User Account

All Pages

Which of the given are penetration testing methodology

Assignment Help Computer Engineering
Reference no: EM132022554

Questions: 1) Which of the following are Penetration testing methodology?

A. White box model

B. Black box model

C. Gray box model

D. All of the above

2) Which of the following skills are needed to be a security tester?

A. Knowledge of network and computer technology

B. Ability to communicate with management and IT personnel

C. An understanding of the laws in your location and ability to use necessary tools

D. All of the above

3) Which of the following are the district layer of TCP/IP?

A. Network and Internet

B. Transport and Application

C. Network, Internet, Transport, Presentation

D. A and B

4) Which of the followings are the TCP segment flags?

A. SYN flag: synch flag , ACK flag: acknowledgment flag

B. PSH flag: push flag, URG flag: urgent flag, STF flag: set test flag

C. PSH flag: push flag, URG flag: urgent flag, RST flag: reset flag, FIN flag: finish flag

D. A and C

5) Which of the following are properties of User Datagram Protocol (UDP)?

A. Fast but unreliable delivery protocol and Operates on Transport layer

B. Used for speed but Does not need to verify receiver is listening or ready

C. Depends on higher layers of TCP/IP stack handle problems and Referred to as a connectionless protocol

D. All of the above

6) Distributed denial-of-service (DDoS) attack is:

A. Attack on host from single servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed

B. Attack on host from multiple servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed

C. Attack on server from multiple host or workstations and Network could be flooded with billions of packets causes Loss of bandwidth and Degradation or loss of speed

D. None of the above

7) Different categories of Attacks are:

A. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow

B. Ping of Death, Session hijacking

C. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow, Ping of Death, Port High jacking (PoH)

D. A and B

8) Which of the following are Social Engineering Tactics?

A. Persuasion, Intimidation, Coercion

B. Persuasion, Intimidation, Coercion, Extortion, blackmailing

C. Persuasion, Intimidation, Coercion, Extortion, Urgency

D. All of the above

9) Which of the following/s are types of Port Scans?

A. ACK scan, FIN scan, UDP scan

B. SYN scan, NULL scan, XMAS scan,

C. ACK scan, FIN scan, UDP scan, SYN scan, NULL scan, XMAC scan

D. A and B

10) Enumeration extracts information about:

A. Resources or shares on the network

B. Usernames or groups assigned on the network

C. User's password and recent logon times

D. All of the above

11) Which of the following are NetBIOS Enumeration Tools?

A. Nbtstat command, Net view command, Net use command

B. Nbtstat command, Net view command, Dumpsec command

C. Nbtstat command, Net view command, Hyena command

D. None of the above

12) Dumsec is an Enumeration tool for Windows systems that does the following/s:

A. Allows user to connect to a server and "dump", Permissions for shares, Permissions for printers

B. Permissions for the Registry, Users in column or table format, Policies ,Rights, Services

C. Allows user to connect to a server and "dump", Permissions for shares, Permissions for printers and Permissions for the Registry, Users in column or table format

D. A and B

13) Which of the following are Tools for enumerating Windows targets?

A. Nbtstat, Net view, Net use

B. Nbtstat, Net view, Net use and Other utilities

C. Nbtstat, Net view, Net use, Nessus

D. All of the above

14) Which of the following statements is more accurate about Windows OS?

A. Many Windows OSs have serious vulnerabilities

B. None of the Windows OSs have any serious vulnerabilities

C. A few Windows OSs have any serious vulnerabilities

D. All of the Windows OSs have any serious vulnerabilities

15) Which of the following best describes Remote Procedure Call?

A. Allows a program running on one host to run code on a remote host

B. Allows a program running on one server to run code on another server

C. Allows a program running any server to run code on a designated clinet

D. None of the above

16) Buffer Overflows occurs when:

A. Data is written to a buffer and corrupts data in memory next to allocated buffer

B. Normally, occurs when copying strings of characters from one buffer to another

C. Data is deleted from a buffer and corrupts data in memory next to deleted buffer

D. A and B

17) Microsoft Baseline Security Analyzer (MBSA) is capable of checking which of the following/s?

A. Patches, Security updates, Configuration errors

B. Blank or weak passwords

C. A and B

D. None of the above

18) Which of the following/s are Vulnerabilities in Windows file systems?

A. Lack of ACL support in FAT and Risk of malicious ADSs in NTFS

B. RCP, NetBIOS, SMB, Null sessions

C. Windows Web services and IIS

D. All of the above

19) An Embedded system is:

A. Any computer system that is a general-purpose PC or server and they are in all networks and Perform essential functions

B. Any computer system that isn't a general-purpose PC or server and they are in all networks and Perform essential functions

C. Any computer system that isn't a server or client

D. None of the above

20) Object Linking and Embedding Database are Set of interfaces that:

A. Enable applications to access data stored in DBMS and relies on connection strings and allows application to access data stored on external device

B. Enable applications to access data stored in a server and relies on connection tokens and allows application to access data stored on external device

C. Enable applications to access data stored in flat files

D. All of the above

21) ActiveX Data Objects are:

A. Programming interface for connecting Web applications to a database

B. Defines a set of technologies that allow desktop applications to interact with Web

C. Network interface for connecting Web applications to a database

D. A and B

22) Attackers controlling a Web server can do which of the following/s?

A. Deface the Web site and destroy company's database or sell contents

B. Gain control of user accounts and perform secondary attacks

C. Gain root access to other application servers

D. All of the above

23) Which of the following/s are Web application vulnerabilities?

A. Cross-site scripting (XSS) flaws and Injection flaws and malicious file execution and Unsecured direct object reference

B. Cross-site request forgery (CSRF) and Information leakage and incorrect error handling and Broken authentication and session management

C. Unsecured cryptographic storage and Unsecured communication and Failure to restrict URL access

D. All of the above

24) Which of the following statements best describes Wireless Hacking?

A. Hacking a wireless network is different from hacking a wired Lan and Port scanning and Enumeration techniques can not be used.

B. Hacking a wireless network is not much different from hacking a wired LAN and Port scanning and Enumeration techniques can be used.

C. Hacking a wireless network is not much different from hacking a wired LAN and Port scanning technique can be used

D. All of the above

25) Cryptography is:

A. Process of converting plaintext into ciphertext

B. Process of converting ciphertext into plaintext

C. Process of converting plaintext into ciphertext and vise versa

D. All of the above

26) Which of the following statements is true?

A. Cryptography is a new technology

B. Cryptography has been around for thousands of years

C. Cryptography has been around for hundreds of years

D. None of the above

27) Which of the following best describes Hashing Algorithms?

A. Takes a variable-length message and produces a fixed-length value (i.e., message digest), Like a fingerprint of the message

B. Takes a variable-length message and produces a fixed-length value (i.e., message digest), Like a fingerprint of the message, If message is changed, hash value changes

C. Takes a fixed-length message and produces a variable-length value (i.e., message digest), Like a fingerprint of the message, If message is changed, hash value changes

D. B and C

Reference no: EM132022554

Questions Cloud

Coefficient of variation for sat scores : What is the coefficient of variation for SAT scores at this? school?
What are the issues and challenges with circuit city : What are the issues and challenges with Circuit City 2018 latest e-commerce initiative? The response must be typed.
Proportion of people who read books in print : A bookstore owner claims that the proportion of people who read books in print is not equal to 0.34.
Research which is better or more secure ssl or tls : Research which is better or more secure SSL or TLS - explain and justify your position. Include which one you use today and plan on using tomorrow.
Which of the given are penetration testing methodology : Which of the following are Penetration testing methodology? Which of the following skills are needed to be a security tester?
What is the probability that a randomly selected adult : What is the probability that a randomly selected adult has a "normal" resting body temperature that is greater than 99 degrees Fahrenheit?
How did technology transform the urban landscape : Which of the following factors contributed significantly to the astonishing growth in America's urban population between 1870 and 1900?
Use z-scores to make the comparison : Assume that male and female heights are normally distributed and that the average height for a male is 71 inches with a standard deviation
What is the probability distribution of the compensation : a) What is the probability distribution of the compensation that the motel must pay?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd