312-49 : Computer Hacking Forensic Investigator : Part 10

  1. What are the security risks of running a “repair” installation for Windows XP?

    • Pressing Shift+F10gives the user administrative rights
    • Pressing Shift+F1gives the user administrative rights
    • Pressing Ctrl+F10 gives the user administrative rights
    • There are no security risks when running the “repair” installation for Windows XP
  2. Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri’s duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company’s switches with ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?

    • Trick the switch into thinking it already has a session with Terri’s computer
    • Poison the switch’s MAC address table by flooding it with ACK bits
    • Crash the switch with a DoS attack since switches cannot send ACK bits
    • Enable tunneling feature on the switch
  3. You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position: 7+ years experience in Windows Server environment 5+ years experience in Exchange 2000/2003 environment Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4 Accounting software are required MCSA desired, MCSE, CEH preferred No Unix/Linux Experience needed What is this information posted on the job website considered?

    • Social engineering exploit
    • Competitive exploit
    • Information vulnerability
    • Trade secret
  4. The objective of this act was to protect consumers’ personal financial information held by financial institutions and their service providers.

    • Gramm-Leach-Bliley Act
    • Sarbanes-Oxley 2002
    • California SB 1386
    • HIPAA
  5. Why is it a good idea to perform a penetration test from the inside?

    • It is never a good idea to perform a penetration test from the inside
    • Because 70% of attacks are from inside the organization
    • To attack a network from a hacker’s perspective
    • It is easier to hack from the inside
  6. Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net What will this search produce?

    • All sites that ghttech.net links to
    • All sites that link to ghttech.net
    • All search engines that link to .net domains
    • Sites that contain the code: link:www.ghttech.net
  7. Jonathan is a network administrator who is currently testing the internal security of his network. He is attempting to hijack a session, using Ettercap, of a user connected to his Web server. Why will Jonathan not succeed?

    • Only an HTTPS session can be hijacked
    • HTTP protocol does not maintain session
    • Only FTP traffic can be hijacked
    • Only DNS traffic can be hijacked
  8. A packet is sent to a router that does not have the packet destination address in its route table.

    How will the packet get to its proper destination?

    • Root Internet servers
    • Border Gateway Protocol
    • Gateway of last resort
    • Reverse DNS
  9. James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

    • Smurf
    • Trinoo
    • Fraggle
    • SYN flood
  10. Kyle is performing the final testing of an application he developed for the accounting department.
    His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following command. What is he testing at this point?

    #include #include int main(int argc, char
    *argv[]) { char buffer[10]; if (argc < 2) { fprintf (stderr, “USAGE: %s string\n”, argv[0]); return 1; }
    strcpy(buffer, argv[1]); return 0; }

    • Buffer overflow
    • SQL injection
    • Format string bug
    • Kernal injection
  11. You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

    • Polymorphic
    • Metamorphic
    • Oligomorhic
    • Transmorphic
  12. What is a good security method to prevent unauthorized users from “tailgating”?

    • Man trap
    • Electronic combination locks
    • Pick-resistant locks
    • Electronic key systems
  13. You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London. After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords. What tool could you use to get this information?

    • Airsnort
    • Snort
    • Ettercap
    • RaidSniff
  14. As a security analyst, you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

    • The IP address of the employees’ computers
    • Bank account numbers and the corresponding routing numbers
    • The employees network usernames and passwords
    • The MAC address of the employees’ computers
  15. Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florid a. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company’s main office in Iowa. She states that she needs the receptionist’s network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for. What principal of social engineering did Julia use?

    • Social Validation
    • Scarcity
    • Friendship/Liking
    • Reciprocation
  16. Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

    • Circuit-level proxy firewall
    • Packet filtering firewall
    • Application-level proxy firewall
    • Data link layer firewall
  17. What will the following command accomplish?

    • Test ability of a router to handle over-sized packets
    • Test the ability of a router to handle under-sized packets
    • Test the ability of a WLAN to handle fragmented packets
    • Test the ability of a router to handle fragmented packets
  18. What does ICMP Type 3/Code 13 mean?

    • Host Unreachable
    • Administratively Blocked
    • Port Unreachable
    • Protocol Unreachable
  19. How many bits is Source Port Number in TCP Header packet?

    • 16
    • 32
    • 48
    • 64
  20. After passively scanning the network of Department of Defense (DoD), you switch over to active scanning to identify live hosts on their network. DoD is a large organization and should respond to any number of scans. You start an ICMP ping sweep by sending an IP packet to the broadcast address. Only five hosts respond to your ICMP pings; definitely not the number of hosts you were expecting. Why did this ping sweep only produce a few responses?

    • Only IBM AS/400 will reply to this scan
    • Only Windows systems will reply to this scan
    • A switched network will not respond to packets sent to the broadcast address
    • Only Unix and Unix-like systems will reply to this scan