0
[{"id":458013,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:53:21","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following types of penetration test teams will provide you information that is most\r\nrevealing of a real-world hacker attack?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":23,"explanation":"A zero-knowledge team is a penetration testing team which most closely simulates a real-world\r\nhacker attack as they must perform all of the initial blind reconnaissance.\r\nA full-knowledge team is least like a real-world hacker, as they already know everything about the\r\nenvironment. A partial-knowledge team is closer to a real-world hacker than a full-knowledge\r\nteam, but not as close as a zero-knowledge team. A a split-knowledge team is not a generally-\r\naccepted standard penetration team. Split knowledge refers to a separation of duties concept.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458016,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 02:02:34","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following are included in an operations penetration test? (Select two.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":26,"explanation":"In an operations penetration test, the tester attempts to gain as much information as possible\r\nusing the following methods:\r\n\u2022 In Dumpster diving, the attacker looks through discarded papers or media for sensitive\r\ninformation.\r\n\u2022 With over-the-shoulder reconnaissance, attackers eavesdrop or obtain sensitive information\r\nfrom items that are not properly stored.\r\n\u2022 Using social engineering, attackers act as imposters with the intent to gain access or\r\ninformation.\r\n\r\nScanning various ports on remote hosts looking for well-known services (known as port scanning )\r\nand duplicating captured packets without altering or interfering with the flow of traffic on that\r\nmedium (known as sniffing) are both types of electronic penetration tests. Sneaking into a\r\nbuilding without authorization is a physical penetration test.\r\n\r\n","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458017,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 02:03:46","updated_at":"2018-05-13 07:44:58","questionName":"Which phase or step of a security assessment is a passive activity?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":27,"explanation":"Reconnaissance is the only step of a security assessment (penetration testing) that is passive.\r\nEnumeration, vulnerability mapping, and privilege escalation are all active events in a security\r\nassessment.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458005,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:28:59","updated_at":"2018-05-13 07:44:58","questionName":"KWalletManager is a Linux-based credential management system that stores encrypted account\r\ncredentials for network resources.\r\nWhich encryption methods can KWalletManager use to secure account credentials? (Select two.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":15,"explanation":"KWalletManager offers two encryption options for protecting stored account credentials:\r\n\u2022 Blowfish\r\n\u2022 GPG\r\nHMAC-SHA1 is most often used with one-time passwords. Kerberos is used for login\r\nauthentication and authorization in a Windows domain. Twofish is an encryption mechanism that\r\nis similar to the Blowfish block cipher, but has not been standardized at this point.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458008,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:45:12","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following uses hacking techniques to proactively discover internal vulnerabilities?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":18,"explanation":"Penetration testing is the practice of proactively testing systems and policies for vulnerabilities.\r\nThis approach seeks to identify vulnerabilities internally before a malicious individual can take\r\nadvantage of them. Common techniques are identical to those used by hackers and include\r\nnetwork\/target enumeration and port scanning.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458019,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 02:08:19","updated_at":"2018-05-13 07:44:58","questionName":"You are an application developer. You use a hypervisor with multiple virtual machines installed to\r\ntest your applications on various operating systems versions and editions.\r\nCurrently, all of your testing virtual machines are connected to the production network through\r\nthe hypervisor's network interface. However, you are concerned that the latest application you\r\nare working on could adversely impact other network hosts if errors exist in the code.\r\nTo prevent issues, you decide to isolate the virtual machines from the production network.\r\nHowever, they still need to be able to communicate directly with each other.\r\nWhat should you do? (Select two. Both responses are part of the complete solution.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":29,"explanation":"To allow the virtual machines to communicate with each other while isolating them from the\r\nproduction network, complete the following:\r\n-Create a new virtual switch configured for host-only (internal) networking\r\n-Connect the virtual network interfaces in the virtual machines to the virtual switch\r\nCreating a bridged virtual switch would still allow the virtual machines to communicate on the\r\nproduction network through the hypervisor's network interface. Disconnecting the hypervisor's\r\nnetwork cable, blocking the virtual machine's MAC addresses, or disabling the hypervisor's switch\r\nport would isolate the virtual machines from the production network, but would also prevent them\r\nfrom communicating with each other.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458018,"quiz_id":"23542","answer_id":null,"answerType_id":"2","created_at":"2018-05-12 02:06:10","updated_at":"2018-05-13 07:44:58","questionName":"Drag each penetration test characteristic on the left to the appropriate penetration test name on\r\nthe right.","questionTimeSeconds":"0","questionTimeMinutes":"20","questionImagePath":null,"position":28,"explanation":"Penetration testing is classified by the knowledge that the attacker and system personnel have\r\nprior to the attack.\r\n\u2022 In a black box test, the tester has no prior knowledge of the target system.\r\n\u2022 In a white box test, the tester has detailed information prior to starting the test.\r\n\u2022 In a grey box test, the tester has the same amount of information that would be available to\r\na typical insider in the organization.\r\n\u2022 A single blind test is one in which one side has advanced knowledge. For example, either the\r\nattacker has prior knowledge about the target system, or the defender has knowledge about\r\nthe impending attack.\r\n\u2022 A double blind test is one in which the penetration tester does not have prior information\r\nabout the system and the network administrator has no knowledge that the test is being\r\nperformed. The double blind test provides more accurate information about the security of the\r\nsystem.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458010,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:49:01","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following activities are typically associated with a penetration test? (Select two.)","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":20,"explanation":"Penetration testing is an organization's attempt to circumvent security controls to identify\r\nvulnerabilities in their information systems. It simulates an actual attack on the network and is\r\nconducted from outside the organization's security perimeter. Penetration testing helps assure the\r\neffectiveness of an organization's security policy, security mechanism implementations, and\r\ndeployed countermeasures.\r\nPenetration testing typically uses tools and methods that are available to attackers. Penetration\r\ntesting might start with attempts at social engineering or other reconnaissance activities followed\r\nby more active scans of systems and actual attempts to access secure systems.\r\nA vulnerability scanner checks a system for weaknesses. Vulnerability scanners typically require\r\nadministrative access to a system and are performed internally to check for weaknesses, but not\r\nto test system security. Typically, penetration testers typically cannot run a vulnerability scanner\r\nunless they have gained unauthorized access to a system.\r\nA performance baseline is created by an administrator to identify normal network and system\r\nperformance. Auditing might include interviewing employees to make sure that security policies\r\nare being followed.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458014,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:55:31","updated_at":"2018-05-13 07:44:58","questionName":"A security administrator is conducting a penetration test on a network. She connects a notebook\r\nsystem running Linux to the wireless network and then uses NMAP to probe various network\r\nhosts to see which operating system they are running.\r\nWhich process did the administrator use in the penetration test in this scenario?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":24,"explanation":"Active fingerprinting was used by the administrator in this scenario. Active fingerprinting is a form\r\nof system enumeration that is designed to gain as much information about a specific computer as\r\npossible. It identifies operating systems based upon ICMP message quoting characteristics.\r\nPortions of an original ICMP request are repeated (or quoted) within the response, and each\r\noperating system quotes this information back in a slightly different manner. Active fingerprinting\r\ncan determine the operating system and even the patch level.\r\nPassive fingerprinting is similar to active fingerprinting. However, it does not utilize the active\r\nprobes of specific systems. Network enumeration (also called network mapping) involves a\r\nthorough and systematic discovery of as much of the corporate network as possible, using:\r\n-Social engineering\r\n-Wardriving\r\n-War dialing\r\n-Banner grabbing\r\n- Firewalking\r\nFirewalking uses traceroute techniques to discover which services can pass through a firewall or a\r\nrouter. Common firewalking tools are Hping and Firewalk.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458009,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:47:31","updated_at":"2018-05-13 07:44:58","questionName":"You have decided to perform a double-blind penetration test. Which of the following actions\r\nwould you perform first?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":19,"explanation":"Before starting a penetration test (also called a pen test), it is important to define the Rules of\r\nEngagement (ROE), or the boundaries of the test. Important actions to take include:\r\n-Obtain a written and signed authorization from the highest possible senior management\r\n-Delegate personnel who are experts in the areas being tested\r\n-Gain approval from the internet provider to perform the penetration test\r\n-Make sure that all tools or programs used in the test are legal and ethical\r\n-Establish the scope and timeline\r\n-Identify systems that will not be included in the test\r\nReconnaissance, social engineering, and system scanning are all actions performed during a\r\npenetration test. However, no actions should be taken before approval to conduct the test is\r\nobtained.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458012,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:52:02","updated_at":"2018-05-13 07:44:58","questionName":"What is the primary purpose of penetration testing?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":22,"explanation":"The primary purpose of penetration testing is to test the effectiveness of your security perimeter.\r\nOnly by attempting to break into your own secured network can you be assured that your security\r\npolicy, security mechanism implementations, and deployed countermeasures are effective. It is\r\nimportant to obtain senior management approval before starting a penetration testing or\r\nvulnerability scanning project. Often, penetration testing or vulnerability scanning is performed by\r\nan external consultant or security outsourcing agency that is hired by your organization.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458006,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:38:33","updated_at":"2018-05-13 07:44:58","questionName":"You want to protect the authentication credentials you use to connect to the LAB server in your\r\nnetwork by copying them to a USB drive.\r\nClick the option you use in Credential Manager to protect your credentials.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":"uploads\/security-pro-chapter-6-7\/Security Pro Chapter 6-7 q1.png","position":16,"explanation":"Within Credential Manager, use the Back up Credentials and Restore Credentials links to back up\r\nand restore credentials. It is recommended that you back up credentials to a removable device,\r\nsuch as a USB flash drive, to protect them from a hard disk crash on the local system.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458015,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:57:07","updated_at":"2018-05-13 07:44:58","questionName":"A security administrator is conducting a penetration test on a network. She connects a notebook\r\nsystem to a mirror port on a network switch. She then uses a packet sniffer to monitor network\r\ntraffic to try to determine which operating systems are running on network hosts.\r\nWhich process did the administrator use in the penetration test in this scenario?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":25,"explanation":"In this scenario, the administrator uses passive fingerprinting. Passive fingerprinting is a form of\r\nsystem enumeration that is designed to gain as much information about network computers as\r\npossible. It passively listens to network traffic generated by network hosts and attempts to\r\nidentify which operating systems are in use based upon the ICMP message quoting characteristics\r\nthey use. Portions of original ICMP requests are repeated (or quoted) within each response. Each\r\noperating system quotes this information back in a slightly different manner.\r\nActive fingerprinting works in much the same manner as passive fingerprinting. However, it\r\nutilizes active probes of specific systems instead of passive monitoring.\r\nNetwork enumeration (also called network mapping) involves a thorough and systematic\r\ndiscovery of as much of the corporate network as possible, using:\r\n-Social engineering\r\n-Wardriving\r\n-War dialing\r\n-Banner grabbing\r\n-Firewalking\r\nFirewalking uses traceroute techniques to discover which services can pass through a firewall or a\r\nrouter. Common firewalking tools are Hping and Firewalk .","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458007,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:44:06","updated_at":"2018-05-13 07:44:58","questionName":"Which of the following identifies an operating system or network service based on its response to\r\nICMP messages?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":17,"explanation":"Fingerprinting identifies an operating system or network service based on its response to ICMP\r\nmessages. Portions of the original ICMP request are repeated (or quoted) within the response.\r\nEach operating system quotes this information back in a slightly different manner.\r\nPort scanning pings every port on an external interface or attempts a connection in order to\r\ndiscover which ports are open and active, and which are not. Firewalking uses traceroute to\r\ndiscover which services can pass through a firewall or a router. Social engineering exploits human\r\nnature to obtain information, often by impersonating someone of authority and requesting data.","question_score_id":null,"lang":"","questionAudioPath":null},{"id":458011,"quiz_id":"23542","answer_id":null,"answerType_id":"0","created_at":"2018-05-12 01:50:12","updated_at":"2018-05-13 07:44:58","questionName":"What is the main difference between vulnerability scanning and penetration testing?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":21,"explanation":"Penetration testing simulates an actual attack on the network and is conducted from outside the\r\norganization's security perimeter. Vulnerability scanning is typically performed internally by users\r\nwith administrative access to the system.\r\nThe goal of both vulnerability scanning and penetration testing is to identify the effectiveness of\r\nsecurity measures and weaknesses that can be fixed. While some penetration testing is\r\nperformed with no knowledge of the network, penetration testing could be performed by testers\r\nwith detailed information about the systems. Both vulnerability scanning and penetration testing\r\ncan use similar tools, although illegal tools should be avoided in both activities.","question_score_id":null,"lang":"","questionAudioPath":null}]