The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
CMIT 321 FINAL EXAM 2016
1. Buy here:
http://theperfecthomework.com/cmit-321-final-exam-201
6/
Final Exam
Question 1 1 / 1 point
__________ is the exploitation of an organization's telephone, dial, and private branch exchange
(PBX) system to infiltrate the internal network in order to abuse computing resources.
a. War driving
b. Line dialing
c. PBX driving
d. War dialing
View Feedback
Question 2 1 / 1 point
__________ cryptography is the most common method on the Internet for authenticating a
message sender or encrypting a message.
2. a. Symmetric
b. Hash-based
c. Private-key
d. Public-key
View Feedback
Question 3 1 / 1 point
__________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD.
a. Gnoppix
b. GeeXboX
c. Morphix
d. Damn Small Linux
View Feedback
Question 4 1 / 1 point
The __________ utility tests the integrity of an ODBC data source.
3. a. odbcping
b. ASPRunner
c. FlexTracer
d. DbEncrypt
View Feedback
Question 5 1 / 1 point
In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP
and Telnet, operate.
a. Internet
b. network
c. transport
d. application
View Feedback
Question 6 1 / 1 point
4. Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error.
They can fill in the username and password fields with __________.
a. a pound sign
b. two dashes
c. a single quotation mark
d. double quotes
View Feedback
Question 7 1 / 1 point
__________ allow attackers to pass malicious code to different systems via a web application.
a. SQL injection attacks
b. XSS vulnerabilities
c. Authentication hijacking attacks
d. Command injection flaws
View Feedback
Question 8 1 / 1 point
5. A __________ is a trusted entity that signs certificates and can vouch for the identity of the user
and the user's public key.
a. verification authority
b. certification authority
c. validation authority
d. registration authority
View Feedback
Question 9 1 / 1 point
Null sessions require access to TCP port __________.
a. 139
b. 141
c. 345
d. 349
View Feedback
Question 10 1 / 1 point
6. __________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft
SQL Server 2000 Desktop Engine) that allows users to issue queries to the server.
a. ODBC
b. SQLP
c. OSQL
d. SSRS
View Feedback
Question 11 1 / 1 point
The __________ file is used to determine which TTY devices the root user is allowed to log in to.
a. /usr/securetty
b. /etc/securetty
c. /var/securetty
d. /home/securetty
View Feedback
Question 12 1 / 1 point
7. __________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after
connecting to it.
a. CheckOK
b. SMTPCheck
c. SMTPMon
d. SLCheck
View Feedback
Question 13 1 / 1 point
__________ is a method of gaining access to sensitive data in a Bluetooth-enabled device.
a. Bluebugging
b. Bluesnarfing
c. BTKeylogging
d. Blueprinting
View Feedback
Question 14 1 / 1 point
8. __________ is a simple form of attack aimed directly at the application's business logic.
a. Authentication hijacking
b. Parameter tampering
c. Cookie poisoning
d. Session poisoning
View Feedback
Question 15 1 / 1 point
Once the Oracle database server has been traced, the first port of call is made to the
__________ listener.
a. SQL
b. TNS
c. TCP
d. PL/SQL
View Feedback
Question 16 1 / 1 point
9. __________ is a common and easy form of SQL injection. The technique involves evading the
logon forms.
a. Command injection
b. SELECT bypass
c. INSERT injection
d. Authorization bypass
View Feedback
Question 17 1 / 1 point
__________ gathering is the process of accumulating information from resources like the
Internet that can later be analyzed as business intelligence.
a. Competitive intelligence
b. Tracerouting
c. Passive information
d. Footprinting
View Feedback
10. Question 18 1 / 1 point
__________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned
third-party applications on the iPhone.
a. iFuntastic
b. iNdependence
c. iActivator
d. AppSnapp
View Feedback
Question 19 1 / 1 point
Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during
authentication. This is called the __________ value of an authentication header.
a. registration
b. site
c. domain
d. realm
View Feedback
11. Question 20 1 / 1 point
Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools
menu.