(question)
What is accounting in AAA?
Authentication, Authorization, Accounting=Tracking and logging user actions
What layer is SSL in OSI model?
Transport
a cyber attack that acts like a fake virus to scare a victim into downloading malicious material
Scareware
What is the name of software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes?
Spyware
You find a .git folder open on a website. What can you do?
clone
Port 22
Secure Shell (SSH)
What attack reads /etc/passwd via URL?
RFI exploits vulnerabilities in web applications to include and execute remote files, potentially leading to information disclosure, including the contents of files like /etc/passwd.
other options are:Local File Inclusion (LFI),Cross-Site Scripting (XSS),SQL Injection
This is the phase when the attacker selects their target and gathers information about the entity that it can use to gain access
Reconnaissance
Bob, a network professional, wants to find out where packets are getting stuck on the path to their destination. Which of the following utilities should he use?
a. Ipconfig
b. Ifconfig
c. Ping
d. Tracert
TRACERT
Which of the following IT jobs specializes in configuring communication hardware such as cabling, routers, and wireless adapters?
a. Security Analyst
b. Network Architect
c. Network Technician
d. Help Desk Service Manager
NETWORK ARCHITECT
This is the process where a remote access Trojan or back door is added into the victim system.
Installation
This attack involves altering infrastructure data about Internet Properties such as domain names, social media identities, or registered network locations.
Hijacking
This is an attack that overloads the system and can take a victim’s Internet capabilities offline.
Distributed Denial of Service
What web bug abuses insecure JWT secrets?
Forgery
Which of the following is used on a wireless network to identify the network name?
a. MAC address
b. WPA2 passphrase
c. SSID
d. Network Name
SSID
What VPN (Virtual Private Network) Arival Uses?
TunnelBlick
What are the five core functions of NIST?
Identify, Protect, Detect, Respond, Recover.
Command-line packet capture utility for Linux
Tcpdump
Command that searches for lines that contain strings that match a pattern
Grep
Command to change permissions on Linux
chmod
Year when the first website was launched on the World Wide Web
1991
What file reveals directories to crawlers?
robots.txt
PSI stands for
Personal Security Information
This type of malware can propagate or self-replicate from one computer to another without human activation
worm
type of malware that uses the resources of the infected IT systems to “mine” for cryptocurrencies.
Crypto-Jacking