Security Protocols and Access Control
30 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which type of hacker may use their skills for both benign and malicious goals at different times?

  • Black hat
  • White hat
  • Suicide hacker
  • Gray hat (correct)
  • What is the primary goal of a hacktivist?

  • To disrupt business operations
  • To bring about political or social change (correct)
  • To steal sensitive information
  • To gain unauthorized access to a system
  • What is the key characteristic of a suicide hacker?

  • Disregard for the law
  • Intent to reform
  • Lack of fear of being caught (correct)
  • Desire to be helpful
  • What is the primary focus of vulnerability research?

    <p>Passively uncovering vulnerabilities</p> Signup and view all the answers

    What is the purpose of a contract in penetration testing?

    <p>To provide proof of testing</p> Signup and view all the answers

    At which layer of the OSI model does a device that uses node MAC addresses to funnel traffic operate?

    <p>Layer 2</p> Signup and view all the answers

    What does TOE stand for in the context of penetration testing?

    <p>Target of evaluation</p> Signup and view all the answers

    What is the primary function of a proxy operating at the Application layer of the OSI model?

    <p>Caching frequently requested resources</p> Signup and view all the answers

    What is the most common desktop operating system, which is also a large attack surface?

    <p>Windows</p> Signup and view all the answers

    Which port is used for secure web traffic using SSL?

    <p>443</p> Signup and view all the answers

    What type of network topology uses a token-based access methodology?

    <p>Ring</p> Signup and view all the answers

    What is the sequence of the TCP three-way-handshake?

    <p>SYN, SYN-ACK, ACK</p> Signup and view all the answers

    What type of firewall inspects packets at the most granular level possible while providing improved traffic efficiency?

    <p>Application firewall</p> Signup and view all the answers

    What Google command is used to search files using a specific file extension on a target website?

    <p>site: target.com filetype:xls username password email</p> Signup and view all the answers

    What type of OS fingerprinting technique involves analyzing the response to specially crafted packets?

    <p>Active</p> Signup and view all the answers

    What access control mechanism allows for central authentication and access to multiple systems?

    <p>Single Sign-On (SSO)</p> Signup and view all the answers

    What is the primary function of an application firewall?

    <p>Inspecting packets at the application layer</p> Signup and view all the answers

    What is the goal of using Google commands for data analysis?

    <p>To gather information about system functions and documentation</p> Signup and view all the answers

    What is the primary focus of a security audit or vulnerability assessment?

    <p>Locating vulnerabilities</p> Signup and view all the answers

    What restricts access to a single individual at any one time?

    <p>Mantrap</p> Signup and view all the answers

    Which mechanism manages digital certificates through a system of trust?

    <p>PKI</p> Signup and view all the answers

    What protocol is used to create a secure environment in a wireless network?

    <p>WPA</p> Signup and view all the answers

    What type of exercise is conducted with full knowledge of the target environment?

    <p>White box</p> Signup and view all the answers

    Which technology would best establish a network connection between two LANs using the Internet?

    <p>L2TP</p> Signup and view all the answers

    Which regulation defines security and privacy controls for Federal information systems and organizations?

    <p>NIST SP 800-53</p> Signup and view all the answers

    What is the primary purpose of DNSSEC?

    <p>To prevent DNS poisoning and spoofing attacks</p> Signup and view all the answers

    Which statement regarding ethical hacking is incorrect?

    <p>Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities.</p> Signup and view all the answers

    What type of security policy defines the use of VPN for gaining access to an internal corporate network?

    <p>Remote access policy</p> Signup and view all the answers

    What is the best nmap command to enumerate all machines in the network 10.10.0.0/24?

    <p>nmap -T4 -F 10.10.0.0/24</p> Signup and view all the answers

    What is the primary goal of penetration testing?

    <p>To identify vulnerabilities in an organization's systems.</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser