







































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A variety of docker commands, including docker images, docker pull, docker run, and dockerfile, as well as several cybersecurity concepts such as tcp packets, icmp echo requests, udp packets, incident response, http protocol requests, and more. A mix of questions and answers related to docker and cybersecurity topics. While the information is not comprehensive, it provides a high-level overview of these subjects and could be useful for students or professionals looking to familiarize themselves with some basic docker and cybersecurity terminology and concepts.
Typology: Exams
1 / 47
This page cannot be seen from the preview
Don't miss anything!








































What command is used to generate lists of images that are stored locally and provides arguments for handling them? A) docker images B) docker pull C) docker run D) vi Dockerfile E) docker ps Correct Answer docker images What is the significance of the items listed in pwbdbg's backtrace? A) They are all of the functions called up to this point B) They are functions currently loaded in the CPU cache C) It is a list of functions that are about to be called D) They are pointed to by the GLOBAL_OFFSET_TABLE Correct Answer They are all of the functions called up to this point Which packet header field characteristic is a strong indicator of data exfiltration?
A) TCP Packets in a session with varying message data sizes B) ICMP echo requests with varying data field sizes C) UDP packets with invalid checksums Correct Answer ICMP echo requests with varying data field sizes During which stage of incident response should the adequacy of policies be examined? A) Lessons learned B) Eradication C) Recovery Correct Answer Lessons Learned What is a way to check the symmetric or asymmetric encryption? A) The Website's SSL certificate B) The Public Key C) The Private Key Correct Answer The Website's SSL certificate Which of the follow C:\Windows\System32 subdirectories may provide stored credentials from unattended installs? A) Restore B) Boot C) Sysprep D) Dism Correct Answer Sysprep
Examine the list from a Python program below. Which statement will display Oregon? PNW_states = [ 'Washington' , 'Oregon' , 'Idaho' , 'Montana' , 'Wyoming' ] A) print(PNW_states[2]) B) print(PNW_states(2)) C) print(PNW_states[1]) D) print(PNW_states[0][2]) Correct Answer print(PNW_states[1]) If you run the command "Python" on a Linux system where it is installed, what will happen? A)Python will list all currently installed libraries and modules B) The computer will run Python in the background upon reboot C) The operating system will prompt you for a Python code file to open D) An interactive console will open for writing simple Python code Correct Answer An interactive console will open for writing simple Python code A Web application is configured to validate a unique token value for each submitted user request. What threat is being mitigated? A) Local file inclusion
B) Cross site request forgery C) Drive-by downloads D) Command injection Correct Answer Cross site request forgery In the Python programming language, cast_list, shown below, is which of the following? A) Dictionary B) Tuple C) Array D) List Correct Answer Dictionary Which of the following is the name given to the behaviors that objects have in object oriented programming? A) Methods B) Functions C) Modules D) Procedures Correct Answer Methods Which of the following services would be a target for privilege escalation? 1: Microsoft Office Click-to-Run Service "C:\Program Files\Common Files\ Microsoft Shared\ClickToRun\OfficeClickToRun.exe" 2: CodeMeter Runtime Server C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe 3: TP AutoConnect Service
A) Tells the command to step into the address 0x80484ef B) Identifies the output format for data at address 0x80484ef C) Tells the command to stop after the address 0x80484ef D) Identifies the next breakpoint is address 0x80484ef Correct Answer Identifies the output format for data at address ox80448ef What is it called when a user makes a change to the master code in a Git repository? A) Pull B) Clone C) Branch D) Commit Correct Answer Commit A GIAC administrator has configured their company's web server to send an X-Frame-Options header in every request to an HTTP page. The admin has configured the option to use the values DENY,SAMEORGIN, or ALLOW- FROM. What attack is the administrator addressing with the techniques described above? A) SQL injection B) Cross-Site request forgery C) Cross-Site scripting D) Directory traversal E) Clickjacking Correct Answer Clickjacking
How do prepared statements help prevent SQL injection attacks? A) Query parameters are sent in the body of a POST request B) Queries are appended with an authorization token C) Query language is kept separate from user supplied data D) Queries submitted by users are HTML entity encoded Correct Answer C) Query language is kept separate from user supplied data If the user agent is used, where would it be found in the HTTP protocol? A) In the response body B)In the response header C) Delimited by an h1 tag D) In a GET Request Correct Answer In a GET Request What does it mean when a computer program is "multi- threaded"? A) It calls multiple external libraries B) It has multiple serial number for different users C) It can run multiple chunks of code concurrently D) It has multiple functions defined in the program Correct Answer It can run multiple chunks of code concurrently Which of the following is a common result of a reflected cross-site scripting attack?
A)Map a network drive to a remote host B)Identify services running on network hosts C)Execute a script on a remote host D)Send Spoofed packets to network hosts Correct Answer Identify services running on network hosts What type of artifact can a blue team member use to identify the name that is associated to the file? A)Metadata B)Windows security logs C)Prefetch D)File Ownership Correct Answer Metadata What is HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\C urrentVersion\Run considered to be? A)Domain Name B)Log File Path C) Registry Key Correct Answer A Registry Key If a user agent is used, where would it be found in the HTTP Protocol? A)In the response header B)In the response body C)Delimited by an h1 tag D) In a GET Request Correct Answer In a GET Request
What benefit does moving from local logging to using a log server provide organizations? A) Enables the use of network intrusion detection systems (NIDS) B) Harder for attackers to overwrite logs C) Attackers will have to pivot through an extra server to infiltrate the network D)Less complex logging infrastructure Correct Answer Harder for attackers to overwrite logs What is the only way to mitigate an integer overflow/underflow? A) Takin the absolute value of negative results prior to running the equation B) Checking that the result of any change to a signed integer falls within an allowed range C) Randomizing salt values prior to hashing user content D) Sanitizing user input to block special characters from being entered Correct Answer Checking that the result of any change to a signed integer falls within an allowed range Which Variable name will cause Python to produce an error? A)2nd_phone_number B)LASTNAM_ C)streetAddress D)_firstname Correct Answer 2nd_phone_number
ps aux | grep - i sshd | grep root A) Enabling logging for all root logins for the ssh service B)Terminating the secure shell service C)List of secure shell processes running under the root user D)Starting up the ssh service as the root user Correct Answer List of secure shell processes running under the root user When would a security analyst create a "TCP Socket" in a Python Program? A) When scanning the host computer for malicious software B) When creating a script to run against a network service C) When collecting information about the host computer's hardware D) When the host is running network services in the background during Python program execution Correct Answer When creating a script to run against a network service What is used to access the address of a variable in the C Programming Language? A) &giac B)*giac C) {giac} D) 8=giac=D Correct Answer &giac
What does the home folder contain? A) User Directories for every user on the system excluding the root user C)All of the directories on a system D) Only the Guest directories on a system Correct Answer User Directories for every user on the system excluding the root user What does the Local Users Management Console do? A)Create users within Windows B) Create groups within Windows D) Change your password Correct Answer Create users within Windows, create groups within Windows, Change your password What kind of storage system are in USB's? A)exFAT B)FAT C)NTFS D)HFS Plus Correct Answer exFAT When a new File is created what permissions are inherited? A) Parent Folder B) You set them when you open the folder C) Root Permissions
A) Dictionary attack against known user accounts on a website B) Dictionary attack against unknown user accounts on a website C) Search for valid accounts using a wordlist against a website D) Search for directories not link to public areas of a website Correct Answer Search for directories not linked to public areas of a website Where is the data from the GDB output shown in the image stored on the host? A) Master Boot Record B) BIOS C) CPU D) Random Access Memory Correct Answer CPU A web application is configured to validate a unique token value for each submitted user request. What threat is being mitigated? A)Local file inclusion B) Cross Site request forgery C)Drive-By downloads D) Command injection Correct Answer Cross Site request forgery Which exploit takes advantage of a web-page field that does not validate input?
A) Session hijacking B) command injection C)Password cracking D) Steganography Correct Answer Command injection Which computer component manages ongoing access to a computer's shared RAM and drive storage resources? A)Memory Registers B)BIOS C)Kernel D)Bootloader Correct Answer Kernal What Windows configuration utility can be used by a local administrative user to create an account which requires the password to be reset upon first login? A) Dynamic Host Configuration Protocol B) Family & Other People Control Panel C) Local Users Management Console D) User Account Control (UAC) Correct Answer Local Users Management Console When is a software interrupt issued by a computer? A) When a user switches from one visible program to another in the GUI B) When power is suddenly cut off the CPU C) When a user has not taken action in a pre-specified amount of time
Consider the TCP communication between two computers shown below. What will computer A do following Computer B's response? Computer A sends 20 bytes of data Computer B responds with Computer A's acknowledgment number + 15 A)Send a FIN packet to close the connection B) Send the missing five bytes C)Resend the entire packet D)Ask computer B what bytes are missing Correct Answer Resend the entire packet A user adds a new directory to a Linux system's $PATH environment variable, #export $PATH=$PATH:new_dir. What action will cause the updated $PATH variable change back to the original value? A)Closing and re-opening the terminal B)Running the command "rm $PATH" C) Echoing the $PATH to /dev/null Correct Answer Closing and reopening the terminal When a program runs on a computer, it temporaily loads code into memory that contains information about the program. The code is deleted when the program is closed. What is the instance of this code called? A) Process
B) Kernel C) BIOS D) Application Hint: Every time you run a program on your computer, a "BLANK" is created in memory. When you close the program, the "BLANK" is killed. Correct Answer Process What is a requirement for cross-site request forgery to work? A) The victim must be authenticated with the target site B) The Attacker must have root privileges on the victim's system C) The victim must be a member of the IIS_USER group D) The attacker must steal the victim's cookie Hint: CSRF involves an authenticated user clicking on a link that an attacker plants. This link will cause the victim's browser to perform an action using their authenticated credentials. Correct Answer The victim must be authenticated with the target site Which of the following commands will set or modify an environment variable? A) export B)grep C)nano