
Cis 333 Enhance teaching / snaptutorial.com
Cis 333 Enhance teaching / snaptutorial.comCis 333 Enhance teaching / snaptutorial.com
Cis 333 Enhance teaching / snaptutorial.com
 
Sy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicSy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magic
 
CIS 333 Focus Dreams/newtonhelp.com
CIS 333 Focus Dreams/newtonhelp.comCIS 333 Focus Dreams/newtonhelp.com
CIS 333 Focus Dreams/newtonhelp.com
 
Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com Cis 333 Extraordinary Success/newtonhelp.com
Cis 333 Extraordinary Success/newtonhelp.com
 
Chapter 12 protection_mechanisms
Chapter 12 protection_mechanismsChapter 12 protection_mechanisms
Chapter 12 protection_mechanisms
 

Recently uploaded

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 

Recently uploaded (20)

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 

Cmit 321 final exam new spring 2016

  • 1. CMIT 321 FINAL EXAM NEW -SPRING 2016 buy here http://finishedexams.com/homewor k_text.php?cat=16082 www.finishedexams.com Immediate access to solutions for ENTIRE COURSES, FINAL EXAMS and HOMEWORKS “RATED A+" - Without Registration!
  • 2. Times Purchased: 15 Rated: A+ Views: 43 * Click Buy Answer and complete the checkout process, an email will be immediately sent to you with a key (password) to have access to the answers. CMIT 321 FINAL EXAM NEW -SPRING 2016 Question 1 1 / 1 point __________ is the exploitation of an organization's telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources. a. War driving b. Line dialing c. PBX driving d. War dialing View Feedback Question 2 1 / 1 point __________ cryptography is the most common method on the Internet for authenticating a message sender or encrypting a message. a. Symmetric b. Hash-based c. Private-key d. Public-key View Feedback
  • 3. Question 3 1 / 1 point __________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD. a. Gnoppix b. GeeXboX c. Morphix d. Damn Small Linux View Feedback Question 4 1 / 1 point The __________ utility tests the integrity of an ODBC data source. a. odbcping b. ASPRunner c. FlexTracer d. DbEncrypt View Feedback Question 5 1 / 1 point In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP and Telnet, operate. a. Internet b. network c. transport d. application
  • 4. View Feedback Question 6 1 / 1 point Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________. a. a pound sign b. two dashes c. a single quotation mark d. double quotes View Feedback Question 7 1 / 1 point __________ allow attackers to pass malicious code to different systems via a web application. a. SQL injection attacks b. XSS vulnerabilities c. Authentication hijacking attacks d. Command injection flaws View Feedback Question 8 1 / 1 point A __________ is a trusted entity that signs certificates and can vouch for the identity of the user and the user's public key. a. verification authority b. certification authority
  • 5. c. validation authority d. registration authority View Feedback Question 9 1 / 1 point Null sessions require access to TCP port __________. a. 139 b. 141 c. 345 d. 349 View Feedback Question 10 1 / 1 point __________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server. a. ODBC b. SQLP c. OSQL d. SSRS View Feedback Question 11 1 / 1 point The __________ file is used to determine which TTY devices the root user is allowed to log in to.
  • 6. a. /usr/securetty b. /etc/securetty c. /var/securetty d. /home/securetty View Feedback Question 12 1 / 1 point __________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after connecting to it. a. CheckOK b. SMTPCheck c. SMTPMon d. SLCheck View Feedback Question 13 1 / 1 point __________ is a method of gaining access to sensitive data in a Bluetooth-enabled device. a. Bluebugging b. Bluesnarfing c. BTKeylogging d. Blueprinting View Feedback Question 14
  • 7. 1 / 1 point __________ is a simple form of attack aimed directly at the application's business logic. a. Authentication hijacking b. Parameter tampering c. Cookie poisoning d. Session poisoning View Feedback Question 15 1 / 1 point Once the Oracle database server has been traced, the first port of call is made to the __________ listener. a. SQL b. TNS c. TCP d. PL/SQL View Feedback Question 16 1 / 1 point __________ is a common and easy form of SQL injection. The technique involves evading the logon forms. a. Command injection b. SELECT bypass c. INSERT injection d. Authorization bypass
  • 8. View Feedback Question 17 1 / 1 point __________ gathering is the process of accumulating information from resources like the Internet that can later be analyzed as business intelligence. a. Competitive intelligence b. Tracerouting c. Passive information d. Footprinting View Feedback Question 18 1 / 1 point __________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned third-party applications on the iPhone. a. iFuntastic b. iNdependence c. iActivator d. AppSnapp View Feedback Question 19 1 / 1 point Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during authentication. This is called the __________ value of an authentication header. a. registration
  • 9. b. site c. domain d. realm View Feedback Question 20 1 / 1 point Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools menu. a. Clear History b. Clear Private Data c. Delete Private Data d. Delete History View Feedback Question 21 1 / 1 point A(n) __________ is a custom command in Linux that is a substitute for a formal command string. a. user string b. system link c. alias d. link View Feedback Question 22 1 / 1 point A __________ is a device that cannot function in any capacity.
  • 10. a. block b. brick c. rock d. cage View Feedback Question 23 0 / 1 point __________ involves plotting the tables in the database. a. Database enumeration b. Database footprinting c. Table footprinting d. Table enumeration View Feedback Question 24 1 / 1 point A __________ is a device that receives digital signals and converts them into analog signals, and vice versa. a. firewall b. proxy c. hub d. modem View Feedback Question 25
  • 11. 1 / 1 point Which of the following types of tools would be most effective in cracking UNIX passwords? a. Ophcrack b. KerbCrack c. John the Ripper d. RainbowCrack View Feedback Question 26 1 / 1 point SQL Server, like other databases, delimits queries with a __________. a. colon b. period c. semicolon d. comma View Feedback Question 27 1 / 1 point __________ is a unique 15- or 17-digit code used to identify a mobile station to a GSM network. a. IMEI b. SIMID c. SIM d. PhoneID
  • 12. View Feedback Question 28 1 / 1 point Which of the following password attacks is conducted using nontechnical means? a. hybrid b. brute force c. social engineering d. rainbow tables View Feedback Question 29 1 / 1 point In __________-level hijacking, the attacker obtains the session IDs to get control of an existing session or to create a new, unauthorized session. a. network b. data link c. transport d. application View Feedback Question 30 1 / 1 point Which of the tools listed below can be used to execute code on remote Windows systems? a. X.exe b. PsExec
  • 13. c. Rsync d. Ghost View Feedback Question 31 1 / 1 point Kaspersky is used as __________. a. a hacking tool against PDAs b. a hacking tool against IPHONEs c. a hacking tool against IPODs d. an antivirus for Windows Mobile View Feedback Question 32 1 / 1 point __________ viruses search all drives and connected network shares to locate files with an EXE or SCR extension. a. W32/Madang-Fam b. W32/Hasnot-A c. W32/Fujacks-AK d. W32/Fujacks-E View Feedback Question 33 1 / 1 point What is the difference between online and offline password attacks?
  • 14. a. Online attacks are conducted against people using the Internet, and offline attacks are conducted against people on private networks. b. Online attacks target passwords or their representations as they traverse a network, and offline attacks focus on stored passwords. c. Online attacks are used to gain access to systems, and offline attacks are used to knock systems off the network. d. Offline attacks target passwords or their representations as they traverse a network, and online attacks focus on stored passwords. View Feedback Question 34 0 / 1 point __________ synchronizes the information between a Palm device and a desktop PC. a. HotSync b. ActiveSync c. PocketSync d. PalmSync View Feedback Question 35 1 / 1 point __________ is a type of computer architecture in which multiple processors share the same memory and are each assigned different tasks to perform. a. Xcode b. Multitasking c. Cocoa d. Symmetric multiprocessing View Feedback
  • 15. Question 36 1 / 1 point __________ hackers are information security professionals who specialize in evaluating, and defending against, threats from attackers. a. Gray-hat b. Black-hat c. Consulting d. Ethical View Feedback Question 37 1 / 1 point An __________ share is a hidden share that allows communication between two processes on the same system. a. SMC b. IPC c. EPC d. SMB View Feedback Question 38 1 / 1 point The __________ method appends data in the URL field. a. POST b. GET c. APPEND
  • 16. d. URL View Feedback Question 39 1 / 1 point __________ is a lightweight substitute for telnet that enables the execution of processes on other systems, eliminating the need for manual installation of client software. a. PsExec b. Alchemy Remote Executor c. Emsa FlexInfo Pro d. RemoteApp View Feedback Question 40 1 / 1 point __________ is a back-end GPL tool that works directly with any RFID ISO-reader to make the content stored on the RFID tags accessible. a. RFDump b. RFReader c. RFReceiver d. RFExplorer View Feedback Question 41 1 / 1 point __________ is a parallelized login cracker that supports numerous protocols for attack. a. ADMsnmp
  • 17. b. SING c. Hydra d. John the Ripper View Feedback Question 42 1 / 1 point IT __________ are designed to evaluate an organization's security policies and procedures. a. ping sweeps b. vulnerability assessments c. penetration tests d. security audits View Feedback Question 43 1 / 1 point __________ is the act of gathering information about the security profile of a computer system or organization, undertaken in a methodological manner. a. Tracerouting b. Passive information gathering c. Footprinting d. Competitive intelligence gathering View Feedback Question 44
  • 18. 1 / 1 point __________ is a command-line interface for Microsoft SQL Server that allows an attacker to execute commands on the underlying operating system, execute SQL queries, and upload files to a remote server. a. SQLExec b. Absinthe c. Sqlninja d. SQLSmack View Feedback Question 45 1 / 1 point __________ occurs when hackers break into government or corporate computer systems as an act of protest. a. Hacktivism b. Cyber terrorism c. Cybercrime d. Suicide hacking View Feedback Question 46 1 / 1 point Mac OS X includes __________, a collection of frameworks, APIs, and accompanying runtimes that allows for a host of open-source web, database, scripting, and development technologies. a. Cocoa b. Coffee c. Bean d. Xcode
  • 19. View Feedback Question 47 1 / 1 point __________ is usually employed when the attacker discerns that there is a low probability that these reconnaissance activities will be detected. a. Social engineering b. Direct information gathering c. Active reconnaissance d. Inactive reconnaissance View Feedback Question 48 1 / 1 point __________ is a programming language that permits website designers to run applications on the user's computer. a. Java b. Ruby c. Python d. Smalltalk View Feedback Question 49 1 / 1 point _________ hijacking is a hacking technique that uses spoofed packets to take over a connection between a victim and a target machine. a. ACK b. Blind
  • 20. c. TCP/IP d. Network-level View Feedback Question 50 1 / 1 point In order for traffic to get back to the attacker during session hijacking, a process called __________ is used that allows the sender to specify a particular route for the IP packet to take to the destination. a. desynchronization b. source routing c. spoofing d. TCP routing View Feedback Question 51 1 / 1 point __________ is a worm for Windows XP that downloads and executes malicious files on the compromised computer and spreads through removable storage devices. a. HTTP W32.Drom b. W32/VBAut-B c. W32/QQRob-ADN d. W32/SillyFDC-BK View Feedback Question 52 1 / 1 point
  • 21. The Java-based __________ worm spreads through Bluetooth and affects unprotected Mac OS X 10.4 systems. a. OSX/Leap-A b. AppHook.B c. Inqtana.A d. BTHook-A View Feedback Question 53 1 / 1 point __________ is a virus targeted against mobile personal digital assistant devices. a. Skulls b. Brador c. Doomboot.A d. Podloso View Feedback Question 54 1 / 1 point The __________ stores confidential information that is accessible only from inside the organization. a. public website b. confidential website c. private website d. external website View Feedback
  • 22. Question 55 1 / 1 point __________ is the unauthorized alteration of routing tables. a. Route poisoning b. Routing table spoofing c. Routing table poisoning d. Route spoofing View Feedback Question 56 1 / 1 point __________ automatically scans a computer, looking for cookies created by Internet Explorer, Mozilla Firefox, and Netscape Navigator, and then displays the data stored in each one. a. Cookie Viewer b. Cookie Explorer c. Cookie Browser d. Cookie Manager View Feedback Question 57 1 / 1 point __________ is a tool that administrators can use to test the reliability of their critical systems and determine what actions they must take to fix any problems. a. DbEncrypt b. AppDetective c. Selective Audit
  • 23. d. AppRadar View Feedback Question 58 1 / 1 point The __________ script allows a remote user to view the code of server-side scripts. a. Showlogin.asp b. Showcode.asp c. RemoteAccess.asp d. Remotelogin.asp View Feedback Question 59 1 / 1 point __________ is a method in which a sniffer is used to track down a conversation between two users. a. A man-in-the-middle (MITM) attack b. Session hijacking c. IP spoofing d. Network tapping View Feedback Question 60 1 / 1 point __________ is a small utility that lists all USB devices currently connected to a computer, as well as all previously used USB devices. a. MyUSBOnly
  • 24. b. USB Blocker c. USB CopyNotify! d. USBDeview View Feedback Question 61 1 / 1 point After gaining access, what is the attacker's next goal? a. Cover their tracks. b. Start denial-of-service attacks. c. Find ways to maintain access. d. None of the above. View Feedback Question 62 1 / 1 point __________ is an HTTP authentication brute-force program. It attempts to guess passwords for basic HTTP authentication by logging in to a web server. a. Authforce b. ObiWaN c. Hydra d. Cain & Abel View Feedback Question 63 1 / 1 point
  • 25. __________ record the parts of the website visited and can contain identifying information. a. Logs b. Records c. Cookies d. Certificates View Feedback Question 64 1 / 1 point Web applications have a three-layered architecture consisting of presentation, logic, and __________. a. application b. data layers c. transport d. HTTP View Feedback Question 65 1 / 1 point __________ is a Linux security feature that enables a user to choose the directory that an application can access. a. Chroot b. Sandbox c. Jailroot d. Rootjail View Feedback
  • 26. Question 66 1 / 1 point There are several aspects to security, and the owner of a system should have confidence that the system will behave according to its specifications. This is called __________. a. confidentiality b. reusability c. accountability d. assurance View Feedback Question 67 1 / 1 point The __________ command displays the ARP table and is used to modify it. a. ifconfig -arp b. arp-table c. netstat -arp d. arp View Feedback Question 68 0 / 1 point __________ detects and monitors Bluetooth devices in a wireless network. It provides information about the features of each device and the services provided by it. a. Bluetooth Network Scanner b. BlueFire Mobile Security c. BlueAuditor
  • 27. d. BlueWatch View Feedback Question 69 1 / 1 point Which of the following statements best describes a penetration test? a. A penetration test is using a password cracker to gain access to a system. b. A penetration test is an attempt to simulate methods used by attackers to gain unauthorized access to a computer system. c. A penetration test is the act of hacking computer systems; it is used by criminals to attack legitimate organizations. d. A penetration test is an audit of an organization's security policies and procedures. View Feedback Question 70 1 / 1 point Which website can an ethical hacker visit to see web pages from 2002? a. www.symantec.com b. www.archive.org c. www.oldwebsites.net d. www.historyoftheinternet.com View Feedback Question 71 1 / 1 point __________ provides a complete view for monitoring and analyzing activity within USB host controllers, USB hubs, and USB devices. a. USB PC Lock
  • 28. b. USBlyzer c. Advanced USB Monitor d. Virus Chaser USB View Feedback Question 72 1 / 1 point The __________ is due to a canonicalization error in IIS 4.0 and 5.0 that allows an attacker to use malformed URLs to access files and folders located on the logical drive that includes web folders. a. canonicalization vulnerability b. ::$DATA vulnerability c. Unicode directory traversal vulnerability d. Msw3prt IPP vulnerability View Feedback Question 73 1 / 1 point A __________ attack adds numbers or symbols to a dictionary file's contents to crack a password successfully. a. brute-force b. dictionary c. hybrid d. parameter manipulation View Feedback Question 74
  • 29. 1 / 1 point Only __________ scan is valid while scanning a Windows system. a. SYN b. Null c. FIN d. Xmas View Feedback Question 75 1 / 1 point Ethical hackers use their knowledge and skills to __________. a. learn the details of computer systems and enhance their capabilities b. attack government and commercial businesses c. develop new programs or reverse-engineer existing software to make it more efficient d. defend networks from malicious attackers View Feedback Question 76 1 / 1 point Tripwire protects against Trojan horse attacks by __________. a. blocking the port that the Trojan program is listening on b. removing any Trojan horse programs found on the system c. detecting unexpected changes to a system utility file that may indicate it had been replaced by a Trojan horse d. quarantining any Trojan horse programs discovered on the system View Feedback
  • 30. Question 77 1 / 1 point The ISAPI extension responsible for IPP is __________. a. msisapi.dll b. msw3prt.dll c. msipp5i.dll d. isapiipp.dll View Feedback Question 78 1 / 1 point __________ is a protocol used to create, modify, and terminate sessions such as VOIP. a. SMS b. SIP c. GSMA d. GPRS View Feedback Question 79 1 / 1 point A(n) __________ is a specific way to breach the security of an IT system through a vulnerability. a. hole b. exposure c. exploit
  • 31. d. threat View Feedback Question 80 1 / 1 point __________ is a portable, battery-powered device that mediates interactions between RFID readers and RFID tags. a. RSA blocker tag b. RFID Firewall c. RFID Guardian d. Kill switch View Feedback Question 81 1 / 1 point Which of the statements below correctly describes a dictionary attack against passwords? a. It is an attack that tries every combination of characters until a correct password is identified. b. It is an attack that uses a list of words to guess passwords until a correct password is identified. c. It is an attack that uses a list of words and appends additional numbers or characters to each word until a correct password is identified. d. It is an attack that uses precomputed values until a correct password is identified. View Feedback Question 82 0 / 1 point The __________ are the agreed-on guidelines for a penetration test. a. rules of engagement
  • 32. b. project scope statements c. test requirements d. service-level agreements (SLAs) View Feedback Question 83 1 / 1 point The Network News Transport Protocol service uses port __________. a. 110 b. 119 c. 135 d. 139 View Feedback Question 84 1 / 1 point A(n) __________ is the logical, not physical, component of a TCP connection. a. ISN b. socket c. port d. SYN View Feedback Question 85 1 / 1 point
  • 33. __________ reconnaissance is a hacker's attempt to scout for or survey potential targets and then investigate the target using publicly available information. a. Active b. Passive c. Public d. Open View Feedback Question 86 1 / 1 point A __________, also called a packet analyzer, is a software program that can capture, log, and analyze protocol traffic over the network and decode its contents. a. sniffer b. recorder c. logger d. tapper View Feedback Question 87 1 / 1 point __________ is, simply enough, looking through an organization's trash for any discarded sensitive information. a. Trash diving b. Trash carving c. Dumpster searching d. Dumpster diving View Feedback
  • 34. Question 88 1 / 1 point __________ is a secure method of posting data to the database. a. URL b. SQL c. GET d. POST View Feedback Question 89 1 / 1 point How do you defend against privilege escalation? a. Use encryption to protect sensitive data. b. Restrict the interactive logon privileges. c. Run services as unprivileged accounts. d. Run users and applications on the least privileges. View Feedback Question 90 1 / 1 point When an ethical hacker uses nslookup, which protocol are they querying? a. DNS b. HTTPS c. SMB
  • 35. d. NTP View Feedback Question 91 1 / 1 point Bluetooth-enabled devices communicate via short-range, ad hoc networks known as __________. a. piconets b. uninets c. btnets d. pans View Feedback Question 92 1 / 1 point The act of hiding data within or behind other data is known as __________. a. encoding b. encryption c. steganography d. fuzzing View Feedback Question 93 1 / 1 point A __________ occurs when a connection between the target and host is in the established state, or in a stable state with no data transmission, or the server's sequence number is not equal to the client's acknowledgment number, or the client's sequence number is not equal to the server's acknowledgment number. a. synchronization state
  • 36. b. blind hijacking c. source routing d. desynchronization state View Feedback Question 94 1 / 1 point __________ are software applications that run automated tasks over the Internet. a. Zombies b. Spiders c. Bots d. Crawlers View Feedback Question 95 1 / 1 point Which of the following definitions best describes a wrapper? a. A wrapper is a packet-crafting technique used to perform stealthy port scans. b. A wrapper is an encryption tool used to hide messages inside image files. c. A wrapper is a method of hiding a virus inside an executable file. d. A wrapper is a tool used to bind a Trojan to a legitimate file. View Feedback Question 96 1 / 1 point
  • 37. In a hit-and-run attack, __________. a. the attacker constantly injects bad packets into the router b. the attacker mistreats packets, resulting in traffic congestion c. the attacker injects a few bad packets into the router d. the attacker alters a single packet, resulting in denial of service View Feedback Question 97 1 / 1 point __________ is a command-line TCP/IP packet assembler/analyzer. a. Hping2 b. Firewalk c. WUPS d. Blaster Scan View Feedback Question 98 1 / 1 point The __________ tool traces various application calls from Windows API functions to the Oracle Call Interface. a. ASPRunner b. FlexTracer c. odbcping d. SQL Query Analyzer View Feedback
  • 38. Question 99 1 / 1 point With the __________ tool, you can ping multiple IP addresses simultaneously. a. Fping b. Nmap c. Nessus d. Unicornscan View Feedback Question 100 1 / 1 point Attackers use a technique called __________ to exploit the system by pretending to be legitimate users or different systems. a. identity theft b. impersonation c. spoofing d. flooding View Feedback Question 101 1 / 1 point __________ is a Microsoft-proprietary protocol that authenticates users and computers based on an authentication challenge and response. a. LMLAN b. Kerberos c. NTLM
  • 39. d. NTLAN View Feedback Question 102 1 / 1 point __________ reconstructs a device's Bluetooth PIN and link key from data sniffed during a pairing session. a. Blooover b. Hidattack c. BTCrack d. Cabir and Mabir View Feedback Question 103 1 / 1 point This type of port scanning technique splits a TCP header into several packets so that the packet filters cannot detect what the packets intend to do. a. UDP scanning b. IP fragment scanning c. inverse TCP flag scanning d. ACK flag scanning View Feedback Question 104 1 / 1 point __________ is an application that, when installed on a system, runs a background process that silently copies files from any USB flash drive connected to it.
  • 40. a. USB Switchblade b. USBDumper c. USB Hacksaw d. USB Copy 'em all View Feedback Question 105 1 / 1 point __________ is an application that identifies all Bluetooth-enabled devices, their communications, and their connectivity within a given area. a. BlueSweep b. BlueWatch c. BlueKey d. BlueFire Mobile View Feedback Question 106 1 / 1 point __________ URLs, or intranets, are private links that only a company's employees use. a. Internal b. Private c. Organizational d. Domain View Feedback Question 107
  • 41. 1 / 1 point In Internet Explorer, the __________ zone is a security zone for sites that the user has designated as safe to visit. a. user sites b. legal sites c. white list d. trusted sites View Feedback Question 108 1 / 1 point Which of the following is not a category of security assessment? a. security audit b. rootkit detection c. vulnerability assessment d. penetration testing View Feedback Question 109 1 / 1 point A hacker has successfully used a tool to intercept communications between two entities and establish credentials with both sides of the connection. The two remote ends of the communication never notice that the attacker is relaying the information between the two. This is called a(n) __________ attack. a. man-in-the-middle b. interceptoring c. MAC poisoning attack d. firewalking
  • 42. View Feedback Question 110 1 / 1 point __________ is a cable modem hacking program. It performs the task of uncapping by incorporating all the uncapping steps into one program. a. Yersinia b. OneStep: ZUP c. Zebra d. Solar Winds MIB Browser View Feedback Question 111 1 / 1 point Information on all Linux accounts is stored in the __________ and /etc/shadow files. a. /etc/conf b. /etc/passwd c. /etc/password d. /conf/passwd View Feedback Question 112 1 / 1 point Which type of penetration test is conducted with absolutely no prior knowledge of the target environment? a. white-box testing b. gray-box testing
  • 43. c. red-hat testing d. black-box testing View Feedback Question 113 1 / 1 point Redirections for URLs are handled with the __________ URL handler, which can cause errors in older versions of Internet Explorer. a. goto: b. mdir: c. mhtml: d. redir: View Feedback Question 114 1 / 1 point Traceroute uses the __________ field in an IP packet to determine how long it takes to reach a target host and whether that host is reachable and active. a. IHL b. flags c. TOS d. TTL View Feedback Question 115 1 / 1 point
  • 44. Which of the following is not a Microsoft Internet Information Services vulnerability? a. ::$DATA vulnerability b. UFS integer overflow vulnerability c. Showcode.asp vulnerability d. WebDAV/RPC exploits View Feedback Question 116 1 / 1 point Which of the following statements best describes the rules of engagement for a penetration test? a. The rules of engagement are the systems that a tester can knock offline during a penetration test. b. The rules of engagement are the agreed-upon guidelines for a penetration test, including desired code of conduct and procedures. c. The rules of engagement define the service-level agreement and scope of a penetration test. d. The rules of engagement include the insurance and risk management associated with third-party testing. View Feedback Question 117 1 / 1 point The __________ service is responsible for sending a response packet that contains connection details to clients who send a specially formed request. a. SSRS b. OSQL c. ODBC d. SQLP View Feedback
  • 45. Question 118 1 / 1 point The RFID __________ policy establishes the framework for many other security controls. It provides a vehicle for management to communicate its expectations regarding the RFID system and its security. a. security b. physical access c. secure disposal d. usage View Feedback Question 119 1 / 1 point A __________ is a set of related programs, usually located at a network gateway server, that protect the resources of a private network from other network users. a. firewall b. proxy c. packet filter d. router View Feedback Question 120 1 / 1 point While conducting an ethical penetration test in Europe, which Regional Internet Registry (RIR) would you use? a. APNIC b. RIPE NCC
  • 46. c. ARIN d. LACNIR View Feedback Question 121 1 / 1 point __________ is a tool for performing automated attacks against web-enabled applications. a. cURL b. dotDefender c. Burp Intruder d. AppScan View Feedback Question 122 1 / 1 point If the supplied data does not fit within the size constraints of a single packet, the data is spread among multiple packets in a process known as __________. a. framing b. separation c. fragmentation d. division View Feedback Question 123 1 / 1 point __________ is a nonvoice service available with most GSM networks.
  • 47. a. CDMA b. EDO c. EDVA d. GPRS View Feedback Question 124 1 / 1 point The information resource or asset that is being protected from attacks is usually called the __________. a. key value b. target of evaluation c. main asset d. target asset View Feedback Question 125 1 / 1 point __________ is an information service provider that helps law offices, government agencies, businesses, and individuals find information about people. a. People-Search-America.com b. Best People Search c. Switchboard d. Google Finance View Feedback