Chat with AI
Deck 1: Applying Environmental Reconnaissance
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/15
Play
Full screen (f)
Deck 1: Applying Environmental Reconnaissance
1
Kendra has a very limited budget, but has three critical servers that she needs to secure against data breaches within her company's infrastructure. She knows that she won't be able to protect the entire network, but she has started searching for a solution to secure the most critical assets. Which of the following options would she most likely choose?
A) UTM appliance
B) NIPS
C) Proxy server
D) HIPS
A) UTM appliance
B) NIPS
C) Proxy server
D) HIPS
HIPS
2
Talia has just been hired as the first security employee at an organization. Until this point, security has been everyone's responsibility, but she knows that the IT staff have different skill sets and may not be aware of certain weaknesses within various platforms. Which of the following tools might Talia use to help her determine the state of the existing infrastructure?
A) NIDS
B) Vulnerability scanner
C) OS fingerprinting
D) syslog
A) NIDS
B) Vulnerability scanner
C) OS fingerprinting
D) syslog
Vulnerability scanner
3
Malik has received a call from an employee about suspicious activity on her computer. He's not sure if it's being controlled remotely or if any other remote network connections are contributing to this issue. Which of the following tools might he initially use as part of his investigation?
A) netstat
B) ping
C) traceroute
D) nslookup
A) netstat
B) ping
C) traceroute
D) nslookup
netstat
4
Tobias has just installed Linux on a virtual machine in his company's data center. However, he isn't sure whether the image he installed from automatically has an SMTP server running. Which of the following tools might he use to verify whether an SMTP server package is running?
A) nmap
B) nslookup
C) Vulnerability scanner
D) NIDS
A) nmap
B) nslookup
C) Vulnerability scanner
D) NIDS
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
5
Kevin must manually review the events that occur on a number of network devices to determine whether systems are running normally. He discovers that systems are available that can act as a centralized repository and perform much of the analysis for him. Which of the following might be used to collect events in a centralized location for analysis?
A) netstat
B) syslog
C) Phishing
D) DNS harvesting
A) netstat
B) syslog
C) Phishing
D) DNS harvesting
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
6
Cheyenne is concerned about a recent news story that global data breaches are on the rise. She believes that she has installed the latest detection software on all of the servers she is responsible for, but she knows that security requires a layered approach. Which of the following might she also decide to implement?
A) Proxy server
B) Spam filter
C) HIPS
D) NIPS
A) Proxy server
B) Spam filter
C) HIPS
D) NIPS
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
7
Vince wants to configure a firewall on the perimeter of his organization's network to block all unsolicited incoming traffic. However, he still needs servers behind the firewall to be able to access the Internet for patching purposes. Which of the following types of firewalls might he decide to install?
A) Stateless firewall
B) Web application firewall
C) Stateful firewall
D) Portless firewall
A) Stateless firewall
B) Web application firewall
C) Stateful firewall
D) Portless firewall
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
8
Peter has just been hired as a network engineer and has recently been examining the company's core router configuration. He notices that the current configuration would allow an incoming packet from the Internet to have a source IP address within the 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 address space. Which of the following should Peter do?
A) Create a rule on the switches that connect to the router to discard any traffic with those addresses in the source IP field.
B) Modify the ACL on the router to prevent the traffic from transferring to the internal network from the Internet for those addresses.
C) Replace the router with a stateless firewall.
D) Nothing. The router configuration is correct.
A) Create a rule on the switches that connect to the router to discard any traffic with those addresses in the source IP field.
B) Modify the ACL on the router to prevent the traffic from transferring to the internal network from the Internet for those addresses.
C) Replace the router with a stateless firewall.
D) Nothing. The router configuration is correct.
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
9
Terry and Alex have been hired as consultants to determine the security posture of an organization. They have written a custom tool that will crawl social media networks and other popular sites looking for certain pieces of valuable information they can use as part of an attack. Which of the following is this tool most likely used for?
A) DNS harvesting
B) MAC address harvesting
C) Email harvesting
D) IP address harvesting
A) DNS harvesting
B) MAC address harvesting
C) Email harvesting
D) IP address harvesting
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
10
Louise has been asked to provide a report to management that contains a list of insecure traffic types coming into the company's network from the Internet. Which of the following tools might she use to collect this information?
A) Packet analyzer
B) nmap
C) netstat
D) nslookup
A) Packet analyzer
B) nmap
C) netstat
D) nslookup
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
11
Marco has been hired as a penetration tester by a large organization. He has managed to exploit a vulnerability in the perimeter firewall. Which of the following tools might help him discover what other resources exist within the organization's network?
A) nslookup
B) Untidy
C) traceroute
D) netstat
A) nslookup
B) Untidy
C) traceroute
D) netstat
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following tools most likely generated the following output?
1 216.182.226.94 (216.182.226.94) 12.594 ms 216.182.226.146 (216.182.226.146) 15.121 ms 216.182.226.134 (216.182.226.134) 21.772 ms
2 100.66.8.14 (100.66.8.14) 21.115 ms 100.66.32.216 (100.66.32.216) 5.539 ms 100.66.8.248 (100.66.8.248) 20.062 ms
3 100.66.34.250 (100.66.34.250) 11.830 ms 100.66.11.164 (100.66.11.164) 15.988 ms 100.66.11.204 (100.66.11.204) 17.247 ms
4 100.66.7.189 (100.66.7.189) 16.971 ms 100.66.7.149 (100.66.7.149) 22.494 ms 100.66.6.81 (100.66.6.81) 16.582 ms
5 100.66.5.191 (100.66.5.191) 12.744 ms 100.66.5.41 (100.66.5.41) 16.752 ms 100.66.5.23 (100.66.5.23) 21.620 ms
6 100.65.15.193 (100.65.15.193) 0.876 ms 100.65.13.97 (100.65.13.97) 0.322 ms 100.66.5.71 (100.66.5.71) 15.611 ms
7 52.93.28.253 (52.93.28.253) 0.357 ms 52.93.28.243 (52.93.28.243) 0.497 ms 52.93.29.3 (52.93.29.3) 0.500 ms
8 100.100.2.32 (100.100.2.32) 3.957 ms 100.100.2.40 (100.100.2.40) 0.398 ms 100.100.2.32 (100.100.2.32) 0.664 ms
9 99.82.181.25 (99.82.181.25) 0.977 ms 100.100.2.44 (100.100.2.44) 0.705 ms 99.82.181.25 (99.82.181.25) 0.802 ms
10 * * *
11 * 216.239.58.30 (216.239.58.30) 0.718 ms 108.170.228.150 (108.170.228.150) 1.135 ms
12 74.125.37.221 (74.125.37.221) 1.445 ms 108.170.246.49 (108.170.246.49) 1.304 ms 108.170.246.66 (108.170.246.66) 1.546 ms
13 iad30s24-in-f14.1e100.net (172.217.164.142) 0.899 ms 216.239.63.235 (216.239.63.235) 2.164 ms 2.005 ms
A) ping
B) traceroute
C) netstat
D) nmap
1 216.182.226.94 (216.182.226.94) 12.594 ms 216.182.226.146 (216.182.226.146) 15.121 ms 216.182.226.134 (216.182.226.134) 21.772 ms
2 100.66.8.14 (100.66.8.14) 21.115 ms 100.66.32.216 (100.66.32.216) 5.539 ms 100.66.8.248 (100.66.8.248) 20.062 ms
3 100.66.34.250 (100.66.34.250) 11.830 ms 100.66.11.164 (100.66.11.164) 15.988 ms 100.66.11.204 (100.66.11.204) 17.247 ms
4 100.66.7.189 (100.66.7.189) 16.971 ms 100.66.7.149 (100.66.7.149) 22.494 ms 100.66.6.81 (100.66.6.81) 16.582 ms
5 100.66.5.191 (100.66.5.191) 12.744 ms 100.66.5.41 (100.66.5.41) 16.752 ms 100.66.5.23 (100.66.5.23) 21.620 ms
6 100.65.15.193 (100.65.15.193) 0.876 ms 100.65.13.97 (100.65.13.97) 0.322 ms 100.66.5.71 (100.66.5.71) 15.611 ms
7 52.93.28.253 (52.93.28.253) 0.357 ms 52.93.28.243 (52.93.28.243) 0.497 ms 52.93.29.3 (52.93.29.3) 0.500 ms
8 100.100.2.32 (100.100.2.32) 3.957 ms 100.100.2.40 (100.100.2.40) 0.398 ms 100.100.2.32 (100.100.2.32) 0.664 ms
9 99.82.181.25 (99.82.181.25) 0.977 ms 100.100.2.44 (100.100.2.44) 0.705 ms 99.82.181.25 (99.82.181.25) 0.802 ms
10 * * *
11 * 216.239.58.30 (216.239.58.30) 0.718 ms 108.170.228.150 (108.170.228.150) 1.135 ms
12 74.125.37.221 (74.125.37.221) 1.445 ms 108.170.246.49 (108.170.246.49) 1.304 ms 108.170.246.66 (108.170.246.66) 1.546 ms
13 iad30s24-in-f14.1e100.net (172.217.164.142) 0.899 ms 216.239.63.235 (216.239.63.235) 2.164 ms 2.005 ms
A) ping
B) traceroute
C) netstat
D) nmap
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
13
Rudyard has heard rumors that an employee has set up an FTP server at his house. The server issaid to be running on port 80, as ports 20 and 21 are blocked on the company's firewall. He knows that the firewall doesn't perform any sort of packet inspection to ensure that only HTTP traffic is being transmitted. Which of the following tools might he use in conjunction with port mirroring on the switch to monitor the user's traffic and search for signs of FTP traffic being sent on port 80?
A) Peach Fuzzer
B) Check Point
C) Metasploit
D) Wireshark
A) Peach Fuzzer
B) Check Point
C) Metasploit
D) Wireshark
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
14
Tito has logged into a Linux server that has just had a secondary NIC installed. Which of the following commands would he use as part of the next steps to connect the server to an out-of-band management network?
A) top
B) ipconfig
C) ifconfig
D) niconfig
A) top
B) ipconfig
C) ifconfig
D) niconfig
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
15
Jorge is reviewing the firewall logs and sees 28 echo requests leaving the network and ICMP echo replies coming back over the course of a five-minute period. Which of the following is most likely the cause of this traffic?
A) Users are streaming multimedia from a popular video-sharing website.
B) This is standard voice-over-IP traffic and is no cause for concern.
C) These are authentication requests for single sign-on using federation with large websites.
D) Someone has run multiple ping tests from the network to an outside address.
A) Users are streaming multimedia from a popular video-sharing website.
B) This is standard voice-over-IP traffic and is no cause for concern.
C) These are authentication requests for single sign-on using federation with large websites.
D) Someone has run multiple ping tests from the network to an outside address.
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 15 flashcards in this deck.
