INTERMEDIATE LEVEL QUIZ | Threat Management -

Quiz Summary

0 of 18 Questions completed

Questions:

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading…

You must sign in or sign up to start the quiz.

You must first complete the following:

Results

Quiz complete. Results are being recorded.

Results

0 of 18 Questions answered correctly

Your time:

You have reached 0 of 0 point(s), (0)

Average score
Your score

Categories

Not categorized 0%

Current
Review
Answered
Correct
Incorrect

Question 1 of 18

1. Question
The following steps describe the process for which type of attack?
1. Locate and sniff an active connection between a host and web server.
2. Monitor traffic to either capture or calculate the session ID.
3. Desynchronize the session.
4. Remove the authenticated user.
5. Inject packets to the server.
- ARP poisoning
- Stored cross-site scripting
- Trojan attack
- Session hijacking
Correct

Incorrect
Question 2 of 18

2. Question
Which of the following are considered DNS hardening techniques?
- Provide guidelines regarding the types of posts.
- Outsource all DNS inquires.
- Optimize resources to their full potential.
- Clean up out-of-date zones.
- Limit the sharing of critical information.
- Learn about your web server software.
- Review company websites.
Correct

Incorrect
Question 3 of 18

3. Question
An attacker has performed a privilege escalation attack on your system. Which of the following is MOST likely the goal behind this attack?
- To limit user privileges.
- To check for system vulnerabilities.
- To delete access to event logs.
- To lay a foundation for later.
Correct

Incorrect
Question 4 of 18

4. Question
Which of the following describes the worst possible action an IDS can take?
- The system correctly deemed harmless traffic as inoffensive and let it pass.
- The system identified harmless traffic as offensive and generated an alarm.
- The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.
- The system detected a valid attack and the appropriate alarms and notifications were generated.
Correct

Incorrect
Question 5 of 18

5. Question
Which of the following BEST describes the verification phase of the vulnerability management life cycle?
- It protects the organization from its most vulnerable areas first and then focuses on less likely and less impactful areas.
- It is critical to ensure that organizations have monitoring tools in place and have regularly scheduled vulnerability maintenance testing.
- It proves your work to management and generates verifiable evidence to show that your patching and hardening implementations have been effective.
- It communicates clearly to management what your findings and recommendations are for locking down the systems and patching problems.
Correct

Incorrect
Question 6 of 18

6. Question
Which of the following devices can monitor a network and detect potential security attacks?
- DNS server
- CSU/DSU
- Proxy
- IDS
Correct

Incorrect
Question 7 of 18

7. Question
While performing a password audit on a Windows machine in your organization with L0phtCrack, you receive the following results. Based on what you see below, which two accounts should worry you the most? (Select two.)
- Administrator
- Brandon
- DefaultAccount
- Mihai
- Guest
Correct

Incorrect
Question 8 of 18

8. Question
Which BEST defines the term base in CVSS?
- A vulnerability's unique characteristics
- The changeable attributes of a vulnerability
- Vulnerabilities that are present only in certain environments or implementations
- Discovered vulnerabilities
Correct

Incorrect
Question 9 of 18

9. Question
Which of the following tools would you use to perform a SYN flood attack?
- Nmap
- Metasploit
- Wireshark
- TCPDump
Correct

Incorrect
Question 10 of 18

10. Question
Which of the following BEST describes Bluetooth MAC spoofing?
- An attacker performs a denial-of-service attack where the L2CAP layer of the Bluetooth protocol stack is used to transfer an oversized packet, causing the L2CAP layer to crash.
- An attacker exploits a Bluetooth device by installing a backdoor that bypasses normal authentication, giving the attacker full access.
- An attacker changes the Bluetooth address of his own device to match the address of a target device so that the data meant for the victim device reaches the attacker's device first.
- An attacker sends unwanted data, such as annoying messages, to Bluetooth devices that are enabled and discoverable.
Correct

Incorrect
Question 11 of 18

11. Question
Which tool BEST fits into the banner grabbing prevention category?
- Vulnerability assessments
- Hide file extensions
- Port scanning
- Vulnerability scans
Correct

Incorrect
Question 12 of 18

12. Question
Which frequency does ZigBee operate at?
- 50 MHz
- 5 GHz
- 908.42 MHz
- 2.4 GHz
Correct

Incorrect
Question 13 of 18

13. Question
As a security analyst working for an accounting firm, you need to evaluate the current environment. Which of the following is the FIRST thing you should do?
- Define the effectiveness of the current security policies and procedures.
- Decide the best times to test in order to limit the risk of having shutdowns during peak business hours.
- Implement remediation steps.
- Create reports that clearly identify problem areas to present to management.
Correct

Incorrect
Question 14 of 18

14. Question
A hacker has used a SQL injection to deface a web page by inserting malicious content and altering the contents of the database. Which of the following did the hacker accomplish?
- Compromise data integrity
- Bypass authentication
- Information disclosure
- Compromise data availability
Correct

Incorrect
Question 15 of 18

15. Question
Which of the following government resources is a dictionary of known patterns of cyberattacks used by hackers?
- CISA
- CVE
- CAPEC
- CWE
Correct

Incorrect
Question 16 of 18

16. Question
A security analyst is testing to find SQL injection vulnerabilities. She uses automation of a large volume of random data inserted into the web application’s input fields in order to check the output. Which type of testing was done?
- Dynamic testing
- Function testing
- Fuzz testing
- Static testing
Correct

Incorrect
Question 17 of 18

17. Question
You are a security analyst at a medical clinic and want to evaluate the environment. Which of the following is the first thing you should do?
- Create reports that clearly identify problem areas to present to management.
- Decide the best times to test in order to limit the risk of having shutdowns during peak business hours.
- Choose the best security assessment tools for the systems you want to test.
- Define the effectiveness of the current security policies and procedures.
Correct

Incorrect
Question 18 of 18

18. Question
Which of the following attacks involves modifying the IP packet header and source address to make it look like they are coming from a trusted source?
- Whitelisting
- DNS poisoning
- Zero-day
- Spoofing
Correct

Incorrect

INTERMEDIATE LEVEL QUIZ | Threat Management

INTERMEDIATE LEVEL QUIZ | Threat Management

INTERMEDIATE LEVEL QUIZ | Threat Management

Quiz Summary

Information

Results

Results

Categories

1. Question

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question

11. Question

12. Question

13. Question

14. Question

15. Question

16. Question

17. Question

18. Question