Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
True / False
1. NMAP is a popular hacking tool.
2. Black hat hackers are also known as script kiddies.
3. Hacking into phone systems is also known as phreaking.
4. Checking an organization’s websites is a form of active scanning.
5. NetBIOS is an example of a port scanner.
6. Ping scanning may be stopped by blocking ICMP packets.
7. ACK scans and NULL scans work only on UNIX systems.
8. A SQL statement may begin with the word SELECT.
9. Sid2User, UserInfo, and UserDump are examples of password cracking tools.
10. Windows passwords are stored in a hash file in one of the system diretories.
Multiple Choice
1. Testing an organization’s security is known as ________ testing.
a. Penetration
b. Location
c. Virus
d. None of the above
2. Some who performs a cyberattack without actually understanding it is a _______.
a. Gray hat hacker
b. White hat hacker
c. Script kiddie
d. None of the above
3. Hacking into phone systems is called ___________.
a. Telnetting
b. Dial hacking
c. Phreaking
d. None of the above
4. Scanning bulletin boards, making phony phone calls, and visiting websites by a hacker
are examples of _________.
a. Active scanning
b. Passive scanning
c. Phreaking
d. Scouring
5. There are 1,024 well-known ________ that are usually associated with specific
services.
a. Ports
b. Processes
c. Applications
d. Programs
6. The most popular port scanner in the hacking and security community is ________.
a. Portscan
b. Nmap
c. Servport
d. NetBIOS
7. The most reliable Nmap scan is ____________ scan.
a. ping
b. Connect
c. SYN
d. FIN
8. With a(n) _________ scan, if the port is closed, the response is an RST. If the port is
open, the response is a SYN/ACK.
a. FIN
b. XMAS
c. SYN
d. ACK
9. Nmap enables you to set ________ such as –sP, -sS, and -oA.
a. Parameters
b. Flags
c. Switches
d. None of the above
10. ___________ is the process to find out what is on a target system.
a. Enumeration
b. Phishing
c. Mapping
d. Scanning
11. Passing structured query language commands to a web application and getting the
website to execute it is called SQL script _________.
a. Injection
b. Processing
c. Attacking
d. Execution
12. When an attacker injects client-side scripts into web pages viewed by other users so
that those users interact with it, it is an example of _________.
a. Cross-site scripting
b. Phreaking
c. Phishing
d. None of the above
13. _________ is a popular tool for cracking Windows passwords.
a. Sid2User
b. Cheops
c. Netcat
d. OphCrack
14. The net command can be included in a ________ that will create a domain admin
account.
a. Port
b. Scan
c. Script
d. None of the above
15. To create a domain admin account, the user must be a member of the __________
group.
a. Domain admins
b. Domain users
c. Backup operators
d. Everyone
