Network Management Quiz 3

Questions and Answers

Which protocol is used for network management and can gather statistics and derive a current status from the node that it is operating on?

NTP

SNMP (correct)

SNMP (correct)

SSH

Which of the following is part of a DMZ but bridges access from organization to organization?

Outernet

Internet

Extranet (correct)

Intranet

How many subnets can be provided using a /26 classless inter-domain routing (CIDR)?

3

1

4 (correct)

2

What encryption algorithm is used within TLS?

RSA

Prior to deploying an anomaly-based detection system on a network, what must be achieved?

Baseline

Which of the following records determines a mail server in your domain?

MX

Which of the following has the least amount of memory available?

CPU cache

You are a security administrator for an online dating website. Your website recently experienced a zero-day SSL attack that leaked information about your SQL database. As an immediate course of action, what would be your first choice in defending and keeping your client's information safe?

Update all the web servers with the latest virus definitions.

The SAM log file entry is located in what part of a Windows Registry system?

HKEY_LOCAL_MACHINE\SAM

Under which auxiliary in Metasploit can you scan for SNMP configurations?

auxiliary/scanner/snmp

In Linux, what command is used to search for information?

grep

Which of the following tools is used to encode your payload in Metasploit?

msfencode

A system is compromised and is able to spawn a connection back to the adversary. What is the common term used to describe this activity?

Reverse shellcode

What type of function is being called by strcpy(attacker, "exploit_this");?

strcpy

Which of the following protocols is/are vulnerable to session hijacking?

UDP/IP

Which standard provides best business practice for information security management?

ISO 27002

What is the function of a CNAME record?

Supplements an alias to a domain name

Which of the following provides steganography?

XPtools

In Linux, besides the User and Group, what other object can be assigned permissions?

Others

In the TCP/IP model, what is the equivalent of the OSI Network layer?

Internet

Which of the following scanners provides ping sweeps and at times can be very noisy if not properly configured?

Angry IP

What UDP flag forces a connection to terminate at both ends of the circuit?

None

Study Notes

Network Protocols

• SNMP (Simple Network Management Protocol) is utilized for network management, gathering statistics, and obtaining the current status of a node.
• Extranet serves as a connection point that bridges access between organizations within a DMZ (Demilitarized Zone).

Subnets and CIDR

• A /26 CIDR (Classless Inter-Domain Routing) can create up to 4 subnets.

Encryption and Security Measures

• RSA (Rivest-Shamir-Adleman) is the encryption algorithm deployed within TLS (Transport Layer Security).
• Establishing a baseline is crucial before deploying an anomaly-based detection system on a network.
• For immediate action during a zero-day SSL attack, updating web servers with the latest virus definitions is an essential first step.

DNS Records

• MX (Mail Exchange) records determine the mail server used in a domain.
• CNAME (Canonical Name) records provide an alias for a domain name.

Memory and Systems

• CPU cache is the memory type with the least availability, being the most volatile.
• In a compromised system, the term "reverse shellcode" describes a scenario where a connection is initiated back to an adversary.

Tools and Commands

• The grep command in Linux is used for searching information.
• In Metasploit, msfencode is the tool utilized for encoding payloads.

Permissions in Linux

• Besides User and Group, the "Others" object can be assigned permissions in Linux systems.

TCP/IP and OSI Model

• The Internet layer in the TCP/IP model corresponds to the Network layer in the OSI (Open Systems Interconnection) model.

Security Standards

• ISO 27002 outlines best business practices for information security management.

Scanning and Network Tools

• Angry IP scanner offers ping sweeps and can be considered noisy if not correctly configured.

Session Hijacking and Vulnerabilities

• UDP/IP protocols are known to be vulnerable to session hijacking attacks.

Description

Test your knowledge of network management protocols with this quiz featuring challenging flashcards. Each question is designed to evaluate your understanding of key concepts such as SNMP and DMZs. Perfect for anyone studying networking principles or preparing for exams.