








































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
CPSA Github Questions with Complete Solutions
Typology: Exams
1 / 48
This page cannot be seen from the preview
Don't miss anything!









































Why can remote access VPNs not use Main Mode for IKE Phase-1 if the authentication method is pre-shared key? - ANSWERS-Pre-shared key authentication with Main Mode requires that the peer's IP is known before the connection is established. What is the blocksize of the DES encryption cipher? - ANSWERS-64 bits What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service broadcast Which is the least secure encryption cipher of those listed below? - ANSWERS-DES Which file in a user's home directory controls the trust relationships for Berkeley R services? - ANSWERS-.rhosts Why can remote access servers not use aggressive mode for IKE Phase-1 if the authentication method is pre-shared key? - ANSWERS-Because pre- shared key authentication with aggressive mode does not provide identity protection. What is the key length of the AES encryption cipher? - ANSWERS-128 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service broadcast Which is the most secure encryption cipher of those listed below? - ANSWERS-AES Which file in a user's home directory controls the trust relationships for SSH?
How do rwho clients query the rwho daemon using ONC/RPC? - ANSWERS- They can't. How do you establish a null session to a Windows host from a Windows command shell? - ANSWERS-NET USE \hostname\ipc$ "" /u:"" What is the purpose of the NET USE command in establishing a null session?
What is the purpose of the \hostname\c$ argument in the NET USE command? - ANSWERS-To specify the C$ share on the remote host. What is the purpose of the /u:NULL argument in the NET USE command? - ANSWERS-There is no such argument in the NET USE command. What is the purpose of the /u:"" argument in the NET USE command? - ANSWERS-To specify a null username. What is the purpose of the account lockout threshold? - ANSWERS-To determine the number of incorrect password attempts before an account is locked out. How many incorrect password attempts will cause the built-in administrator account to be locked out on a Windows 2003 system? - ANSWERS-The built-in administrator account will never be locked out. What is the purpose of the account lockout duration setting? - ANSWERS-To determine the duration of an account lockout. What effect would an octal umask of 0027 have on the permissions of new files? - ANSWERS-Remove group write access, and remove all permissions for others. What is the name given to the field concerned with the security implications of electronic eminations from communications equipment? - ANSWERS- TEMPEST Which of these is not a valid IPv6 address? - ANSWERS-2001:0db8:1428:57ab
What is the octal representation of the permission 'rwxr-x---'? - ANSWERS- 750 What is the octal representation of the permission 'rwxrwx---'? - ANSWERS- 770 What is the octal representation of the permission 'rwxrwxr-x'? - ANSWERS- 775 What is the octal representation of the permission 'rwxr-xr-x'? - ANSWERS- 755 What is the octal representation of the permission 'rwxr-xrwx'? - ANSWERS- 765 What is the octal representation of the permission 'rwxrwxrwx'? - ANSWERS- 777 What is the potential consequence of exploiting a vulnerability in an FTP server? - ANSWERS-Gaining administrative access. What does the command "finger 0@hostname" display on a Solaris 8 system? - ANSWERS-Users with an empty GCOS field in the password file. What are the four potential risk treatments? - ANSWERS-Avoid, Reduce, Accept, and Transfer. What does "export" signify for an SSL cipher? - ANSWERS-Weak cipher acceptable for export under old US regulations.
What is the significance of the "export" label for an SSL cipher? - ANSWERS- Cipher that was permitted for export under old US regulations. What is the meaning of the "export" label for an SSL cipher? - ANSWERS- Cipher that was weak but allowed for export under old US regulations. What is an "export" cipher in SSL? - ANSWERS-Weak cipher permitted for export under old US regulations. Which protocol is not vulnerable to address spoofing if implemented correctly? - ANSWERS-TCP. Which of these protocols is not susceptible to address spoofing if implemented correctly? - ANSWERS-TCP. What effect does setting the RestrictAnonymous registry setting to 1 have on a Windows NT or 2000 system? - ANSWERS-Prevents enumeration of SAM accounts and names. What happens when the RestrictAnonymous registry setting is set to 1 on a Windows NT or 2000 system? - ANSWERS-Enumeration of SAM accounts and names is prevented. What is the impact of setting the RestrictAnonymous registry setting to 1 on a Windows NT or 2000 system? - ANSWERS-Prevents enumeration of SAM accounts and names. What does setting the RestrictAnonymous registry setting to 1 do on a Windows NT or 2000 system? - ANSWERS-Prevents enumeration of SAM accounts and names.
What RPC authentication mechanism does NFS v2 and v3 use? - ANSWERS- AUTH_SYS, using Unix UID and GID Which of these statements about the Windows built in administrator account is correct? - ANSWERS-It always has RID 500 What is the built-in administrator account in Windows called? - ANSWERS- Administrator What is the only member of the "Administrators" group? - ANSWERS-Built-in administrator account Can the built-in administrator account be renamed? - ANSWERS-No What is the SID (Security Identifier) of the built-in administrator account? - ANSWERS- What does the "Root Squash" option on an NFS export do? - ANSWERS-Makes the root user on the NFS client access files as nobody on the server. How can blind SQL injection be detected? - ANSWERS-The web server behaviour changes when a successful injection is performed. What does the phrase "Inherent Risk" mean in risk management? - ANSWERS-A risk that is implicitly associated with an activity or location. What is the cipher mode that uses a block cipher to generate a key stream? - ANSWERS-CFB
What is the digest length for the SHA1 hash function? - ANSWERS-160 bits What is the default password for the DBSNMP user on Oracle 9i? - ANSWERS- DBSNMP Which of these groups of tools are commonly used for packet crafting? - ANSWERS-hping2, hping3 and scapy The active directory database file is: - ANSWERS-NTDS.DIT Which nmap flag enables OS TCP/IP stack fingerprinting? - ANSWERS--O Which of the following is NOT an EAP method? - ANSWERS-EAP-RSA What is the significance of the string "SEP" in the configuration filename of a Cisco IP phone? - ANSWERS-It stands for Selsius Ethernet Phone, which was the original name of the Cisco IP phone. What does Cisco Ethernet Phone stand for? - ANSWERS-No one knows. What does SIP Enhanced Phone stand for? - ANSWERS-No one knows. What is an IP option? - ANSWERS-Record Route Which services are all ONC/RPC services? - ANSWERS-cmsd, kcms_server, sadmind, snmpXdmid When was the Apache chunked encoding vulnerability fixed in version 1.3? - ANSWERS-1.3.
What does the FTP authentication mechanism do? - ANSWERS-Selects the authentication method for the FTP server. What does FSMO stand for in Active Directory? - ANSWERS-Flexible Single Master Operations. What is the TCP port for Microsoft SQL Server in hidden mode? - ANSWERS-
What are the six base SIP methods? - ANSWERS-REGISTER, INVITE, ACK, CANCEL, BYE, OPTIONS Which scan would be most likely to discover a firewall that blocks all traffic to itself from the interface connected to the network you are scanning from? - ANSWERS-ARP scan You find a system that is offering the NFS RPC service. What is the logical next step? - ANSWERS-Run "showmount -e" to list the NFS exports. What is this: password 7 052D131D33556C081D021200 - ANSWERS-A password encoded with the reversible Cisco vigenere algorithm What identifies the superuser on a Unix or Linux system? - ANSWERS-Any user with UID 0 (zero) in the password file. What is the purpose of the REGISTER method in SIP? - ANSWERS-To register a user's current location.
What is the purpose of the INVITE method in SIP? - ANSWERS-To invite a user to participate in a call. What is the purpose of the ACK method in SIP? - ANSWERS-To confirm the successful receipt of a response to an INVITE request. What is the purpose of the CANCEL method in SIP? - ANSWERS-To cancel a pending request. What is the purpose of the BYE method in SIP? - ANSWERS-To terminate a call. What is the purpose of the OPTIONS method in SIP? - ANSWERS-To query the capabilities of a server. What is an ARP scan used for? - ANSWERS-To discover the MAC addresses of devices on a local network. What is a UDP port scan used for? - ANSWERS-To determine which UDP ports are open on a target system. What is a ping sweep used for? - ANSWERS-To discover which IP addresses are active on a network. What is an SNMP query used for? - ANSWERS-To gather information from network devices that support SNMP. What is a TCP port scan used for? - ANSWERS-To determine which TCP ports are open on a target system.
What is the primary legal reason for obtaining written permission before starting a test? - ANSWERS-To avoid breaching the Computer Misuse Act. Which of the following statements about the time protocols "time", "daytime" and "NTP" are correct? - ANSWERS-"time" represents the time as a 32-bit value, "daytime" uses an ASCII string, and "NTP" uses a 64-bit value. Which of these is not a valid IP address? - ANSWERS-192.168.300. What command would you use to list the installed patches on a Solaris system? - ANSWERS-showrev -a or showrev -p On a Unix system, what is the effect of the execute bit on a directory? - ANSWERS-It allows the directory to be traversed. What is this: 17:58:01.396446 CDPv2, ttl: 180s, Device-ID 'chestnut.nta- monitor.com', length 404 - ANSWERS-A CDP broadcast What are the four mandatory transform attributes for an IKE Phase-1 SA? - ANSWERS-Encryption Algorithm, Hash Algorithm, Authentication Method, Diffie Hellman Group What command would you use to list the installed packages on a Redhat or Fedora system? - ANSWERS-rpm -qa Where are the encrypted passwords stored on a FreeBSD system? - ANSWERS-/etc/master.passwd What is the purpose of the /etc/passwd file? - ANSWERS-It stores user account information.
How can you get shell access to an Internet accessible web server behind a firewall that only allows inbound TCP port 80? - ANSWERS-Run a shell on the webserver and connect its control channel back to a TCP port on your local system. What is the next logical step if you find TCP port 111 open on a Unix system?
Which web application technology is expected to be most secure? - ANSWERS-A pure Java application. What is the purpose of the /etc/passwd file? - ANSWERS-It stores user account information. How can you get shell access to an Internet accessible web server behind a firewall that only allows inbound TCP port 80? - ANSWERS-Run a shell on the webserver and connect its control channel back to a TCP port on your local system. What is the next logical step if you find TCP port 111 open on a Unix system?
Which web application technology is expected to be most secure? - ANSWERS-A pure Java application.
Which web application technology is expected to be most secure? - ANSWERS-A pure Java application. What is a Perl application running under MOD-Perl? - ANSWERS-A Perl application running under the MOD-Perl module. What is a Perl application running as CGI scripts? - ANSWERS-A Perl application running as Common Gateway Interface (CGI) scripts. What is a PHP3 application? - ANSWERS-An application written in PHP version
Which nmap command performs a half-open or "SYN" TCP portscan? - ANSWERS-nmap -n -P0 -v -sS -p1-1024 hostname Which command will perform a DNS zone transfer of the domain "company.com" from the nameserver at 10.0.0.1? - ANSWERS-dig @10.0.0. company.com axfr What is this: 17:57:57.850175 802.1d config 8064.00:0c:85:f1:3f:80. root 8064.00:0b:46:48:29:80 pathcost 19 age 1 max 20 hello 2 fdelay 15 - ANSWERS-A Spanning Tree Protocol broadcast Which of these is not an ICMP message type? - ANSWERS-Host unreachable What version of NFS includes strong security, including strong authentication and encryption? - ANSWERS-version 4
What is a Perl application running under MOD-Perl? - ANSWERS-A Perl application running under the MOD-Perl module. What is a Perl application running as CGI scripts? - ANSWERS-A Perl application running as Common Gateway Interface (CGI) scripts. What is a PHP3 application? - ANSWERS-An application written in PHP version
Which nmap command performs a half-open or "SYN" TCP portscan? - ANSWERS-nmap -n -P0 -v -sS -p1-1024 hostname Which command will perform a DNS zone transfer of the domain "company.com" from the nameserver at 10.0.0.1? - ANSWERS-dig @10.0.0. company.com axfr What is this: 17:57:57.850175 802.1d config 8064.00:0c:85:f1:3f:80. root 8064.00:0b:46:48:29:80 pathcost 19 age 1 max 20 hello 2 fdelay 15 - ANSWERS-A Spanning Tree Protocol broadcast Which of these is not an ICMP message type? - ANSWERS-Host unreachable What version of NFS includes strong security, including strong authentication and encryption? - ANSWERS-version 4 What is a Perl application running under MOD-Perl? - ANSWERS-A Perl application running under the MOD-Perl module. What is a Perl application running as CGI scripts? - ANSWERS-A Perl application running as Common Gateway Interface (CGI) scripts.