User Account

All Pages

Which of the following are penetration testing methodology

Assignment Help Management Information Sys
Reference no: EM132017843

1) Which of the following are Penetration testing methodology?
A. White box model
B. Black box model
C. Gray box model
D. All of the above

2) Which of the following skills are needed to be a security tester?
A. Knowledge of network and computer technology
B. Ability to communicate with management and IT personnel
C. An understanding of the laws in your location and ability to use necessary tools
D. All of the above

3) Which of the following are the district layer of TCP/IP?
A. Network and Internet
B. Transport and Application
C. Network, Internet, Transport, Presentation
D. A and B

4) Which of the followings are the TCP segment flags?
A. SYN flag: synch flag , ACK flag: acknowledgment flag
B. PSH flag: push flag, URG flag: urgent flag, STF flag: set test flag
C. PSH flag: push flag, URG flag: urgent flag, RST flag: reset flag, FIN flag: finish flag
D. A and C

5) Which of the following are properties of User Datagram Protocol (UDP)?
A. Fast but unreliable delivery protocol and Operates on Transport layer
B. Used for speed but Does not need to verify receiver is listening or ready
C. Depends on higher layers of TCP/IP stack handle problems and Referred to as a connectionless protocol
D. All of the above

6) Distributed denial-of-service (DDoS) attack is:
A. Attack on host from single servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed
B. Attack on host from multiple servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed
C. Attack on server from multiple host or workstations and Network could be flooded with billions of packets causes Loss of bandwidth and Degradation or loss of speed
D. None of the above

7) Different categories of Attacks are:
A. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow
B. Ping of Death, Session hijacking
C. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow, Ping of Death, Port High jacking (PoH)
D. A and B

8) Which of the following are Social Engineering Tactics?
A. Persuasion, Intimidation, Coercion
B. Persuasion, Intimidation, Coercion, Extortion, blackmailing
C. Persuasion, Intimidation, Coercion, Extortion, Urgency
D. All of the above

9) Which of the following/s are types of Port Scans?
A. ACK scan, FIN scan, UDP scan
B. SYN scan, NULL scan, XMAS scan,
C. ACK scan, FIN scan, UDP scan, SYN scan, NULL scan, XMAC scan
D. A and B

10) Enumeration extracts information about:
A. Resources or shares on the network
B. Usernames or groups assigned on the network
C. User's password and recent logon times
D. All of the above

11) Which of the following are NetBIOS Enumeration Tools?
A. Nbtstat command, Net view command, Net use command
B. Nbtstat command, Net view command, Dumpsec command
C. Nbtstat command, Net view command, Hyena command
D. None of the above

12) Dumsec is an Enumeration tool for Windows systems that does the following/s:
A. Allows user to connect to a server and "dump", Permissions for shares, Permissions for printers
B. Permissions for the Registry, Users in column or table format, Policies ,Rights, Services
C. Allows user to connect to a server and "dump", Permissions for shares, Permissions for printers and Permissions for the Registry, Users in column or table format
D. A and B

13) Which of the following are Tools for enumerating Windows targets?
A. Nbtstat, Net view, Net use
B. Nbtstat, Net view, Net use and Other utilities
C. Nbtstat, Net view, Net use, Nessus
D. All of the above

14) Which of the following statements is more accurate about Windows OS?
A. Many Windows OSs have serious vulnerabilities
B. None of the Windows OSs have any serious vulnerabilities
C. A few Windows OSs have any serious vulnerabilities
D. All of the Windows OSs have any serious vulnerabilities

15) Which of the following best describes Remote Procedure Call?
A. Allows a program running on one host to run code on a remote host
B. Allows a program running on one server to run code on another server
C. Allows a program running any server to run code on a designated clinet
D. None of the above

16) Buffer Overflows occurs when:
A. Data is written to a buffer and corrupts data in memory next to allocated buffer
B. Normally, occurs when copying strings of characters from one buffer to another
C. Data is deleted from a buffer and corrupts data in memory next to deleted buffer
D. A and B

17) Microsoft Baseline Security Analyzer (MBSA) is capable of checking which of the following/s?
A. Patches, Security updates, Configuration errors
B. Blank or weak passwords
C. A and B
D. None of the above

18) Which of the following/s are Vulnerabilities in Windows file systems?
A. Lack of ACL support in FAT and Risk of malicious ADSs in NTFS
B. RCP, NetBIOS, SMB, Null sessions
C. Windows Web services and IIS
D. All of the above

19) An Embedded system is:
A. Any computer system that is a general-purpose PC or server and they are in all networks and Perform essential functions
B. Any computer system that isn't a general-purpose PC or server and they are in all networks and Perform essential functions
C. Any computer system that isn't a server or client
D. None of the above

20) Object Linking and Embedding Database are Set of interfaces that:
A. Enable applications to access data stored in DBMS and relies on connection strings and allows application to access data stored on external device
B. Enable applications to access data stored in a server and relies on connection tokens and allows application to access data stored on external device
C. Enable applications to access data stored in flat files
D. All of the above

21) ActiveX Data Objects are:
A. Programming interface for connecting Web applications to a database
B. Defines a set of technologies that allow desktop applications to interact with Web
C. Network interface for connecting Web applications to a database
D. A and B

22) Attackers controlling a Web server can do which of the following/s?
A. Deface the Web site and destroy company's database or sell contents
B. Gain control of user accounts and perform secondary attacks
C. Gain root access to other application servers
D. All of the above

23) Which of the following/s are Web application vulnerabilities?
A. Cross-site scripting (XSS) flaws and Injection flaws and malicious file execution and Unsecured direct object reference
B. Cross-site request forgery (CSRF) and Information leakage and incorrect error handling and Broken authentication and session management
C. Unsecured cryptographic storage and Unsecured communication and Failure to restrict URL access
D. All of the above

24) Which of the following statements best describes Wireless Hacking?
A. Hacking a wireless network is different from hacking a wired Lan and Port scanning and Enumeration techniques can not be used.
B. Hacking a wireless network is not much different from hacking a wired LAN and Port scanning and Enumeration techniques can be used.
C. Hacking a wireless network is not much different from hacking a wired LAN and Port scanning technique can be used
D. All of the above

25) Cryptography is:
A. Process of converting plaintext into ciphertext
B. Process of converting ciphertext into plaintext
C. Process of converting plaintext into ciphertext and vise versa
D. All of the above

26) Which of the following statements is true?
A. Cryptography is a new technology
B. Cryptography has been around for thousands of years
C. Cryptography has been around for hundreds of years
D. None of the above

27) Which of the following best describes Hashing Algorithms?
A. Takes a variable-length message and produces a fixed-length value (i.e., message digest), Like a fingerprint of the message
B. Takes a variable-length message and produces a fixed-length value (i.e., message digest), Like a fingerprint of the message, If message is changed, hash value changes
C. Takes a fixed-length message and produces a variable-length value (i.e., message digest), Like a fingerprint of the message, If message is changed, hash value changes
D. B and C

Reference no: EM132017843

Questions Cloud

What is the profitability index of the transmission : A new transmission in your truck will cost $5,000.00. Luckily, it should reduce maintenance expense by $3,725.00 each year for the next 10 years.
What will the value of the firm be : New Schools expects an EBIT of $87,000 every year forever. The firm currently has no debt, and its cost of equity is 14.6 percent. The firm can borrow at 7.4.
Find what is the expected return of the portfolio : If the return on the market portfolio is 9% and the 90-day T-Bills are selling at 2% (the risk-free rate); is the expected return of the portfolio aligned.
What would cost of equity be if debt–equity ratio were zero : What would the cost of equity be if the debt–equity ratio were zero?
Which of the following are penetration testing methodology : Which of the following are Penetration testing methodology? Which of the following skills are needed to be a security tester?
Save each month until the month before he retires : Given a rate of return of 4% for the foreseeable future, how much does he need to save each month until the month before he retires?
What is amount recorded for the day sales : The actual cash received from cash sales was $14,356, and the amount indicated by the cash register total was $14,290. What is amount recorded for the day sales
Evaluate the role of basic networking and operating system : Job Experience Integration: Describe how your work experiences were used in the classroom and attributed to your performance in the course.
What is the coupon rate of bond with par value : What is the coupon rate of a bond with a par value of $1000, it is currently selling for $800, has 15 years to maturity and market rate is 10% per annul ?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd