CNIT 123
Review
Chapter 1
Ethical Hacking
Overview
Sally wants to hack into the CCSF
medical center and get student
records, to prove how lousy the
security is. What should she do first?
A. Use Tor
B. Create a fake identity
C. Inform the college administration in writing
D. Get permission from the college
administration in writing
E. None of the above
Sally wants to hack into the CCSF
medical center and get student
records, to prove how lousy the
security is. What should she do first?
A. Use Tor
B. Create a fake identity
C. Inform the college administration in writing
D. Get permission from the college
administration in writing
E. None of the above
What law makes it a federal crime to
access classified information without
authorization?
A. CFAA
B. EPIC
C. PATRIOT ACT
D. Stored Wire and Electronic Communication
and Transactional Records Act
E. DMCA
Which of these acts is illegal?
A. Cracking WEP to use your neighbor's router
B. Using Nmap to scan google.com
C. Bypassing a logon password as part of a
computer repair job for a customer
D. Searching for passwords on Google
E. Reading secret documents on Wikileaks
Which act is not illegal?
A. Downloading pop music from The Pirate Bay
B. Connecting to your neighbor's unsecured
wireless network
C. Using a keylogger to get your teacher's final
exam
D. Using a booter to kick rival players off a video
game
E. Joining Anonymous and taking down Sony with
the Low Orbit Ion Cannon
Chapter 2
TCP/IP Concepts Review
Which TCP/IP layer uses MAC
addresses?
A. Application
B. Transport
C. Internet
D. Network
E. None of the above
Which protocol is encrypted?
A. HTTP
B. Telnet
C. FTP
D. SMTP
E. None of the above
I send a SYN to a server, and get a RST
back. What state is this port in?
A. Open
B. Closed
C. Filtered
D. The answer cannot be determined from the
information provided
I send an ACK to a server, and get no
reply. What state is this port in?
A. Open
B. Closed
C. Filtered
D. The answer cannot be determined from the
information provided
Which TCP header field determines
how frequently ACK packets are
required?
A. Destination port
B. SEQ
C. ACK
D. Data offset
E. Window
Which protocol is the most secure?
A. Telnet
B. FTP
C. SSH
D. HTTP
E. SMTP
Which protocol uses the GET method?
A. Ethernet
B. IP
C. TCP
D. UDP
E. HTTP
Which protocol uses SYN and ACK?
A. Ethernet
B. IP
C. TCP
D. UDP
E. HTTP
Which protocol uses MAC addresses?
A. Ethernet
B. IP
C. TCP
D. UDP
E. HTTP
How many bits are there in an IPv4
address?
A. 8
B. 32
C. 48
D. 128
E. 256
What port does Telnet use?
A. 20
B. 21
C. 23
D. 80
E. 443
What makes UDP different from TCP?
A. UDP has no handshake
B. UDP is unreliable
C. UDP transfers data faster
D. UDP has a smaller header
E. All of the above
Chapter 3
Network and Computer
Attacks
Which threat must be attached to an
EXE file?
A. Virus
B. Worm
C. Trojan
D. Keylogger
E. Rootkit
Which threat is caused by lying
security professionals?
A. Bot
B. FUD
C. DoS
D. DDoS
E. Buffer overflow
Which threat is caused by a careless
programmer?
A. Bot
B. Trojan
C. DoS
D. DDoS
E. Buffer overflow
Which attack uses hundreds or
thousands of machines at once?
A. Buffer overflow
B. DoS
C. Spoofing
D. Spam
E. DDoS
Which attack defeats physical security?
A. Virus
B. Session hijacking
C. Keylogger
D. Bump key
E. Worm
Chapter 4
Footprinting and Social
Engineering
Which item allows you to change
HTTP requests as they are sent?
A. Proxy
B. Footprinting
C. Whois
D. Cookie
E. Web bug
Which item finds the human who
owns a domain name?
A. HTTP status code
B. Footprinting
C. Whois
D. Cookie
E. Web bug
Which item finds a list of all the
computers at a company?
A. Extortion
B. Footprinting
C. Zone transfer
D. Cookie
E. Web bug
What is the most common way to
break into an email account?
A. Extortion
B. Footprinting
C. Piggybacking
D. Shoulder surfing
E. Phishing
Which tool queries a DNS server?
A. Proxy
B. Nmap
C. Cain
D. Whois
E. dig
Which item is a passive plaintext file?
A. Web bug
B. Cookie
C. Zone transfer
D. HTTP GET
E. Spam
Chapter 5
Port Scanning
Which type of scan became far less
effective after Windows XP SP2?
A. PING scan
B. SYN scan
C. ACK scan
D. UDP scan
E. NULL scan
Which type of scan is the most
common, and called a "Stealth scan"?
A. PING scan
B. SYN scan
C. ACK scan
D. UDP scan
E. NULL scan
Chapter 6
Enumeration
Which OS introduced Plug and Play?
A. Win 95
B. Win XP
C. Vista
D. Win 7
E. Win 8
Which OS used the FAT file system?
A. Win 95
B. Win XP
C. Vista
D. Win 7
E. Win 8
Which OS introduced ASLR?
A. Win 95
B. Win XP
C. Vista
D. Win 7
E. Win 8
Which OS uses null sessions?
A. Old Windows versions
B. All Windows versions
C. Unix
D. Netware
E. iOS
Chapter 7
Programming for
Security Professionals
Which is an object-oriented
language?
A. C
B. Assembly language
C. Machine language
D. C++
E. Perl
Which language is most likely to
cause buffer overflow errors?
A. C
B. Perl
C. Visual Basic
D. Python
E. Bash shell scripting
Chapter 8
Desktop and Server OS
Vulnerabilities
Which item is a Windows file-sharing
protocol?
A. FAT
B. NTFS
C. ADS
D. RPC
E. SMB
Which item has a Lockdown Wizard?
A. IIS
B. LDAP
C. Null sessions
D. SQL server
E. CIFS
Which item hides a file inside another
file?
A. ADS
B. LDAP
C. Null sessions
D. WinFS
E. NTFS
Chapter 9
Embedded Operating
Systems: The Hidden
Threat
Which item is based on Windows 7?
A. RTOS
B. Windows embedded standard
C. Windows CE
D. VxWorks
E. QNX
Which item is a Cisco product?
A. RTOS
B. Green hill
C. RTEMS
D. VxWorks
E. QNX
Which item is intended for use in
routers?
A. dd-wrt
B. RTLinux
C. Monolithic
D. Microkernel
E. RTEMS
Which item is a cryptographic chip?
A. Rootkit
B. TPM
C. LoJack
D. Stuxnet
E. AURORA
Chapter 1
Ethical Hacking
Overview
What is the most popular Web
server?
A. Apache
B. Nginx
C. IIS
D. Firefox
E. Chrome
What security flaw has caused the
most stolen data?
A. XSS
B. Injection
C. CSRF
D. Unsecured storage
E. Unsecured transmission
What security flaw allows one user to
impersonate another?
A. XSS
B. Injection
C. CSRF
D. Unsecured storage
E. Unsecured transmission
What is the best way to prevent SQL
injections?
A. WAF
B. Input validation
C. Output validation
D. Parameterized queries
E. OS updates
Chapter 11
Hacking Wireless
Network
Which method is the best way to
secure a wireless network?
A. Disabling SSID broadcasts
B. MAC address filtering
C. WEP
D. WPA
E. WPS
Which standard goes up to 54 Mbps
at 5 Ghz?
A. 802.11a
B. 802.11b
C. 802.11g
D. 802.11n
E. 802.11ac
Which standard includes Bluetooth?
A. 802.3
B. 802.11
C. 802.15
D. 802.16
E. 802.1x
Which standard is used in WPAEnterprise but not WPA-PSK?
A. 802.3
B. 802.11
C. 802.15
D. 802.16
E. 802.1x
Which item identifies a server?
A. PAP
B. CHAP
C. LEAP
D. X.509
E. AES
Chapter 12
Cryptography
Which item provides integrity but not
confidentiality?
A. Symmetric encryption
B. Asymmetric encryption
C. Hashing
D. Obfuscation
E. Steganography
Which system is used to create and
distribute certificates?
A. Symmetric encryption
B. Asymmetric encryption
C. Hashing
D. PKI
E. Steganography
Which encryption algorithm is secure
enough for modern use?
A. CSS
B. WEP
C. DES
D. Caesar
E. 3DES
Which item is a symmetric encryption
standard?
A. RSA
B. El Gamal
C. ECC
D. MD5
E. AES
Which item is insecure and has been
replaced by SHA?
A. PGP
B. S/MIME
C. MD5
D. Blowfish
E. CRL
Which item prevents rainbow table
attacks?
A. Stretching
B. Hashing
C. Salting
D. Encryption
E. None of the above
Chapter 13
Protecting Networks
with Security Devices
Which device provides stateful
inspection?
A. Router
B. IDS
C. IPS
D. Honeypot
E. Firewall
Which device can filter packets, but
only based on OSI layer 3 and 4
headers?
A. Router
B. IDS
C. IPS
D. Honeypot
E. Firewall
Which item should not be placed in
the DMZ?
A. Web server
B. Email server
C. WLAN
D. Domain controller
E. FTP server
Which item should have no IP
address?
A. Honeypot
B. IDS
C. IPS
D. WAF
E. Firewall