1. am
Resources Lessons Quizzes Assignments Discussion Completion
Log Out
Advanced PC Security
completion: final exam results
d
Final Exam
Evaluation of your answers:
1. What term do you use to describe the hacking method where one participant is
ethical and the other is unethical?
You chose: Gray hat.
Correct! Gray hat hacking is the term used when the person on the inside is
ethical and the person on the outside is unethical. While both work together, the
methods and the results are very questionable.
2. What do you call the three types of intrusions?
You chose: Physical, remote, and system.
Correct! These are the types of intrusions based on how hackers gain access to
the network.
3. Under the U.S. Computer Fraud and Abuse Act, what is the penalty for illegal
hacking?
You chose: Fines, imprisonment, or both.
Correct! Violation of the U.S. Computer Fraud and Abuse Act will result in
fines, imprisonment, or both, depending upon the violation.
2. 4. Which term describes an attack using emotions, trust, kindness, and friendship?
You chose: A psychological social engineering attack.
Correct! A psychological social engineering attack uses psychology to access
the needed hacking information.
5. As an auditor, what is your primary concern about using social engineering
methods in your audit?
You chose: Ethics.
Correct! The ethical consideration is not only what management may do with
the information, but how your colleagues will feel about what you did.
6. What are the two simplest ways to secure a wireless network?
You chose: Change the default username and password and disable the
broadcast of your SSID.
Correct! When you really want to secure your network, you need to follow
these two steps carefully.
7. What are the names of the processes Google uses to index the Web and produce
results?
You chose: Gather, index, and query.
Correct! The googlebot gathers the pages and links, feeds the document to the
indexer for processing, and then uses the query to produce the results from
several high-speed multi-processor computers.
8. What is a packet sniffer?
You chose: A program that captures packets of traffic in and out of your
computer.
Correct! A packet sniffer or packet capture program captures traffic (through
3. packets) in and out of your computer. (Lesson 3, Chapter 3)
9. How do you surf the Internet anonymously?
You chose: Use a proxy server.
Correct! When using a proxy server, the server downloads the pages and passes
them to you, which guards your anonymity.
10. What kind of search is represented by the following: employee ANDpassword
ORpasscode?
You chose: A Boolean search.
Correct! George Boole is the founding father of this popular search capability.
11. What can you use to find out if a network IP address is active?
You chose: Network Query Tool.
Correct! Through a series of network tests including a ping, tracert, and port
check, the Network Query Tool will tell you if a network address is active and
receiving traffic.
12. What types of searches can be done through registrars?
You chose: IP, NIC, and Domain.
Correct! You can search for owners of network domains by IP and domain
(Web) addresses and nicknames.
13. What two layers operate within the Data Link Layer of the OSI model?
You chose: Media Access Control (MAC) and Logical Link Control (LLC).
Correct! In the Data Link Layer, MAC and LLC help with traffic control to
4. ensure smooth data flow.
14. In the binary numbering system, which digit is an electrical off switch?
You chose: 0.
Correct! In the binary numbering system, 0 is the electrical off and the digit
one is an electrical on switch.
15. Which term defines a set of methods and guidelines for computing?
You chose: Protocol.
Correct! Protocol, in its simplest definition, is a set of methods and guidelines
that let computers talk to each other.
16. What type of packet is used to establish a network connection?
You chose: SYN and ACK.
Correct! These are the processes performed by TCP protocol to establish a
network connection between two network devices.
17. What part of the packet allows a hacker to gather information and gain control?
You chose: The IP header.
Correct! The IP header contains all the information a hacker needs to collect
network information and gain control by manipulating flags, forging IP
addresses, and changing offset numbers in fragments.
18. What is the definition of spoofing?
You chose: Forging a packet's source or destination IP address.
5. Correct! Spoofing is a common way for hackers to gain access to your system.
19. Which of the following is an example of an exploit?
You chose: A packet spoofing utility
20. Correct! They provide the ability to change the IP headers to anything
the user wants.
21. What term defines unexpected behavior from a system or software using
reasonable security policies?
You chose: Universal vulnerability.
Correct! A universal vulnerability is defined as unexpected behavior from a
system or software using reasonable security policies.
22. What do you call a piece of programming code that does not handle excessive
input of data?
You chose: Unchecked buffer.
Correct! An unchecked buffer is a piece of programming code that is used as a
placeholder for programming values to be used in memory.
23. What is the name of the channels used to transfer data between input or output
devices and the processor?
You chose: Ports.
Correct! Ports allow data to flow freely when they're open.
24. Which word defines a program that runs unattended in the background to
perform continuous or periodic system-wide functions, such as network
control?
6. You chose: Daemon.
Correct! This allows networks to run efficiently without needing human
intervention.
25. What term describes scanning a network for ports and known services?
You chose: Service discovery.
Correct! When you perform a service discovery, you scan your network ports
for known services like FTP and HTTP.
26. What do you call the icons, buttons, and graphics you use to execute computer
commands?
You chose: GUI.
Correct! The icons, buttons, and graphics that provide user-friendly short cuts
to your programs are called GUI.
27. What do you call the daemon that maintains a database and allows clients to
find servers?
You chose: Endpoint Mapper
28. Correct : The RPC endpoint mapper is a daemon that maintains a database
called the local endpoint map, which allows clients to find servers
29. What provides the inner networking protocol that ties the client-server program
together under RPC using TCP/IP?
You chose: Stack.
Incorrect. A stack is a layer of memory or networking protocol that provides
access to the sockets. The correct answer is: DCOM. (Lesson 9, Chapter 4)
7. 30. What is the main problem with public and private community strings?
You chose: The authentication is weak.
Correct! The authentication is weak because anyone can modify data, which
means hackers can manipulate it at will.
31. Which type of rootkit is the most powerful?
You chose: Kernel-mode.
Correct! Kernel-mode rootkits are the most powerful since the native API can't
intercept them and they directly manipulate the data structure.
32. What type of rootkit activates every time the system boots?
You chose: Persistent.
Correct! A persistent rootkit contains code that executes automatically when
the system starts.
33. What are the duties of the security team?
You chose: Policy development, practice, and response.
Correct! The security team is the first responder whan a breach or other
security incident occurs.
34. Which word defines data viewed by unauthorized personnel, data corruption, or
data loss?
You chose: Compromised.
Correct! Compromised data that has questionable integrity.
35. Which best practice would prevent users from playing music CDs on their
9. cannot be reproduced or redistributed unless you have obtained prior written permission
from Education To Go. Education To Go and ed2go are registered trademarks of Education
To Go, a part of Cengage Learning.
hck-0
