Kopieren und bearbeiten

Sec Ops Analyst Quiz

Beschreibung

Security Operations Analyst Quiz
Martin Covill
Quiz von Martin Covill, aktualisiert more than 1 year ago
Martin Covill
Erstellt von Martin Covill vor mehr als 8 Jahre
67
0
0

Zusammenfassung der Ressource

Frage 1

Frage
What is a Trojan?
Antworten
  • a. Backdoor malware
  • b. Virus
  • c. Worm

Frage 2

Frage
What technique does Zberb use to remain invisible on a system?
Antworten
  • a. Adding values in the registry
  • b. Steganography
  • c. Exe wrapping

Frage 3

Frage
How can malware infections be prevented?
Antworten
  • a. Using antiviruses and personal IDS
  • b. Using an up-to-date operating system
  • c. Using KeyScrambler

Frage 4

Frage
How should you check your system for infection?
Antworten
  • a. Using checksum method to check file integrity
  • b. Using malware scanners
  • c. Checking for suspicious looking files and network connections

Frage 5

Frage
What is the use of a DoS attack Trojan?
Antworten
  • a. Make a remote service unavailable to legit users
  • b. Transfer information and files
  • c. Provide remote access

Frage 6

Frage
A tool to monitor file integrity is:
Antworten
  • a. Tripwire
  • b. Netcat
  • c. HiJackThis

Frage 7

Frage
Which is a port monitoring tool?
Antworten
  • a. Carberb
  • b. CM tool
  • c. Sigcheck

Frage 8

Frage
Which tool is used for sniffing a network?
Antworten
  • a. Billy Bastard
  • b. Ophcrack
  • c. Cain and Abel

Frage 9

Frage
How is a salted password validated?
Antworten
  • a. Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not
  • b. Check for the resulting password hash, match or not; Retrieve the salt and hash from the database; Append the salt and the hash again with the same algorithm
  • c. Append the salt and the hash again with the same algorithm; Check for the resulting password hash, match or not; Retrieve the salt and hash from the database

Frage 10

Frage
Which utility is used for a hash insertion attack?
Antworten
  • a. Kerbcrack
  • b. NTPASSWD
  • c. iKey 2032

Frage 11

Frage
On which system do alternate data streams work?
Antworten
  • a. FAT
  • b. NTFS
  • c. Ext4

Frage 12

Frage
What is steganography?
Antworten
  • a. Data encryption technique
  • b. Data hiding technique
  • c. File infection technique

Frage 13

Frage
Steganography can be used as a substitute for which encryption values?
Antworten
  • a. symmetric
  • b. asymmetric
  • c. one-way hash

Frage 14

Frage
Using alternate data streams negatively impacts the file.
Antworten
  • True
  • False

Frage 15

Frage
What type of encryption does NTLM use?
Antworten
  • a. Symmetric
  • b. Asymmetric
  • c. One-way hash

Frage 16

Frage
How can an MD5 hash be cracked?
Antworten
  • a. Brute-force attack
  • b. Rainbow table attack
  • c. Dictionary attack

Frage 17

Frage
For what purpose is the pass-the-hash technique used?
Antworten
  • a. To bypass Syskey
  • b. To bypass Windows normal login
  • c. To crack a password hash

Frage 18

Frage
How can password guessing be prevented?
Antworten
  • a. Using long passwords
  • b. Using alphanumeric passwords with both uppercase and lower¬case letters
  • c. Using Syskey and storing key on an external drive
  • d. All of these

Frage 19

Frage
Which of the following operating systems employs Kerberos authentication?
Antworten
  • a. Windows 2000
  • b. Windows NT SP3
  • c. Windows 98

Frage 20

Frage
Which of the following is not true about Certification Authority?
Antworten
  • a. It is a third party that issues digital certificates
  • b. It is a third party that encrypts information for people
  • c. CA validates the identity of the certificate holder

Frage 21

Frage
Which of the following are rootkit functionalities?
Antworten
  • a. To hide OS processes
  • b. To elevate the privileges of processes
  • c. To hide files or registry entries
  • d. To delete or audit logs
  • e. All of the above

Frage 22

Frage
Which process stage does not verify or try to exploit the vulnerability, just lists and ranks the identified weaknesses?
Antworten
  • a. Vulnerability assessment
  • b. Vulnerability scan

Frage 23

Frage
How can rootkits be prevented?
Antworten
  • a. By using updated antivirus
  • b. By using anti-rootkits
  • c. By reinstalling the operating system

Frage 24

Frage
Which is the strongest password among these?
Antworten
  • a. Password
  • b. Airplane
  • c. P@5S\/\/OrD

Frage 25

Frage
What is the maximum length of a LanMan Hash?
Antworten
  • a. 32
  • b. 14
  • c. 127

Frage 26

Frage
Which is a non-technical type of social engineering attack?
Antworten
  • a. Fake calling as a technician and asking the victim for system details
  • b. Phishing
  • c. Infecting the victim with malware

Frage 27

Frage
What is the correct order of the challenge-response process of Windows authentication?
Antworten
  • a. Response, login request, result, challenge
  • b. Challenge, login request, response, result
  • c. Login request, challenge, response, result
  • d. Result, challenge, login request, response

Frage 28

Frage
What is needed to successfully crack an FTP password?
Antworten
  • a. A good word list
  • b. A Windows system
  • c. Syskey

Frage 29

Frage
What is a good password policy to implement in an organization?
Antworten
  • a. Do not use old passwords
  • b. Change your passwords every 2 weeks
  • c. Do not use a dictionary word
  • d. All of these

Frage 30

Frage
In which file are Windows passwords stored?
Antworten
  • a. Boot.ini file
  • b. SAM file
  • c. Hosts file
  • d. None of these

Frage 31

Frage
Which tool can be used to crack a Windows password protected with Syskey?
Antworten
  • a. BKhive
  • b. Cain and Abel
  • c. LC4

Frage 32

Frage
Which is the best hardware to crack a password?
Antworten
  • a. Using a system CPU
  • b. Using a powerful GPU
  • c. Using high network bandwidth

Frage 33

Frage
What type of password hash is this: 2ea886556a3a225a18bf4bcc425486db ?
Antworten
  • a. SHA
  • b. MD5
  • c. DES

Frage 34

Frage
Which of these is not a countermeasure against attacks?
Antworten
  • a. Use self-encrypting drives
  • b. Disable the storage of the LM hash
  • c. Disable the LM authentication
  • d. None of these

Frage 35

Frage
Which tools can be used to sniff traffic on a network?
Antworten
  • a. L0phtcrack
  • b. Cain and Abel
  • c. TSGrinder

Frage 36

Frage
How can LM hash storage be disabled?
Antworten
  • a. By creating a Group Policy Object
  • b. By using BitLocker
  • c. By using kerbcrack.exe

Frage 37

Frage
What type of authentication protocols does Windows support?
Antworten
  • a. LM
  • b. NTLM
  • c. NTLMv2
  • d. All of these

Frage 38

Frage
Which of the following are tools that can be used to extract hidden data using steganography?
Antworten
  • a. Stegdetect
  • b. Cain and Abel
  • c. Stream Explorer

Frage 39

Frage
A hash injection attack is possible due to?
Antworten
  • a. Network access
  • b. Physical access
  • c. Viruses and backdoors

Frage 40

Frage
Which utility is used for hash injection attacks?
Antworten
  • a. Kerbcrack
  • b. NTPASSWD
  • c. iKey 2032

Frage 41

Frage
Which of the following .exe of a Trojan is executed on a victim machine?
Antworten
  • a. Builder.exe
  • b. Server.exe
  • c. Client.exe

Frage 42

Frage
SigCheck is a download offered by Microsoft.
Antworten
  • True
  • False

Frage 43

Frage
Elite wrapper is a tool to :
Antworten
  • a. connect to an infected system
  • b. make an .exe FUD
  • c. join malware .exe to another .exe

Frage 44

Frage
How is Fully Undetectable (FUD) malware created?
Antworten
  • a. Using .exe wrappers
  • b. Using hex editors
  • c. Using steganography

Frage 45

Frage
What is a Trojan.FakeAV?
Antworten
  • a. Malware behaving as an antivirus
  • b. Tool to detect malware
  • c. Tool to make FUD malware

Frage 46

Frage
Which is a ransomware?
Antworten
  • a. Trojan
  • b. Virus
  • c. Worm

Frage 47

Frage
What is the effect of SMS Trojans?
Antworten
  • a. Data locked down
  • b. SMS sent to premium numbers
  • c. Data theft

Frage 48

Frage
What is email harvesting?
Antworten
  • a. Sending bulk emails
  • b. Collecting email accounts
  • c. Cracking email passwords

Frage 49

Frage
What is the full form of UDP?
Antworten
  • a. User Data Program
  • b. User Datagram Protocol
  • c. User Defined Program

Frage 50

Frage
Identify the spyware.
Antworten
  • a. Cookie
  • b. Antivirus
  • c. Legitimate tracking software
  • d. Tracking software

Frage 51

Frage
Pick the non-legitimate software.
Antworten
  • a. Trend Micro Titanium Maximum Security
  • b. Applications
  • c. Mobile apps
  • d. Tracking software

Frage 52

Frage
How does a virus spread between computers?
Antworten
  • a. Using network weakness
  • b. Viruses don’t spread
  • c. Infecting .exe files

Frage 53

Frage
Spyware are malicious programs that, after downloading themselves on a PC, begin to transmit some type of information through the Internet, except:
Antworten
  • a. Data files
  • b. Login usernames and passwords
  • c. Sensitive banking and credit information
  • d. Computer IP address

Frage 54

Frage
Which is not a method of spyware distribution?
Antworten
  • a. Peer-to-peer distribution
  • b. Installing unapproved toolbars in your web browser
  • c. Sharing freeware
  • d. Replication

Frage 55

Frage
What is the common IANA registered Port for Kerberos?
Antworten
  • a. UDP Port 123
  • b. TCP Port 119
  • c. UDP Port 161
  • d. TCP Port 88

Frage 56

Frage
Which type of keylogger remains undetected by both antispyware and antivirus programs?
Antworten
  • a. Hardware Keylogger
  • b. Software Keylogger

Frage 57

Frage
A program designed to trace every keystroke on the machine on which it is installed to steal the personal information of the user is called a:
Antworten
  • a. Virus
  • b. Keylogger
  • c. Worm
  • d. Trojan

Frage 58

Frage
Spyware is a program that runs in stealth mode. What is this program otherwise called that gathers and records sensitive information available on your PC?
Antworten
  • a. Virus
  • b. Spybot
  • c. Cookies

Frage 59

Frage
Pick the odd one out.
Antworten
  • a. Form grabbing keylogger
  • b. Wireless keyloggers
  • c. Keyboard overlays
  • d. Firmware keyloggers

Frage 60

Frage
SetWindowsHookEx() is a Windows function used by:
Antworten
  • a. Software keyloggers
  • b. Hardware keyloggers

Frage 61

Frage
The memory injection-based keyloggers can alter while patching the memory table of your PC and browser, and help the hackers gain control over your personal data. An example of Trojans that use memory injection-based keyloggers is:
Antworten
  • a. Hyper-V
  • b. API
  • c. Zeus
  • d. Ultimate Keylogger

Frage 62

Frage
What is not true about Social Engineering?
Antworten
  • a. It uses social tactics to gain information.
  • b. It uses high-end technologies.
  • c. Exploits the trust of the victims.

Frage 63

Frage
Select all the countermeasures that can keep you safe from spyware and keyloggers.
Antworten
  • a. Expensive antivirus
  • b. Use of a firewall
  • c. KeyScrambler
  • d. Use of freeware

Frage 64

Frage
The majority of keyloggers are used by hackers to steal people’s confidential information, but there are few exceptions like Amac and:
Antworten
  • a. Ultimate Keylogger
  • b. Hyper-V
  • c. SpyEye

Frage 65

Frage
Pick the non-legitimate software.
Antworten
  • a. Trend Micro Titanium Maximum Security
  • b. Applications
  • c. Mobile apps
  • d. Tracking software

Frage 66

Frage
Which of these is the odd one out?
Antworten
  • a. USB spyware
  • b. Screen capture spyware
  • c. Image spyware
  • d. Video spyware

Frage 67

Frage
Spyware activity can cause the following except:
Antworten
  • a. System crashes
  • b. Utilization of bandwidth of the Internet connection
  • c. Deletion of files
  • d. Changes in the default browser

Frage 68

Frage
Antivirus and antispyware programs fail to detect kernel-based keyloggers because, they . (Select all that apply.)
Antworten
  • a. are user level applications
  • b. run at ring 3
  • c. run at ring 0

Frage 69

Frage
Though hackers are always a step ahead, even sophisticated spyware programs cannot:
Antworten
  • a. Uninstall antivirus
  • b. Remove antispyware
  • c. Disable firewalls
  • d. Change your web browser’s security settings

Frage 70

Frage
It is safe to install all search engine toolbars?
Antworten
  • True
  • False

Frage 71

Frage
Identify the hardware keyloggers.
Antworten
  • a. Form grabbing
  • b. Wireless keyloggers
  • c. API
  • d. Keyboard overlays

Frage 72

Frage
Which of the following, when installed on a PC, can include a kernel-based keylogger?
Antworten
  • a. Trojans
  • b. Rootkits
  • c. Drive-by downloads

Frage 73

Frage
The following steps can help you stay protected, except :
Antworten
  • a. never using an administrator account on a daily basis
  • b. using free file sharing sites
  • c. enabling firewalls

Frage 74

Frage
Select all the programs that will protect your PC.
Antworten
  • a. KeyScrambler
  • b. HiJackThis
  • c. Torrent
  • d. Comodo

Frage 75

Frage
Almost all programs contain spyware code.
Antworten
  • True
  • False

Frage 76

Frage
Antivirus software is spyware.
Antworten
  • True
  • False

Frage 77

Frage
There is a difference between legitimate tracking software and spyware.
Antworten
  • True
  • False

Frage 78

Frage
When you visit some websites, you will get a popup asking you to install ActiveX or a similar plug-in. This is known as a drive-by download.
Antworten
  • True
  • False

Frage 79

Frage
The keylogger works in combination with spyware and cannot be programmed to start and end when the user is prompted to enter a username and password in any browser window.
Antworten
  • True
  • False

Frage 80

Frage
Antivirus and antispyware programs can detect the data stored in the hardware keyloggers?
Antworten
  • True
  • False

Frage 81

Frage
Zeus can alter the memory table that is associated with your browser and control the logging functions.
Antworten
  • True
  • False

Frage 82

Frage
Amac is a keylogger designed for the Windows operating system.
Antworten
  • True
  • False

Frage 83

Frage
Keyloggers run at ring 0.
Antworten
  • True
  • False

Frage 84

Frage
Built-in firewalls are easy to turn off.
Antworten
  • True
  • False

Frage 85

Frage
What is a Netcat?
Antworten
  • a. Network port scanner
  • b. Virus
  • c. Trojan

Frage 86

Frage
Which tool is used to replace the .exe icon?
Antworten
  • a. Exe icon
  • b. Netcat
  • c. Sandbox

Frage 87

Frage
The pattern that can be used to identify a virus is known as:
Antworten
  • a. Stealth
  • b. Virus signature
  • c. Armoured

Frage 88

Frage
Which one of the following is not an attack, but a search for vulnerabilities to attack?
Antworten
  • a. Denial-of-service
  • b. Port scanning
  • c. Dumpster diving

Frage 89

Frage
Which one can’t spread viruses?
Antworten
  • a. A plain text email
  • b. An email attachment
  • c. Downloading files over the Web

Frage 90

Frage
Programs that come into a computer system disguised as something else are called:
Antworten
  • a. Spoofers
  • b. Loggers
  • c. Trojans

Frage 91

Frage
Nmap stands for?
Antworten
  • a. Network Mapper
  • b. NetBIOS Mapper
  • c. Network Map

Frage 92

Frage
Which is the best way to test or analyse malware?
Antworten
  • a. Use a sandbox or virtual machine
  • b. Use your original machine
  • c. Use an antivirus

Frage 93

Frage
Which is a function of Nmap?
Antworten
  • a. Virus detection
  • b. Malware removal
  • c. Network scanning

Frage 94

Frage
What is the name of a hardware-based malware detection tool?
Antworten
  • a. Adaptive DarkNet
  • b. Dr.Web
  • c. McAfee

Frage 95

Frage
How can malware infection be cured?
Antworten
  • a. Employing a strict software policy
  • b. Using an anti-malware tool
  • c. Educating users

Frage 96

Frage
What is a Trojan-Game Thief?
Antworten
  • a. A Trojan stealing gaming accounts
  • b. A Trojan damaging gaming accounts
  • c. A spamming tool

Frage 97

Frage
Which step is essential for the organization to be compliant with certain ISOs or other certification bodies?
Antworten
  • a. Security audit
  • b. Vulnerability assessment
  • c. Code reviews

Frage 98

Frage
You may give someone your password if:
Antworten
  • a. It is never OK to give out your password
  • b. Your boss asks you for your password
  • c. The Helpdesk asks you for your password
  • d. you send it by e‐mail and change it soon afterwards

Frage 99

Frage
Find the odd one out.
Antworten
  • a. ECB
  • b. CBC
  • c. PKC
  • d. OFB

Frage 100

Frage
Pick the wrong statement(s) about Encryption.
Antworten
  • a. It is an irreversible process.
  • b. It can be used to prove the identity of a person.
  • c. Non-repudiation is ensured.
  • d. It cannot ensure the integrity of data.
Zusammenfassung anzeigen Zusammenfassung ausblenden

Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.

ähnlicher Inhalt

ARLA Level 4 - Management
Katie Shellard
ways fraudsters try to trick people out of money
tony thompson
developing IT skills level 1
tony thompson
Zivilrecht - Streitigkeiten BGB AT
myJurazone
2C Entwicklungspsychologie
petra.drewitz
Mediation
Antonia C
KORRE VO - Fragenkatalog überarbeitet
Jennifer Riegler
Vetie - Tierzucht & Genetik - S II
Fioras Hu
Vetie - Tierzucht & Genetik - S IV
Fioras Hu
Vetie - Tierzucht & Genetik - S V
Fioras Hu
Prüfungsthemen APSY EURO-FH B.Sc.
??? ???
Bibliothek durchsuchen