1
Q
In Microsoft systems, an excellent resource for finding configuration errors, missing patches, and so on is the ________________________________________.
A
Microsoft Baseline Security Analyzer
MBSA
Microsoft Baseline Security Analyzer (MBSA)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
What functions do most Trojan programs perform?
A
Most Trojan programs perform one or more of the following functions:
- Allow remote administration of the attacked system
- Create a file server on the attacked computer so files can be loaded and downloaded without the user’s knowledge
- Steal passwords from the attacked system and e-mail them to the attacker
- Log all keystrokes a user enters and e-mail the results to the attacker or store them in a hidden file the attacker can access remotely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
What is the Common Internet File System (CIFS) protocol?
A
Common Internet File System (CIFS) is a standardized protocol that replaced SMB in Windows 2000 Server and later, but to allow backward compatibility, the original SMB is still used. CIFS is a remote file system protocol that enables computers to share network Windows OS Vulnerabilities 207 resources over the Internet. In other words, files, folders, printers, and other resources can be made available to users throughout a network. For sharing to occur, there must be an infrastructure that allows placing these resources on the network and a method to control access to resources.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
To perform MBSA-style scans you can run the tool from the command line by using ____________________.exe.
A
mbsacli
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
Rootkits containing Trojan binary programs ready to be installed are more dangerous than typical Trojan programs.
A
True
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
To determine whether a system is vulnerable to an RPC-related issue, the best tool is ____.
A
MBSA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
The Conficker worm took advantage of a vulnerability in ____ to run arbitrary code on susceptible hosts
A
RPC
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
____ is an open-source implementation of CIFS.
A
Samba
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
If the LRK5 rootkit is installed on a Linux computer, entering the Trojaned ____ command allows the attacker’s processes to continue running, even though the Linux administrator thinks all processes were killed.
A
Killall
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
MBSA has its origins in the ____ scanner.
A
HFNetChk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
The Trojan program called Sheepshank makes HTTP GET requests over port ____.
A
80
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
Samba is as an closed-source implementation of CIFS.
A
False
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
If the LRK5 rootkit is installed on a Linux computer, entering the Trojaned ____ command allows the attacker’s processes to continue running, even though the Linux administrator thinks all processes were killed.
A
Killall
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
Trusted Computer Solutions____ program is used to tighten Linux system security configuration by using templates.
A
Security Blanket
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
The best way to protect a network from SMB attacks is to make sure routers filter out ports 137 to 139 and ____.
A
445
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
Complete instructions for MBSA are available from the MBSA Help interface or the ____ site.
A
Microsoft Security Tools Web
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
Early Windows OSs communicated with each other by using ____.
A
NetBIOS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
What is the purpose of a file system?
A
The purpose of any file system, regardless of the OS, is to store and manage information. The file system organizes information that users create as well as the OS files needed to boot the system, so the file system is the most vital part of any OS. In some cases, this critical component of the OS can be a vulnerability.
19
Q
SMB stands for _________________________.
A
Server Message Block
20
Q
The MBSA can check for missing security updates.
A
True
21
Q
Red Hat and Fedora Linux use the ____ command to update and manage RPM packages.
A
yum
22
Q
Why should you review logs regularly? How should you accomplish this task?
A
You should review logs regularly for signs of intrusion or other problems on the network. Scanning through thousands of log entries is time consuming, and missing important entries is likely. A log-monitoring tool is best for this task. Several are available, depending on network needs and budget.
23
Q
What can a security tester using enumeration tools do?
A
A security tester using enumeration tools can do the following:
- Identify a computer on the network by using port scanning and zone transfers
- Identify the OS the computer is using by conducting port scanning and enumeration
- Identify via enumeration any logon accounts and passwords configured on the computer
- Learn the names of shared folders by using enumeration
- Identify services running on the computer
24
Q
What is Samba used for?
A
Samba is an open-source implementation of CIFS. With Samba, *nix servers can share resources with Windows clients, and Windows clients can access a *nix resource without realizing that the resource is on a *nix computer. For a Windows computer to be able to access a *nix resource, CIFS must be enabled on both systems. On networks that require *nix computers to access Windows resources, Samba is often used. It’s not a hacking tool; this product was designed to enable *nix computers to “trick” Windows services into believing that *nix resources are Windows resources. A *nix client can connect to a Windows shared printer and vice versa when Samba is configured on the *nix computer. Most new versions of Linux include Samba as an optional package, so you don’t need to download, install, and compile it.
25
Q
Windows Server 2003 and 2008 ____ are used to authenticate user accounts, so they contain much of the information that attackers want to access.
A
domain controllers
26
Q
What is Server Message Block (SMB) used for in Windows? Can hacking tools still damage a network using SMB?
A
In Windows, Server Message Block (SMB) is used to share files and usually runs on top of NetBIOS, NetBEUI, or TCP/IP. Several hacking tools that target SMB can still cause damage to Windows networks. Two well-known SMB hacking tools are L0phtcrack’s SMB Packet Capture utility and SMBRelay, which intercept SMB traffic and collect usernames and password hashes.
27
Q
NetBIOS over TCP/IP is called ____ in Windows Server 2003.
A
NetBT
28
Q
What should a password policy include?
A
A comprehensive password policy is critical, as a user name and password are often all that stands between an attacker and access. A password policy should include the following:
- Change passwords regularly on system-level accounts
- Require users to change their passwords regularly
- Require a minimum password length of at least eight characters
- Require complex passwords
- Passwords can’t be common words, words found in the dictionary, or slang, jargon, or dialect
- Passwords must not be identified with a particular user
- Never write a password down or store it online or in a file on the user’s computer
- Don’t hint at or reveal a password to anyone over the phone, in e-mail, or in person
- Use caution when logging on to make sure no one sees you entering your password
- Limit reuse of old passwords
29
Q
In Windows Server 2003 and 2008, how does a domain controller locate resources in a domain
A
In Windows Server 2003 and 2008, a domain controller uses a global catalog (GC) server to locate resources in a domain containing thousands or even millions of objects. For example, if a user wants to locate a printer with the word “color” in its description, he or she can use a GC server, which contains attributes such as the resource’s name and location and points the user to the network resource.
30
Q
You can use _____________________________________________ information when testing Linux computers for known vulnerabilities.
A
Common Vulnerabilities and Exposures
CVE
Common Vulnerabilities and Exposures (CVE)
31
Q
A common Linux rootkit is ____.
A
Linux Rootkit 5
32
Q
NetBIOS is not a protocol; it usually works with ____, a fast, efficient protocol that requires little configuration.
A
NetBEUI
33
Q
The MBSA can check for user account passwords that have dictionary words in them.
A
False
34
Q
In Microsoft systems, an excellent resource for finding configuration errors, missing patches, and so on is the ________________________________
A
Microsoft Baseline Security Analyzer
MBSA
Microsoft Baseline Security Analyzer (MBSA)
35
Q
HTTP is associated with this port
A
port 80
36
Q
LDAP is associated with this port
A
port 389
37
Q
DNS is associated with this port
A
port 53
38
Q
HTTPS is associated with this port
A
port 443
39
Q
gives an intruder a potential point of entry into a network
A
unused services
40
Q
almost useless if it isn’t updated regularly
A
antivirus software
41
Q
to harden Microsoft systems, you should disable this account
A
Guest
42
Q
to harden Microsoft systems, you should rename this account
A
Administrator
43
Q
no account should have this type of password
A
blank
