Question 1

Testing an organization's security is known as ________ testing.&#10;A)Penetration&#10;B)Location&#10;C)Virus&#10;D)None of the above

Accepted Answer

Penetration testing, also known as pen testing or ethical hacking, is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.

Question 2

Hacking into phone systems is also known as phreaking.

Accepted Answer

Phreaking is the term used to describe the act of hacking into telephone networks, often to make free calls or to explore the system's features and limitations.

Question 3

Black hat hackers are also known as script kiddies.

Accepted Answer

Black hat hackers are skilled individuals who engage in malicious activities such as hacking into systems for personal gain, whereas script kiddies are less skilled individuals who use existing computer scripts or codes to hack into systems without fully understanding the underlying principles.

Question 4

Windows passwords are stored in a hash file in one of the system diretories.

Accepted Answer

Windows stores passwords in a hashed format in the SAM (Security Accounts Manager) file, which is located in the system32/config directory of the Windows installation.

Question 5

Checking an organization's websites is a form of active scanning.

Accepted Answer

Checking an organization's websites is considered passive scanning because it does not directly interact with the target's network or systems in a way that would generate logs or alerts.

Question 6

Nmap enables you to set ________ such as -sP,-sS,and -oA.&#10;A)Parameters&#10;B)Flags&#10;C)Switches&#10;D)None of the above

Accepted Answer

Nmap uses flags to specify different options and behaviors, such as -sP for ping scan, -sS for SYN scan, and -oA for output in all formats.

Question 7

The most reliable Nmap scan is ____________ scan.&#10;A)ping&#10;B)Connect&#10;C)SYN&#10;D)FIN

Accepted Answer

The Connect scan, also known as a TCP Connect scan, is considered the most reliable Nmap scan because it completes the TCP three-way handshake process, making it very effective in determining whether a port is open. Unlike other scan types that might use different methods to infer the status of a port without establishing a full connection, the Connect scan directly interacts with the target, providing clear and reliable results.

Question 8

NetBIOS is an example of a port scanner.

Accepted Answer

NetBIOS is a networked file sharing protocol used in Windows networks for data communication among devices, not a port scanner. Port scanners are tools used to detect open ports and services on a host.

Question 9

Hacking into phone systems is called ___________.&#10;A)Telnetting&#10;B)Dial hacking&#10;C)Phreaking&#10;D)None of the above

Accepted Answer

Phreaking specifically refers to the act of hacking into telephone networks, a practice that became popular in the late 20th century.

Question 10

Some who performs a cyberattack without actually understanding it is a _______.&#10;A)Gray hat hacker&#10;B)White hat hacker&#10;C)Script kiddie&#10;D)None of the above

Accepted Answer

Script kiddies are individuals who use existing computer scripts or codes to hack into computers, lacking the expertise to understand the underlying mechanics.

Question 11

ACK scans and NULL scans work only on UNIX systems.

Accepted Answer

The answer of ACK scans and NULL scans work only...

Question 12

The most popular port scanner in the hacking and security community is ________.&#10;A)Portscan&#10;B)Nmap&#10;C)Servport&#10;D)NetBIOS

Accepted Answer

The answer of The most popular port scanner in the...

Question 13

Ping scanning may be stopped by blocking ICMP packets.

Accepted Answer

The answer of Ping scanning may be stopped by blocking...

Question 14

Sid2User,UserInfo,and UserDump are examples of password cracking tools.

Accepted Answer

The answer of Sid2User,UserInfo,and UserDump are examples of password cracking...

Question 15

___________ is the process to find out what is on a target system.&#10;A)Enumeration&#10;B)Phishing&#10;C)Mapping&#10;D)Scanning

Accepted Answer

The answer of ___________ is the process to find out...

Question 16

NMAP is a popular hacking tool.

Accepted Answer

The answer of NMAP is a popular hacking tool....

Question 17

With a(n)_________ scan,if the port is closed,the response is an RST.If the port is open,the response is a SYN/ACK.&#10;A)FIN&#10;B)XMAS&#10;C)SYN&#10;D)ACK

Accepted Answer

The answer of With a(n)_________ scan,if the port is closed,the...

Question 18

There are 1,024 well-known ________ that are usually associated with specific services.&#10;A)Ports&#10;B)Processes&#10;C)Applications&#10;D)Programs

Accepted Answer

The answer of There are 1,024 well-known ________ that are...

Question 19

A SQL statement may begin with the word SELECT.

Accepted Answer

The answer of A SQL statement may begin with the...

Question 20

Scanning bulletin boards,making phony phone calls,and visiting websites by a hacker are examples of _________.&#10;A)Active scanning&#10;B)Passive scanning&#10;C)Phreaking&#10;D)Scouring

Accepted Answer

The answer of Scanning bulletin boards,making phony phone calls,and visiting...

Question 21

To create a domain admin account,the user must be a member of the __________ group.&#10;A)Domain admins&#10;B)Domain users&#10;C)Backup operators&#10;D)Everyone

Accepted Answer

The answer of To create a domain admin account,the user...

Question 22

_________ is a popular tool for cracking Windows passwords.&#10;A)Sid2User&#10;B)Cheops&#10;C)Netcat&#10;D)OphCrack

Accepted Answer

The answer of _________ is a popular tool for cracking...

Question 23

The net command can be included in a ________ that will create a domain admin account.&#10;A)Port&#10;B)Scan&#10;C)Script&#10;D)None of the above

Accepted Answer

The answer of The net command can be included in...

Question 24

Passing structured query language commands to a web application and getting the website to execute it is called SQL script _________.&#10;A)Injection&#10;B)Processing&#10;C)Attacking&#10;D)Execution

Accepted Answer

The answer of Passing structured query language commands to a...

Question 25

When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it,it is an example of _________.&#10;A)Cross-site scripting&#10;B)Phreaking&#10;C)Phishing&#10;D)None of the above

Accepted Answer

The answer of When an attacker injects client-side scripts into...

Deck 6: Techniques Used by Hackers